Get to know us better! Gain valuable insights into how we think by visiting our blog, or take a look at the industry events we're frequenting on our events page. You can also geek out with us by attending one of our security management webinars, or dive head first into the products and solutions we provide in our Resource Library. There's lots to keep you busy!
There’s no question that one of the most significant challenges facing today’s IT and network security practitioners is the continued adoption of cloud-based services, along with the concurrent evolution of related networking methodologies including Software Defined Networking (SDN) and DevOps.
For those of you who followed the FireMon State of the Firewall Report released in March, you’ll recall that one of the key findings of our survey of 700+ respondents was that – contrary to some opinions – traditional network security infrastructure will play a significant role in emerging cloud, SDN and DevOps environments.
In fact, the “Emerging Paradigms” segment of the report found 87% of respondents attesting that traditional or NGFW devices currently play a valuable role in securing virtualized environments. Another 60% indicated that those mechanisms already play a valuable role in securing cloud platforms.
One of the related issues that we’ve heard from analysts such as Gartner’s Greg Young is that many organizations have taken the all too familiar “adopt first, secure later” approach to the cloud. The most common scenario finds IT organizations spinning up instances to suit emerging business requirements, then deducing after the fact that additional security controls are required.
The involved work is typically acquitted slowly and piecemeal, based largely on a lack of dedicated funding. A good deal of effort goes into migration of existing network security infrastructure, and more importantly network security policies, to support cloud services.
This week, longtime industry analyst Jon Oltsik of Enterprise Security Group published additional research supporting these conclusions based on a survey of 150 IT security professionals about “challenges associated with enforcing security policies in public and private clouds.”
According to ESG’s survey, 32% of respondents said their organizations use multiple public/private cloud offerings and find it “difficult to coordinate security operations consistently across all areas.” Additionally, Oltsik notes that 31% of respondents believe “cloud computing exacerbates communications and collaboration problems” between operations and other IT groups.
Other key findings identify issues applying existing security policies to the cloud, troubleshooting cloud security problems and managing security controls that span both physical and cloud-based infrastructure.
The fact is, when you add it all up, a set of complex security management issues related to the evolution of networking is rapidly formalizing, and organizations are struggling to address them. At FireMon, we’ve not only encountered this in our research, but more importantly among our customers, mostly large enterprises.
As this scenario plays out, more effective best practices and technological solutions will clearly need to emerge as well. We’re already moving to address that opportunity, as evidenced by FireMon’s support for Amazon AWS and OpenStack Icehouse.
The new FireMon security architecture group is also working actively to help push our solutions ahead of the curve so that we’re there to support customer use of these rapidly maturing networking paradigms and the inherent security management issues they create.
And we’re just getting started on the next State of the Firewall Report which will seek to further outline many of these trends. If you have specific issues you’d like to see covered, .
So you’ve purchased a new firewall. Now what?
You’ve got to decide which access is allowed, which isn’t allowed and whether or not rules are compliant with internal and regulatory standards.
Things are running along smoothly and then the dreaded “change.” A user submits a new access request and the fun begins. Is this access necessary? Safe? Compliant? And what happens when it’s time to retire unused rules?
How Effective Security Management Can Help Teams Cover the Exponentially Increasing Gap between Technology & the Resources Available to Manage It
Security teams today are under tremendous pressure due to the rising frequency and impact of breaches and a business that wants to move faster and faster. The answer to both of these challenges has always been to add more technology and staff resources.
However, each new technology added creates complexity. More rules are created and more data is generated. As networks continue to evolve, this complexity will only grow. And while staff resources may increase, they will never match the exponential growth of technology.
FireMon calls this phenomenon The Complexity Gap and has set out to help security teams close it.
Join us for this webinar with Frost & Sullivan where we’ll explore the causes of “The Gap” and how workforce multipliers such as intelligence and automation help staff manage their security more efficiently and more effectively.
Helping Enterprise Security Teams Improve Resource Efficiency & Reduce Overall Risk Exposure
Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating adoption to the new technology. But NGFWs aren’t a fix-all solution.