ELE Times December 2016 Electronics News in India | Online Electronics Mag | Page 48
Technology
Verifying Access
A major challenge to policy and access verification in hybrid
environments is complexity. The mixture of physical, virtual and
cloud networks with their various security groups and tags, as
well as traditional ACLs, makes manual comparison and analysis
almost impossible. But by normalizing this data and combining
hybrid network policies, network access can be analyzed end to
end and visualized within the model.
Microsegmentation Challenges
Historically, data centers have been protected by perimeter
security technologies analyzing north-south traffic into and out of
the data center. Traditional data center designs assume that all
east-west traffic – traveling within the data center -occurs in
trusted, well-protected zones. Recent data breaches, however,
have shown that this assumption is no longer valid.
Microsegmentation is capable of dividing east-west traffic within
the data center into smaller, more protected zones; but without
security visibility into how microsegmentation is implemented, it’s
difficult to verify that policy is adhered to across the network.
By combining and modeling north-south and east-west policies
network security teams can gain end-to-end access visibility
throughout their hybrid network. Model-driven visibility also
provides a more realistic view of applied policy at the host level
rather than verifying access only at “chokepoints” or gateways to
the virtual network.
Vulnerability Detection in Virtual Networks
One added benefit of modeling virtual and cloud environments is
scan less vulnerability detection. Security analytics applied to the
model can deduce vulnerabilities using product configuration and
version information. This can significantly decrease reliance on
active or third-party scans which are harder to operate on virtual
and cloud networks. Incorporating vulnerability intelligence gives
a fuller picture of how these networks impact overall risk.
Visualization
By unifying hybrid IT environments in one model and normalizing
their data, organizations can break down the barriers that
traditionally existed between physical, virtual and cloud networks
for comprehensive, streamlined security management.
This information can be further distilled into a simple picture of
the organization’s unique attack surface. Using attack surface
visualizations, CISOs to “in-the-trenches” security practitioners to
board members can quickly see the interconnectedness of their IT
infrastructure and where their most critical security exposures
lurk. Attack surface visibility gives an intuitive and deeply
analytical tool to make fast, informed decisions regarding incident
response, operations and security investments. It provides a
common language and reference to stop reacting to symptoms
and start treating root causes of security issues, creating a
proactive, holistic security program.
About Author: Ravid Circus has more than 11 years of experience
in the IT security and risk assessment industry. As Vice President
of Products at Skybox, Circus is in a pivotal role for Skybox with his
leadership of the Products group. Cirucs has helped to develop
and deploy automated change management processes in major
corporations all over the world.
ELE Times | 48 | December, 2016