Policy Automation‚ AI The New Normal

On-Demand

Video Transcription

Andrew Lintell:
Well, good morning everyone, and welcome to the FireMon Transform webinar on Security Policy Automation, The New Normal. Welcome to everyone. We’re just getting started now, we’ve got the viewing and people entering so the numbers are climbing, so we’ll give everyone a few more moments before we get started.

Andrew Lintell:
Whilst we’re waiting, I’d like to invite you to look out for our poll question, which you’ll see on the screen. And effectively, this is a poll question that we’re asking, we’d be very interested to know the answers from our audience, to do with security policy automation. And in doing so, you enter the chance to win some very fancy FireMon branded goodies and swag, so please look out for that. It will be available throughout the course, so about most of the presentation, but we’d like to look at the results before the end of the call so we will be closing it prior to the end. But please, do look out for that and cast your vote. Thank you.

Andrew Lintell:
Okay. Well, good morning, thank you for joining. I think we’ll get started now. And welcome to the FireMon Transform Security Policy Automation webinar. This morning we are going to be running through everything regarded to security policy automation, why it’s important. It’s really becoming an area that is getting a lot of focus now that we are in strange new times, and the power of automation to be able to help security teams better manage and facilitate change and agility within their own organizations.

Andrew Lintell:
During this presentation, I’m joined by some colleagues and a special guest, I’ll introduce them to you now.

Andrew Lintell:
So I am Andrew Lintell, I am the Vice President of EMEA of FireMon. And joining me, we have a special guest Bryan Littlefair, whose the CEO of Cambridge Cyber Advisers. Bryan also has been former Global CISO at several very large and well-known global companies, including Aviva and Vodafone, and will be providing some valuable insights to us during the course of this webinar.

Andrew Lintell:
In addition to Bryan, I also have some colleagues from the FireMon team with me. We have Nilesh Mapara, whose our Solutions Architect for EMEA within FireMon. I’m also joined by Kostas Lotsis, he’s one of our Senior Engineers on the EMEA team within FireMon as well. So welcome guys, thanks very much for joining me.

Andrew Lintell:
Just a reminder in case you didn’t hear me the first time round before we started, and that is effectively that we have a polling question, and we have a single question to ask you around security policy automation and really understanding what’s your biggest concern? You’ve not already adopted, what are the things that are actually holding you back? If you can have a look at that question throughout the course of the next 30 minutes or so and cast your vote, that will be very useful for us. We’ll cover the results later on in the call. And in doing so, you’ll get some very fancy FireMon swag sent to you, and some of its useful and some of its tasty as you can see. But by all means, please do participate in that, it will be much appreciated.

Andrew Lintell:
So let’s start the presentation. Effectively, as we are all aware, the world has taken quite a significant shift in the last few months. And it’s pretty important to us as a security vendor to understand how that is affecting our customers, and how it affects the decision making and the priorities within those customers. So we actually took the chance at the beginning of March, when COVID-19 really beginning to have lockdowns, and be obviously a major, major event for many countries, we took the opportunity to hold sort of a mini research session with a lot of our major customers, just to get and understanding of the sentiment that was being driven within those customers.

Andrew Lintell:
And we take several sort of snapshots of that sentiment throughout the course of how the crisis unfolded, and it became a very, very sort of key element that was really relevant to our customers and how we can actually adjust and understand their requirements to make sure that we’re providing maximum value.

Andrew Lintell:
And the initial response, I guess not a surprise to anyone, but at the beginning of March the sentiment was very much adapt to survive. It pretty much meant that every single project was paused, and all of the focus was put quite understandably on business continuity planning. The rolling out of that plan, enabling remote working, laptops, VPN connections, and ensuring at the very least that operations for the company can continue, all be it on a very different footing than before. Cyber security remained a priority, but it was very much focusing on no new projects, and all about basically, how do we keep the company in operation at the same time providing a degree of security and access to systems that was appropriate?

Andrew Lintell:
We asked the same set of questions with the same customers just six weeks later, so this was now mid to end of April, and we found a very different picture emerging. Broadly, business continuity planning had been rolled out and was already in place, and in essence the sentiment had changed to one of opportunity in crisis. So teams were asking themselves within companies, “How do I actually get us to the point now where we can take this situation, and see how we can use it to accelerate some of the transformation ideas that we have internally, in order to get higher and quicker value whilst this situation is playing out?”

Andrew Lintell:
And that was very interesting, because it really tapped into a core reason for why security policy automation is a valued subject, and that is for increased efficiency and agility. So that becoming the priority, particularly for the security and the operational teams, meant that a lot of customers were really reprioritizing exactly how they would invest and what they would invest in for the rest of 2020.

Andrew Lintell:
Being part of a cyber security kind of agenda, if you like, of course that helps. That’s very, very critical right now with the shape of company operations changing, then inevitably that puts stresses and strains in other areas of the organization that need to be addressed. And the question we found that was coming up more and more during these polling questions really was, how can security help enable, support, secure the increased agility and faster operations that the company now will require on an ongoing basis while things are in such a volatile state, and no real end in sight when you look at the potential tail that is on this particular crisis?

Andrew Lintell:
So the key takeaways really that we were talking to customers, and we continue to talk customers right now from this survey, was effectively that they are looking for more resilience, scalable and robust systems in operations. A lot of that has to do with systemizing how you would actually look at manual processes, and actually become more of an automated workload process. They were looking for more speed, less dependence on error-prone manual tasks for critical services, they’re looking for reduced risk and an increase in the natural level of compliance that’s required.

Andrew Lintell:
And really that is what forms the part of the transform webinar series that we’re in right now. We had an initial one a few weeks ago on Cloud, Hybrid Cloud and the adoption of that, and the challenges that represent it and how to overcome them. And today we’re here to talk about security policy automation.

Andrew Lintell:
Just spend a couple of moments of FireMon on the call who may not be aware of the company, we are one of the oldest vendors in the security policy orchestration space, founded in 2003. We’re a U.S headquarter company, but we have global operations. Obviously my EMEA team are based Europe, Middle East and countries the major territories within, and actually are able to handle everything from sales, pre-sales, personal services, project management, and ultimately, post-launch support. We have a good chunk of the Fortune 500 companies under our tutelage, so to speak. We have lots of awards, which I won’t go into.

Andrew Lintell:
But basically, a lot of our customers are leading brands in their particular field, and are particularly challenged with complex network, distributed environments, and increasingly sort of complex scopes of work and things that now the security teams are having to actually handle and enable themselves, which does mean that their lives are getting slightly more complicated, particularly where the ingress of speed is now required.

Bryan Littelfair:
So hi everyone, it’s Bryan Littlefair here. So I think as Andy said, security policy automation is the topic of the day, but especially in the environment we find ourselves in with COVID-19. I think that topic becomes all the more important, and certainly some of the clients I’m interfacing with several are looking how they can streamline and simplify their operations, and focus their scarce skill in terms of their security teams on the aspects of the security area that they actually need to focus on as human beings.

Bryan Littelfair:
A couple of topics I’d like to call out today around the cyber skill shortage, the Cloud migration, and misconfiguration. I think the environment we that we find ourselves in today, COVID has drastically altered the risk profile for some. It’s certainly altered the risk profile for all, and decisions have had to be made from a security perspective to enable the business to continue operating. But now we find ourselves in what will that new norm look like, and several organizations are changing the construct of how their staff work, where their staff work, and obviously that has an impact on the network, the infrastructure, the IT and the applications.

Bryan Littelfair:
And I think certainly from a security perspective, some of the security leaders who certainly approve changes to the environment and accepted risks, thinking that some of those risks were going to be temporary, and now have to think about how do we industrialize them, because actually it’s looking like some of those changes may be becoming more permanent. And certainly lots of organizations struggled to a greater or lesser extent to enable all of their employees to work from home. So there’s actually a big upturn in transformation, that has organizations looking to embrace the Cloud more. And obviously that has implications on the security aspects and how we manage the security of the organization.

Bryan Littelfair:
I think certainly, there’s a well-documented cyber skill shortage, and I see this in most of my clients all looking to grow their security teams at all levels, so whether it’s apprenticeships and graduates at the lower end of the organization into finding highly skilled and experienced resource at the top end. And I think there different is that skills shortage present across the demographics. And obviously organizations are working with academia, and working with governments around the world to try and influence people to focus their studies into what we call in the U.K certainly, the STEAM area, science, technology, engineering, arts and mathematics, because they seem to be some of the good entry points into IT and cyber security.

Bryan Littelfair:
So that’s cyber skills shortage is only going to compound itself as we go on, so I think as an industry we’ve got certainly a responsibility to help encourage that to grow.

Bryan Littelfair:
Cloud migration is something that, as I mentioned, we’re seeing certainly all of my personal clients focus on, how do they get those applications which were proven to be a bottleneck while people were working at home during COVID, how do they get them off prem, how do they get them outside of the organization so that they can increase the bandwidth, they can increase the availability, and they can increase the user experience. So there’s a huge drive towards shifting applications into the Cloud, but from a security perspective again, it has to be well-understood in terms of how are you going to manage that, how are you going get back the governance and assurance that you typically enjoy on-prem, in your off-prem environment, and not overburden the existing team, bearing in mind the skill shortages so that they can effectively manage that environment going forward.

Bryan Littelfair:
And one of the topics that I personally will keep touching on throughout the presentation, is the misconfiguration risk. When things happen and changes are made by human beings, we’re not infallible, we can make mistakes, and mistakes do happen. Certainly later on in the presentation we’ll cover what’s happened to some organizations, and how can that happen, but being very conscious of that misconfiguration risk. If things aren’t configured correctly, if they’re not locked down, if they’re not secured appropriately, it exposes you to not only breaches, but also outages and challenges when you’re actually making changes.

Bryan Littelfair:
So at the top of that, these are the three things that I think are really, really important to all of us on the call at the moment, and actually the COVID-19 situation brings it home a lot more, and we absolutely have to focus on these.

Andrew Lintell:
Thanks Bryan.

Andrew Lintell:
Well, let’s look at complexity, and currently right now, one of the most obvious areas I think if you are a security practitioner, is the sheer plethora of technologies that are currently in play within our environment, all with various different layers and vectors of security that are needed. Now, as we know, and as Bryan’s just mentioned, there is a cyber skill shortage, there’s a greater turnover of skilled security practitioners. And within companies this can cause an obviously major challenge on several fronts, not least the amount of training, the amount of awareness, and the sheer amount of kind of manual driven tasks that are needed to keep each of these necessary layers of security in operation and being effective.

Andrew Lintell:
This is a bit of an eye test chart that we have come across from some research that we’ve done, and even now I think it’s probably 12 months since this has been completed as a piece of research. And even now I think it would probably be even more complex, and even more of a blur if we were to update this chart. But you can start to see if you squint your eyes very tightly, you can actually see the amount of logos that sit, and these are the key vendors that are sitting in each of the main tenets of security. Now all of these need management, all of these need a degree of maintenance, support, training, requirements and feeding and watering from an operational standpoint, in order to maintain their effectiveness within the network.

Andrew Lintell:
And that sheer amount of technology, isn’t necessarily the problem. It causes problems because of the maintenance, and because of what is needed in order to get the best out of it, but all by themselves of course, they are offering very, very key solutions.

Andrew Lintell:
There was a recent survey done by CISCO that actually looked at adjusting this particular problem, and they found that within a Global 1000 enterprise, on average, there are companies out there that on average have 22 network security vendors to manage at any one time. And this is just opposed the fact that they’ve got smaller operational teams now than they’ve had before. In addition to that, managing more environments, more layers in terms of security across the network. So it’s quite a unique and challenging time to be a security practitioner. And another reason why you should be considering solutions of extensible and available APIs, to be able to help increase the amount of interoperability that’s happening between technologies, in order to try and create more of a holistic approach, and also of course, make a lot of gains when it comes to the efficiency, and management, and maintenance to this solution stack.

Bryan Littelfair:
So I don’t think anyone’s going to argue that organizations are living in a world of complexity at the moment with all of the external drivers, and compounding that, some of the internal factors that we’ve already looked at on the previous slide. So it’s definitely a challenging time for enterprises and organizations at the moment out there. And people and clients I speak to, very few have grown their teams and budgets exponentially at the moment when it comes to security, it’s very much a make-do-with-what-you’ve-got, but actually we expect more from you as the business is going through this period of transformation and change.

Bryan Littelfair:
And that transformation and change is definitely happening. As organizations drive adoption of Clouds and outsourcing of certain capabilities, that obviously increases the complexity of the infrastructure the individuals have got to manage. And ultimately, that creates a complexity gap that you’re looking at on your screen, as resources stay largely flatlined with a small amount of growth going on, year on year. But obviously the complexity of the infrastructure that they’re having to manage, grows exponentially as organizations look at different ways of interacting with their customers via digital channels, but equally evolving the network, and the infrastructure and the applications creating the complexity gap that the static resources have to be able to manage.

Bryan Littelfair:
There’s the old say obviously in security, that complexity is the enemy of security. So what can you actually do to start to fill that complexity gap? Well, certainly in my experience, security functions and organizations need to sit back, reflect and look at the larger picture of what’s going on in the infrastructure environments that they manage. They certainly should be looking at the roles and accountabilities of, what is the security function responsible for within that organization, and is it doing things that perhaps would be better suited elsewhere, maybe within the IT, or maybe within the risk function etc, so that you can focus down on the core activities that you absolutely have to perform to use that scarce resource to maximum effect.

Bryan Littelfair:
But obviously, to drive that simplification agenda to make sure that your teams are actually adding maximum value for the resource that you have, security policy automation is a great aspect to implement within your organization and enterprise. Codifying their static security policy into your environment, so it’s in a way self-managed leaving your human resource to actually interact with that, rather than having to configure manually and deploy manually. It really frees up the resource of the team, and actually can have a big impact on the effectiveness of the security organization.

Bryan Littelfair:
So the complexity gap exists for all of us, some are managing the gaps smarter than others, and I think that’s what we’re focusing on today is, how can we really drive security policy automation to maximum benefits of the people on the call.

Andrew Lintell:
Thanks Bryan. And I think just to your point Bryan, you’re talking about exactly the complexities and how they manifest themselves.

Bryan Littelfair:
Yes.

Andrew Lintell:
From my mind I think the most interesting thing here is, one of the most, if you like, obvious ones but at the same time not something we have talked about much in the past, and that is the threat of, or some of the costliest threats being misconfiguration related. This is the human element of the weakest link in the chain in many ways. We have a very interesting report which is available to be downloaded, which is the FireMon 2020 space of Hybrid Cloud security report.

Andrew Lintell:
And again, we polled our customer base and research organizations, to be able to pull together the current trends and the current, if you like, insight to see exactly what’s happening in the network. And we got some very interesting results in the report that we actually published back in February, not least that 83% of unplanned network outages were caused by mistakes made during an approved change. So within them, within process, and yet it was enough to be able to have such a high rate of network outage, due to either a misconfiguration of some description.

Andrew Lintell:
Because of the complexity of the network and there’s so many vendors to be able to be able to roll a change, or a policy change out across the network, the chances of manually being able to get that right are diminishing rapidly. And most interestingly, 70% of that as you can see, were caused by mistakes made on the firewalls themselves. So it’s a very, very kind of increasing concern amongst security practitioners is, how do we get more accurate, but at the same time how can we get faster? The two things are hand in hand, and are causing a majority of the challenges or preventing companies from progressing their digital transformation agenda more readily.

Andrew Lintell:
I think one of the most telling aspects for me as well, is just the fact that the costs, looking at it from a business standpoint, we’ve got outages from breaches are three times the costs of a non-breached based outage. The chances of getting it wrong and having an outage are increasing. And the penalty for getting the outage and a breach as a result, costs are raising exponentially as well. It’s 97% more likely to be a change-based outage.

Andrew Lintell:
So this is key kind of data that often goes into customers sort of business case building, when they’re doing their research and when they’re looking to prepare for a project. These sorts of insights I’ll be obviously happy to share with you on this call, but there are a lot of details and elements that we can help with when it comes to actually understanding the nature of the challenge and how that is manifesting itself within a customer’s organization right now.

Bryan Littelfair:
Okay, thanks Andy. So as the slide says, nobody’s perfect, and I think what Andy was going through on the earlier slide kind of resonates on this slide as well. I think personally I’ve had as a CISO, I’ve certainly had challenges on my watch as well. When you run a large global complex enterprise, you’re always going to experience issues and challenges on your environment. Mistakes can be made, but the objective of today’s call and certainly the objective of what I personally believe the CISO role to be, is to understand and drive down that risk opportunity for something going wrong, whether that’s in change or whether you’ve left a misconfigured device open on Cloud instance or open on your perimeter, and that’s just inviting something to go wrong.

Bryan Littelfair:
I think looking at some of the big brands that are on the screen today, and we intentionally chose big brands as a plethora of SMEs, because it shows there’s a plethora of public sector organizations we could have chose. And I think it’s symptomatic of the times that we find ourselves in. And arguably having to manage these massive global networks and all the complexity that they entail, as I said earlier, mistakes are definitely absolutely going to happen. And I think it’s really learning from these mistakes and understanding how you can understand what went wrong in these instances, and normally it’s a good writeup of actually what happened in terms of the breach or the misconfiguration that led to these issues for these organization.

Bryan Littelfair:
And really taking a good long hard look at how you manage your own infrastructure and applications, and understanding, could this happen to us. And I think if we’re honest with ourselves on the call, we all know that we’re carrying our own risks, we’re carrying our own weaknesses, and it comes down to effective risk management and effective risk reduction, and driving that conversation internally to minimize that where possible. And I think if it can happen to the larger brands, it can certainly happen to the smaller organizations as well.

Andrew Lintell:
Thanks Bryan. So looking at again, some of the more sort of fact based evidence driving some of the key changes that are happening, Cloud adoption is very much on the agenda, has been for some while. And indeed in the last few months, people moving workload and applications to the Cloud have actually increased, in order to provide the additional flexibility and agility needed for today’s environment.

Andrew Lintell:
Coming back to our 2020 Hybrid Cloud report, I think again, drawing out one of the most interesting aspects here and we’re really looking at now a very key point, and effectively, 59.4% of respondents agreed or strongly agreed that deployments of their business services in the Cloud, and this is the key bit, have accelerated past their ability to adequately secure them. And there’s literally a point at which things are moving too fast, they’re too complex, and not enough sort of bandwidth of staff and people to be able to physically stay on top of it. The needs of the business are now outstripping the ability for the business to service that need within this function.

Andrew Lintell:
So slightly terrifying, pretty key aspects that form why should we change, why should we invest in trying to get on top of it.

Andrew Lintell:
Over to you Bryan.

Bryan Littelfair:
Thanks Andy. So this is an area I’m personally very passionate about, and it’s certainly one that I see resonated in all of my clients as I’ve discussed earlier, but equally I’m pleased to say I’ve been involved with the university sector pretty much all of my security career, spanning a good 15, 18 years. And I’ve been into what they study at universities on security related topics, or actually going back to lecture and deliver content. And what I am seeing, is a massive growth in terms of people actually sitting on the course, and obviously great to see a better split in terms of demographics and diversity as well. So that’s really pleasing.

Bryan Littelfair:
I mean, some of the universities that I lecture at the moment, are having to split the MSC course into two streams, because it’s over-subscribed. So they have to run essentially two MSC courses. So that’s great to know that there’s a pipeline of talent coming through the organization as well. But certainly I think all organization are experiencing this issue. Some, it’s obviously going to be down to the location where they’re trying to find talent. Others, honestly aren’t perhaps paying the right amount to attract the talent to the organization. So there are other factors at play here, but I think we can’t mask the actual issue, that currently demand definitely outstrips supply when it comes to cyber resource.

Bryan Littelfair:
And I think that we need to ensure that we maintain some of the flexibility that we’ve inherited from the COVID challenges that we’re facing today. But I think that has taught us that we are able to work remotely, we are able to work flexibly, and actually our resource can be dispersed for some roles, not just across the country that you operate in, but globally as well. And I’m hoping that some of that stays with us to tackle some of the challenges that we’re facing, not just in the U.K. but certainly around the globe as well. But actually, when you pool that global resource together and allow people to work more flexibly, I think that’s one of the big challenges as well.

Bryan Littelfair:
But I think developing our people at all pay grades and skills, giving them a career, and actually recognizing that as organizations change, as they embrace Cloud, as deploy new technology, the skill set of the team needs to alter as well. It can’t remain static. So giving people the opportunity to grow and to learn, and to utilize some of those new technologies so that they can achieve their full potential, I think that’s really important as well. And you can see on the slide, that 47% report an inability to fully learn or utilize some of the security technologies to their full potential. So people want to move around, and they want to actually be exposed to new technologies, to be able to develop them as well.

Bryan Littelfair:
And another key point on there is, 40% claim that cyber security staff has limited time to work with business managers. And I think that’s symptomatic again, of the situation based on challenging security teams and challenging security budget. All security leaders want to get their team working proactive. They don’t want to be reactive, but sometimes they’re driven to be reactive based on the workload that they have and the challenges that have to be faced. So again, it’s about working smart, understand what can be automated, what can be simplified so that you can free up the workload on that team and allow them to focus more on developing those relationships outside of the siloed security team, and actually embedding with the business as well.

Bryan Littelfair:
And I think again, focusing on not just academia, but apprenticeships as well. I’m a big fan of pulling people up through apprenticeship side, bring them into the organization and developing their skills as well. I personally have great success with that. So there’s several routes into this industry, and I think we’re calling out for those types of people that are really energetic and want to drive that forward.

Andrew Lintell:
Thank you, Bryan. So we’ve looked at the complexities, we’ve looked at the kind of challenging environment right now, the cyber skills shortage, and increased kind of turnover of staff. We’ve looked at the amount of technology that needs to be managed, the needs of agility being placed much higher up the business transformation agenda, and therefore impacting on the degree of security to help enable that. Let’s actually have a look now at what you should consider when looking at a security policy automation solution.

Andrew Lintell:
I think it’s important that we look through three areas. So we’re going to look through kind of a high level business perspective, we’re going to look at exactly what is required from a technical decision maker, the actual solution itself, and look at also what is the need from the C-level. What is it that the business is actually trying to achieve? Before we go into this though, I just want to remind everyone we do still have the poll available, so I certainly welcome you, we’ve had lots of great responses and I’m looking for some more, and we can go into the feedback from that so far.

Andrew Lintell:
So you’ll find on the screen that there is the polling button and the question on security policy automation and what is your biggest concern? So you get to select one answer, but please do so, it also enables you to receive some FireMon goodies at the end.

Andrew Lintell:
Great, so let’s get into the considerations piece, and for this I’m going to invite Kostas Lotsis also into the conversation with Bryan and myself.

Andrew Lintell:
Typically, when we start a conversation with a customer, obviously we’re trying to understand base principle. But really, when you talk about automation, it’s quite a wide subject. So specifically with policy automation around security, we are looking to kind of understand what needs to be achieved, what is the outcome, what are you actually looking for in the solution to deliver to your business. And one of the key areas is understanding, well, typically what can you actually automate? It is definitely a process, it is an area where you are really combining technology process and people in order to achieve best outcome. So really taking some time to understand exactly what that automation spectrum may well look like.

Andrew Lintell:
In addition to that, we would say that wherever possible you should be looking, for any vendor that you talk to., you should be looking for someone who’s got a proven maturity model. And that is because it’s such a complex area to get started, it’s very, very key to get lost in… It can get lost in the weeds a little bit. So you’ve got to be able to establish the business reason, but also then have a very clear measurable process about how you’re walking through the various layers towards the next maturity state within the automation model. We’ll go through our maturity model later, and it’s pretty unique, and it helps again, customers understand exactly what is the value point at which stage in the adoption journey.

Andrew Lintell:
And it’s that sort of key message that can also form the basis of the investment decision in the first place, and getting the project kicked off. And having a methodology and actually having an approach. It’s not just about putting in technology and flicking a switch, it’s really getting into understanding the way that your business operates, the unique challenges that your business is going to have to deal with on a day-to-day basis, the resources you’ll have to be able to meet that challenge, and how we can best optimize a lot of the processes that already happened in order to take that workload off the shoulders of the physical operations team.

Kostas Litsos:
Yeah, and I think Andrew, if we look at the maturity model, we have to consider where automation can actually go in. So for example, if we have the five stages of a maturity model, which is initial, repeated, defined, optimized and managed. At the initial stage, we only consider what changes can be made, how we can make the changes. Then when we feel comfortable, the changes go to the repeated stage, but at the defined stage, we know what exactly and how the model should look like.

Kostas Litsos:
So at this stage, this is where automation will come in, because as soon as we’re at the defined stage, then we can actually move to the optimized and managed. So in this way, we can actually adopt automation at a much faster pace, yet ensuring that we have security at the back in this, and their policies are followed.

Andrew Lintell:
Great. Thank you, Kostas.

Andrew Lintell:
And looking at some of the other elements that we’ve got here, and understanding how, and where and when the various different areas of value will be delivered, is a pretty key approach to have. As I’ve said before, it’s not a binary switching on automation. There is the ability to be able to test, tune, as you say, implement and then move to the next stage. And the more you do so of course, the increasing value and return is able to be achieved in the project. But understanding exactly what that time placement and value is of the solution that you’ve selected, is pretty key.

Andrew Lintell:
Kostas, do you want to take us through the-

Kostas Litsos:
Absolutely.

Andrew Lintell:
… security policy and IT controls? Yeah, great.

Kostas Litsos:
So, if we’re looking also into the security aspects, in general what we actually have to take into mind is, security transcends technology. So no matter what kind of technology we have in place, there’s always going to be a security policy that we have to actually adopt to. With this security policy though, we can have different technology there, but the main thing is that what we actually wish to implement follows our policy.

Kostas Litsos:
So there are a few drivers around that level we can actually address, but then again we have to look on our use cases and also how we can achieve those results. So there can be a few areas that we can look at, especially for the technical decision maker, that we have to have some consideration.

Kostas Litsos:
So if we go to considerations and also for the business, what we have to look at is basically, what are we trying to achieve. What is the overall objective of the business? And so of course the security has to align, it comes from the top, the CEO, the CIO, they will actually define what is the direction that the business has to go to. Does it actually fit with the whole agenda that we wish to actually implement and drive our business to the next stages, and what approach are we willing to take? That approach, is it going to be a step-by-step approach, is it going to be a more kind of quick approach that we can go from step A, not A, B, C, D, but we can go directly into implementation, or we can actually adopt those stages much faster.

Kostas Litsos:
So we have to actually see what kind of solutions we have then, that they can act as enablers to take us from the point that we are today, which is basically the actual state of our business, to the desired state. And it might be the case that we have to actually see, “Okay, I take these steps, how do I actually measure success? Is it going to be success by the amount of changes that I make? Is it going to be success by how fast applications and platforms are actually implemented, and enabling the business to actually drive the efforts?”

Kostas Litsos:
So we have to actually see what KPIs are we going to look into, that can enable also the business, the executives, to make the right decisions. And then we have to see what are the business organizations, without the business leaders but they have to be involved. It cannot be just one, let’s say side of the business who we just employ one and we just ignore the other. So for example, we can have all the technical people and they can actually insist that you have to have security controls X, Y and Z, but what does this mean about agility? What does this mean about moving the business forward into making reality how they desire the way it should be in terms of business and at the same time maintaining security throughout that whole journey.

Kostas Litsos:
So you have to seriously consider what kind of vendor or partner you have to be with. Are they in the forefront of automation? Do they actually have a flexible easy approach? Do they have solution that has for example an API that is open that can actually be used, because it’s not just, “Okay, I have an automation solution,” but how does it integrate with my processes? How it can actually fit as a middle work for example, sometimes that can enable all the other interactive systems around it that can actually drive the change control, drive the business forward.

Kostas Litsos:
So if we’re looking into that, this is from the business perspective. Other technology person, I would say there are some considerations that we have for the technical decision maker. And a lot of times we look at it and what do we actually have to consider here? Well, first of all, what I see in the market again and again, “Oh, we do automation.” Yes, but is it current, or is it just a kind of rebranded legacy kind of software design? Can it actually work in the modern infrastructure in an Agile automated environment like Cloud or software defined networks? Because you cannot have a full automated solution in part of the network, and then you go into firewall management and you go in the centralized system that you want to bind it all together, and then the solution it was not designed for that.

Kostas Litsos:
It was basically a solution that was designed in the past, and can actually not cope with current times and the future. So what regarding firewall will have the complete engine within our modules? So it’s a unique concept and technology, which understands your firewall estates, and evaluates what needs to be enforced in terms of changes and continually inspects and makes those necessary amendments. So basically, you reach the desired state of security, the desired state of how you want to run the business in a fast agile way, and at the same time you stop misconfigurations. And this is what we actually need to stop, stop misconfigurations, have a model that is fast.

Kostas Litsos:
At the same time, I mentioned about API. A lot of times we see that the API for certain applications is restricted, it cannot interact. What we really want is to have an API developed around the solution itself, which we actually will do in firewall. It’s open, you can call it, it cannot be a show stopper for integration. So we can interact with other systems, whether this is firewalls, picketing systems for changes, whether this is Remedy, Service Now, all those systems, or in a central repository like a CMDB.

Kostas Litsos:
But then again, we deal with big organizations. So we have organization that have thousands of firewalls, and the solution has to be designed to scale. So if we take that into consideration, and I can have two or 3000 firewalls, can the solution cope with that, can it cope with changes? It’s also the end points that have actually grown, so we can have access points or nodes where actually we can impose controls, ACMs, firewalls, NSDs, VPCs, you name it, it’s all there. But it’s not the changes that we make every day, it’s also the amount of changes that has to actually sit in a redundant infrastructure to ensure business continuity and disaster recovery.

Kostas Litsos:
It doesn’t mean that if something happens in the business, my changes, my firewall changes will stop. Maybe we’ll have a freeze in one area, but it doesn’t mean that we’re going to have into another. So it must continue to operate, it’s a 24/7 business. And at the same time, if you have an API as I mentioned earlier, it has to be easy to integrate with Ticketing or SIEM. There’s no point having a centralized management solution for your firewalls, without being able to enable their change control process within the organization, because change control is a business enabler. But we actually do, we also want to mitigate and reduce risk.

Kostas Litsos:
So if we use the computer engine within FireMon, not only we integrate the automation to the Ticketing and changed systems, but it’s a seamless and transparent process to the end user. So this means more changes, continuous changes, continuous enforcement, and basically that ensures that we adhere to the principles of security in terms of confidentiality, integrity and availability, and we reach a desired state for our business.

Kostas Litsos:
At the end of the day, it has to be easy to adopt. There are so many solutions around that they need customization. You get the solution, you spend about six months to customize it. No, it cannot be that way nowadays. I used to run a firewall team, and we had so many changes and we were busy people. Firewall engineers are busy people, they cannot really have to depend on additional complexity in a solution. So what we actually do within FireMon, it’s a simple, non-complicated solution that basically gives you the right approach, how to make changes, how to inspect your infrastructure and how to do all the basic or advanced tasks, but we don’t sacrifice your time.

Kostas Litsos:
So we appreciate the time of an engineer, and we actually give the right solution to enable it to make the work faster. It’s an end-to-end approach, so we do cover the whole life cycle of the firewall. So from the initiation, let’s say over a change, putting a firewall rule into place, maintaining and eventually removing and then cleaning it up.

Kostas Litsos:
Now, there comes a question, and it’s a question that I get asked a lot of times, “So what do I really need to automate?” Well, we have to look all around the business. So each business is part of the business that will require different parts in terms of automation. So, “Can I get some reports,” risk and compliance are going to ask, and “What are these reports going to be in terms of, are they regulatory reports?” Or, “Do I need to automate my firewall changes, or do I have to actually make my workflows adaptive to them, and to the needs of the business?”

Kostas Litsos:
So what I need to do? I need to do my due diligence before automating. So I need to know what’s the first things that I need to automate, where do I need to go back and refine the process, and at the end of the day, can I demonstrate due care after adopting automation? And this drives us to, what do I really need to do here? With reporting, I can actually see where exactly my business stands, I can actually reduce the risk by adhering to compliance and regulatory standards, and then at the same time by embracing automation, I reduce my costs, I reduce my misconfigurations, and the overhead can actually burden teams when they’re making the changes.

Kostas Litsos:
Now, if we’re looking on the benefits, I’m just going to recap here on the frictionless security automation. So all these changes are dynamic, so they’re fast and furious I would say, so we instantly adapt to the network changes to create a state of security. What does this mean? We recognize that changes were happening in real-time, so our computer engine can make the right decisions at any given point in time, and we can actually see whether a rule is compliant, so we have an embedded security. So before any kind of change we actually check if it adheres to our compliance rules. So if clear text protocols are not allowed, they’re never going to be allowed within the business, so at least we know that we’re not going to actually run the risk of somebody using applications or software that they shouldn’t be using, or ports that are opened but they shouldn’t be allowed.

Kostas Litsos:
Now, we have to actually see how we can translate business intent. Now, everybody’s using mobile phones, and I don’t know if anybody remembers phone numbers. We actually just click and we just make a phone call. What is this, this is a tag. So we don’t need to know IP addresses in the network world, we don’t need to know all this kind of complicated information, all we need to know is, “I want to connect from A to B.” Do you understand that as an end-to-end user? Do you use a tag? So that’s as easy as it has to be. So we have to translate the intent, what do I actually need to do, rather than just going into a complex complicated path that basically slows down the business, and slows down the automation part of the business.

Kostas Litsos:
So embracing all this, we actually have this automated distribution concept. So we enforce, we have a continuous enforcement of all our technical controls, and this is how we reach our desired state of security intent. How do I want my business to look like? How it is now, how do I drive it with automation to the desired state?

Kostas Litsos:
Now, on the triggers on the security events, this can be different. Imagine I’m sitting here and I have to make a few changes next week, that’s fine, I can do the changes. I can prepare for the changes, I can make all the right approvals, but not all the changes come in now. They come in different stages and different sizes. So what we can see, we can happily be sitting having a cup of coffee, and then suddenly we have a major threat event. Then off our firewall team goes to actually see is it actually a breach? At the same though, we have changes to make later on in the firewalls, and somebody has to sit there manually doing those changes, but that’s not the right approach.

Kostas Litsos:
You take all the firewall team to look of course at the very serious incident, but a lot of things are going to fall behind, so put automation in place. Have it to address all the changes that need to happen, leave it running in the background on scheduled enforcement windows so you’re not going to miss any kind of deadlines, and the actual firewall team or the cyber security team can focus on impacting on real-time incidents, but they don’t have to worry that they have to catch up with any other work that needs to be done manually. Automation will take care of that.

Andrew Lintell:
Thanks Kostas.

Bryan Littelfair:
So I think-

Andrew Lintell:
Excuse me, after you Bryan, sorry.

Bryan Littelfair:
So Kostas’ just given us a great amount of useful information there, and from my perspective if I take all of that onboard and I look at what I would be looking to achieve from a solution like this, then it’s all but efficiency. The ability to visualize a very complex network, personally as Kostas said, they’ve managed environments with multiple thousands of firewalls in, you certainly don’t want to be seen as the blocker to the business driving change because of a very complex infrastructure. But certainly, we’re not just talking about firewalls today, we’re talking about how to automate your infrastructure to make it more efficient.

Bryan Littelfair:
And I think you just have to look at some of the KPIs the business is measuring in this space, things like time to successful change, and also change not resulting in a P1. And that just shows how complex some environments are, that they’re expecting change to cause a priority one outage, and that’s ultimately what has to change, and that’s ultimately what certainly automation can help to deliver.

Bryan Littelfair:
So I think you look at some of the benefits you can achieve. Now, the single point of control, the single version of the truth as I like to call it, or the single pane of glass, the ability to visualize and manage that whole space. Being able to improve on the SLA, so to actually be able to drive, check for more efficient change into the organization. So it’s transforming and changing quickly, but actually maintaining quality, and I think that’s really important as well.

Bryan Littelfair:
And certainly, I’ve worked in organizations that have been on the full journey, starting at Waterfall, dabbling in Agile, going fully into Agile and then into a DevOps environment, and suddenly you find yourself having to support this continuous integration, continuous delivery, several co-drops per day, changes in infrastructure and environment, and that’s very complex for someone to stay on top of. So the tooling that can be delivered in this space to make that more simplified, but also give you the assurance that the security is maintained, is absolutely key.

Bryan Littelfair:
And I think certainly on the third column there, this was the future but I think it’s here now for certainly many of us. And again, the COVID situation drives that. Being able to manage that Cloud environment as efficiently as you would on prem, certainly allows a lot of security leaders to sleep more effectively at night. So being able to understand the risks at present, being able to do the automatic asset detection, understand when sensing something’s torn up, or spin up or torn down, and wrapping the right appropriate security controls around that is absolutely key as well.

Andrew Lintell:
Great. Thanks, Bryan. We referred earlier on to the need for a maturity model, and with FireMon it’s a core tenet of what we deliver to customers when they onboard us in an automation use case. But you can see from the previous use cases that Bryan’s just talked about, there are lots to choose from. But I think it’s important the customer’s do have a very clear view as to what it is they’re actually trying to achieve, and actually then we then just start focusing on the value that can be delivered on that particular use case.

Andrew Lintell:
The maturity model will extend to all of those use cases, and it really is an idea where we are able to help track customers from a manual or relatively manual state on the left-hand side of this slide, to fully automated and continuous on the right-hand side. And it can be delivered in stages, and those stages can move as fast or as slow as the customer needs depending on again, the desired outcomes and requirements needed to achieve the end goal.

Andrew Lintell:
But what’s very important is, is that it’s happening in a very managed and staged manner. The methodologies that the teams will employ, the understanding that’s required of the actual object, or the network, or the process that we’re looking to automate, and then understanding exactly where the limits are, where we can actually put in golden rules as kind of guard rails that will enable a much faster decision making process in a lot faster and safer way.

Andrew Lintell:
But typically, one of the most interesting things for me, is how the time to value also then starts to tweak up. So if we look at the bottom of the box on the left-hand side, automated design, typically the changes there are from weeks to days. So already quite a big gain can be realized within a business, in order to make these changes actually happen a lot faster and a lot cleaner. And as we move towards a fairly more automated state, then actual sort of time to realization then really starts to compress significantly as well. So it’s quite a useful method of measurement as the project progresses.

Andrew Lintell:
But there is a point, and the point in the middle of this particular process, if I were to draw a line right down the middle of this particular slide, we start to see where you are moving your maturity status in an organization from being reactive to environmental changes and the need, to a point at which the critical map is, if you like, achieved within the project, where the system itself is actually monitoring and reacting to environmental changes. And that’s where you can get that next degree of value, that next sort of speed input, if you like, that we can kind of create an enforcement environment that is much more automatically driven, and is in a safe and kind of controlled manner.

Andrew Lintell:
And it’s this maturity model really that we will walk customers along as we go through the roll out of the project.

Kostas Litsos:
Thanks Andrew. And we see now that we have a Security Policy Management 2.0. So what happened to 1.0, what happened to 1.5? Well, I think we mentioned earlier in the discussion about the maturity model, so this is more how actually we’re going to mature and then approach. And this when we reach, let’s say the optimized phase, where we can actually evaluate how we can actually make things happen.

Kostas Litsos:
And with FireMon, we have the ability not to just actually see everything, because we integrate real-time, we have a visibility that is throughout the network, so we can actually see, “What is my attack surface, what are my  field agents,” and in this way we can actually eliminate any kind of path or any kind of lick path, and at the same time see if we have anything open on our firewalls and basically take remedial action.

Kostas Litsos:
But then at the same time, we actually have to put together a service that requires a lengthy professional services process. So we can actually leverage what we have at the moment, and we automate all the tasks that are time consuming, but of course they’re very critical to the smooth operation of the business. But we cannot do that, because just the automation is just one part. We should be able to actually adapt to change, and what this means is basically that we know that every single point in time how our estate looks like, how it evolves, how it changes. And then we actually, in just this information, we take this information away and then we present what exactly needs to happen in the next stage.

Kostas Litsos:
And then when this next stage can be new approach to automation, we see that a lot of times our environment is going to grow. And when our environment is growing, when we actually have a question, “Can we actually scale at the same time?” So the way that FireMon is designed, the architecture, it doesn’t actually limit organizations when they actually desire to make the next step and make a big move to actually use the solution in larger environments, more complex environments.

Kostas Litsos:
At the end of the day, this is all we actually have to consider, is that, we have to mitigate the risk, we have to minimize the risk, we have to protect everything in a network wherever this is. Even if it is firewalls, any kind of devices, whether this is on the Cloud or on prem, we just have to make sure that we have the ability, there is adequate protection in terms of security in all of our devices, and this has to be done at a very simplified, very easy approach to the user and to the business so that at any given point in time we know where we are.

Kostas Litsos:
Now, if we are looking into making changes to introduce change, and this is something I have come across, those fantastic flow charts with multiple and multiple people that they have to uproot in changes. And what we actually see is, that this traditional workflow has been used and used, and it’s still in use, and literally exhausted over the past 20 years or more. In smaller organizations, we actually have a clash, because you have two or more individuals that carry the same role, so we don’t actually enforce separation of duties, but that’s another matter of security.

Kostas Litsos:
So is that approach flexible? Is it easy to follow? I don’t think so. I don’t think that we can actually do that nowadays. We have to be more agile, we have to actually speed up those steps. So in theory, it was great at the time that it came out, but in practice, it doesn’t actually work a lot of times. I have seen in my times in my previous roles, I have seen changes being approved by different orders, by different people just following the process without knowing what the change is or what the impact is. So yeah, you follow a process, but you actually approve a change, and businesses don’t talk to each other and somebody goes and removes, or adds something, or takes down a system or a firewall, or somebody is basically trying to introduce a new service.

Kostas Litsos:
So yeah, fantastic, but… Or, they actually introduce a risky service to the business. So they don’t talk to each other, so how do you make sure that you have in place your policies and they’re automated so these clashes cannot actually appear? And if you have 10 or 20 firewalls in a single chain that they can impact different sides of the business, how do you ensure you have visibility of what is going to break? So great picture here, fantastic workflow, but it doesn’t actually work in the modern environment.

Kostas Litsos:
So what we actually propose with FireMon is, is it better to actually an approach where we know that we enforce continuous change and compliance, but we can actually see if we are a threat to our security practices. If we have a model that can actually go fast and make the ultimate evaluation and decisions within the platform, without having to actually go through multiple steps of approvers, of technical approvers that they basically slow down the whole process. Because at the end of the day, we don’t really want to make a change that should take really a few hours, to make it last a few days because somebody has not actually approved that specific change.

Kostas Litsos:
So with that, we have also example, which are typical to the IT world and what I have seen. We move objects to a new location, and here’s a list, we just put a workflow requirement. We have a static workflow, and remember those customer workflows, they can cost time and money a lot times. So we need to actually have a flexible approach of how actually we put together our changes. So we have made a request, and if we are lucky this is going to be approved and it’s going to take about anything from a week or two weeks depending on how big is the firewall he needs, and if it goes in the queue for the security team to approve it.

Kostas Litsos:
So it would be nice to integrate to a nicer system, to talk to each other via an ADI. And basically, when this object is moved, this IP address is moving, it’s actually the system recognizes that and takes away and places the right rules into the firewall, and this is happening in a continuous fashion. So the time let’s say, from giving my business in terms to actually make that change for the time to change, it’s not going to be 14 days, it’s not going to be seven days, it’s going to be minutes. So that’s a big game changer.

Kostas Litsos:
The ability to actually have making results with minimum intervention, and at the same time maintaining your security, I think it’s one of the biggest and available revolutionary steps that they has been made in automation, and it’s all down to FireMon that we actually have an agile platform that enables that.

Kostas Litsos:
The same is also in an environment with DevOps. DevOps, they make changes, hundreds of changes a day, so automation is the perfect area for them to embrace. But how can we enable DevOps to actually deliver changes for the software, deliver new platforms? We’ll have to have automation, otherwise changes of course are going to take a long time, and also how to ensure that misconfigurations are not going to happen. So we have to put all the guardrails around those changes, to ensure that every single request is first, against the security policy. We enter also that we make the changes in a timely manner.

Kostas Litsos:
So if we’re looking into the workflows as well, there’s going to be a point that we have to actually with steps, and it can be different environments, or it can be a certain level of automation. We try to minimize the steps, however this is not always achievable, in the sense of in higher regulated environments. But the main thing that we will have to avoid here, is making workflows that are too complex, too complicated, and they need a lot of customization. If we need to do that, that’s an approach that FireMon can address, however, we try to actually have out-of-the-box ADW workflows that everybody can actually use, and they can actually make the implementation faster.

Andrew Lintell:
Kostas, if I may? I’m just going to… While you’re on that point and we enter the last 10 minutes of the presentation here, I just wanted to give everyone an update on the poll question that we asked, which was, security policy automation, what is your biggest concern? And it’s been very interesting. Thank you firstly to all the audience, they’ve been very interactive, there’s been lots of questions asked that we are going to follow up with after this session.

Andrew Lintell:
But also, looking at the poll question, over 45% of responses have been around the complexity, the concerns. The complexity of implementation and maintenance of workflows is a major concern. That’s 45%. So exactly speaking to your point there Kostas, where the ability to be able to have an intent-based security that can help anticipate and understand what is the requirements of a change, and how that change is impacted, that workflow is impacted when there is a change on the network. So very key point. I thought I’d share that with you while you were on that point.

Kostas Litsos:
Absolutely, and a lot of times we see workflows that are embraced for years, and then suddenly somebody says, “It doesn’t work anymore, we need to actually take a different path. We need to actually have this as a business enabler, rather than stopping us from basically doing what we have to do on a day-to-day basis,” and how we enable that as well. It doesn’t actually have to always be agreed, it doesn’t have to be… It can actually… As long as we have an open API and we have a change control system, I think in the system everything can be done in an API with FireMon.

Kostas Litsos:
So we can actually act as a middle work, so with different systems, whether this is a Ticketing system, we can actually put the change in place. So if a user initiates… declares intent for change, it can actually go on a seamless process using our API. And our API can take different forms as well, it’s not just enabling a change controller or a ticketing system. It can be queried, it can actually work with CM systems. So it’s open for use with any kind of different business needs.

Kostas Litsos:
So Andrew, if you want to actually…

Andrew Lintell:
Sure, no problem. Yes, it’s just to that point really again, understanding. We’ve had quite a few questions from the audience in terms of degrees of how wide can the solution cover, and the most important thing is that it has to be wide. We have to have kind of deep levels support for multiple areas of the network in order for it to be an interoperable layer, a platform if you will, that is able to draw together technologies, be able to have bidirectional control over those technologies and the policies sitting on them.

Andrew Lintell:
So without going into too much detail here, you can see that the vast majority of the main platforms are supported out of the box within the FireMon ecosystem. And in addition to that, because of the work that we can do with APIs and customization, and of course frequently there are requests from customers to help support things that maybe are homegrown, or are specifically applications.

Andrew Lintell:
So we have a wide range of flexibility in terms of ingest and inter-operate with other systems and third-party devices, whether that’s Cloud related, or whether it’s DevOps Tooling, or whether you’re talking about a whole plethora of different environments.

Andrew Lintell:
Kostas?

Kostas Litsos:
Yeah, absolutely. A small pause around there, I was looking at this wonderful screenshot. So we mentioned about our integration with different systems, and we also mentioned about a traditional workflow, and this is the time to change how we actually address times in terms of weeks to implement a change. However, wouldn’t it be brilliant to just actually have it into one step? Wouldn’t it be brilliant to actually have this fast path in terms of changes, whether this is on the Cloud or on prem?

Kostas Litsos:
And these are the major events to automate. Do I actually have to go through all of the traditional steps of change control? Yes, I do, but can I automate it? Yeah, it’s going to be a much better approach. So if we’re looking, if we put that together in a compute cycle, how we actually do it within FireMon, its different approach in the sense of, we have a disrupting technology here that in a FireMon compute cycle, will ensure first of all compliance. So we can actually… A compute engine that sits inside FireMon, it transparently adapts and recalibrates your global security policy around any underlying networking platform or infrastructure changes, so you’re allowed to stay focused on what matters most, the security.

Kostas Litsos:
So focus here on the yellow circles there. So we have some incoming change requests, which we can either create an access rule, or modify and access rule, and they have defined as a security intent those access rules. So we don’t have to care about IP addresses or anything like that, we just use a tagging mechanisms to define the needed objects. And then we can actually mention the guardrails, so we have compliance inbuilt in the platform and the golden rules, which we take into consideration. What is happens, we can actually fast track the request. So we can allow https to web servers, we can allow DNS requests from any host.

Kostas Litsos:
And then based on that, all the required changes will be deployed across the environment where the rule applies to. So we can provide route-based hints, and also route-based information to make the process easier. And then we deploy the rule and activate it across all the selected devices. So you can go as far and automate every in all your devices, or you can choose which devices and which part, let’s say of the rules, of that device, the changes are going to be implemented. And this takes seconds. This doesn’t take an amount of time that is going to be consumed, and it’s going to impair the tasks of firewall team.

Kostas Litsos:
And then what do we do? Remember the maturity model, we optimize. So we go back and we recheck. We recheck about, have the changes been applied, and we monitor the changes. So we complete the cycle by continually enforced. We have enforcement rules, we have inspected the rules, and then at the same time we check and we continually enforce. So if a rule expires, we’re going to notify you. If a rule has to be reviewed, it’s going to actually be notified. If it actually it doesn’t handle compliance for any specific reason, we are going to monitor and check it. So what we actually achieve from optimization from an optimize page, we go to manage page so we know exactly what is going on in our estate. And actually, we speed track all the changes without fearing about security, and without adding any delays in implementing those changes.

Kostas Litsos:
So it’s quite a big step in automation, and we are the leaders in the industry who are actually doing that.

Andrew Lintell:
Thank you Kostas. So as we move to wrap up the session, I just want to finish on the next couple of slides.

Andrew Lintell:
Firstly, FireMon is a solution as a platform as you’ve seen, and there are many sort of different elements and components that can be built into the customer solution depending on the requirement. We are the only vendor in the market that is able to provide a complete end-to-end solution to this particular problem, starting with real-time discovery and awareness. Now, that is our Lumeta product that you can see on the slide here, but all of the other elements that the FireMon solution are there with the attributes, as well as technology partners that we are already integrated with.

Andrew Lintell:
Looking at our poll audit, again, I thank you very much for the response. I wanted to just give you a little bit of visibility here in terms of the responses. 50% of the audience have responded that the complexities and the implementation, and the maintenance of the workflows is the major concern. Followed by 25% of the audience actually saying they don’t know enough about their environment or network just yet. And that typically speaks to understand exactly what is happening, and the true network, the real prime nature of your network is constantly changing.

Andrew Lintell:
And I sort of direct you towards therefore, the discovery and the awareness topic, that actually we will be dealing with in our next Transform webinar that’s coming in a few weeks. And details of that, I’m just about to put up on the screen. Interestingly, the level of customization is a concern for 16% of you, hopefully you will see how much of this is actually out-of-the-box. This customization is actually a much kind of lower barrier to entry in reality, than a lot of customers feel initially.

Andrew Lintell:
And around 8% of you are wondering if you can obtain further benefits from existing processes. Again, we can help with that. We can help with that conversation to understand where you can optimize with what you have today, versus with some investment how you could potentially get a greater return.

Andrew Lintell:
So thank you very much for attending. There is a spat of further resources that we can direct you towards. This presentation will be available on Bright Source for watching at any time, and we will make sure to share these links with you. But around the topic of automation of course, FireMon has got extensive resources, as well as the security reports on Hybrid Cloud, the impact of COVID-19, and the Misconfiguration Risk White Paper by Jess Styles. That is a very interesting document for those of you that are in the process of actually building projects.

Andrew Lintell:
Likewise if you would like to further the discussion, then please don’t hesitate to email me, my address is on the screen there, and I’ll be happy to introduce you to the necessary resources and further the conversation.

Andrew Lintell:
We have another Transform webinar number three in a series of three, on the 14th of July at 10:00 AM. And specifically, as I’ve mentioned, this is going to be talking but how the needs of transformation demand real-time discovery and visibility, and how FireMon can actually help you achieve that. Typically, that’s the start of a process in order to then help the nature of automation be a much more successful and quickly value-realized project to be in.

Andrew Lintell:
So, thank you very much for attending, very much appreciate that we’ve got a great session, really well-attended. So thank you for that. I will thank my team, and thank Bryan for also being a guest speaker for us, and look forward to hearing from you soon.

Bryan Littelfair:
Thank you very much everyone.

Read more

Get 90% Better. See How to Get:

  • 90% EFFICIENCY GAIN by automating firewall support operations
  • 90%+ FASTER time to globally block malicious actors to a new line
  • 90% REDUCTION in FTE hours to implement firewalls

SCHEDULE A DEMO