decrypting myths
pushing out of security policies is just
the tip of the iceberg.
The right NSPM solution should
incorporate a traffic workflow that
is focused on traffic fulfilment (and
therefore business enablement), rather
than rule creation. Imagine a dashboard
presenting the components of traffic that
need to be enabled on your network.
Your NSPM solution must be intelligent
enough to identify from that traffic
where changes need to be made to
the network. There should be no need
to manually tell that solution where
changes need to be introduced. And
where no changes are required to
enable a traffic flow, the NSPM solution
needs to be intelligent enough to identify
this and automatically close the request.
This avoids duplication and policy bloat
from the beginning.
Intelligent automation of security policy
must proactively assess for risk – for
example, automatically establishing
which change requests are high-risk
enough to pass to a director for sign-
off, which are medium-risk and can
be signed off by a change manager,
and which are low-risk enough to be
automatically approved with no manual
intervention is a key function for adding
value through efficiency. An even more
advanced level of risk assessment
involves tying different governance and
compliance frameworks to the solution’s
assessment and decision-making.
Finally, it’s critical that post-
implementation peer review be
completely automated too, rather than
via a secondary human review, which
many organisations rely on. This further
reduces the manual intervention required
for policy management and ensures that
the network analyst responsible for the
change request can be confident that
the request was implemented accurately.
This prevents premature closing of
tickets and avoiding defective policies
being sent to the business, and it drives
68
organisations towards a truly zero-touch
approach to network security.
An application-centric approach:
Setting the stage for the future
The NSPM solution’s automation
can also help organisations take an
application-centric approach to security
management, rather than a narrow
network-based view. This ensures that
the right security management activities
are performed in the right order,
through an automated, repeatable
process, and dramatically improves
business agility, without sacrificing
security and compliance.
It’s critical that post-
implementation peer
review be completely
automated too.
The right NSPM solution needs to
be able to take all your business
applications, arrange them in a table
and identify which rules are required
to make them work – dynamically and
in real-time. This enables application
owners, network operations managers
Issue 22
|
www.intelligentciso.com