Creation of rule base drives business optimised security
Tufin Software Technologies Ltd has come out with a product it reckons will change the way businesses develop and manage their security policies.
Launching Tufin Security Suite 5.0 today the company said the new Automatic Policy Generator stands as a neat way of automating policy creation of new and existing firewalls. It provides security professionals with a means of tightening existing firewalls, re-building complex, heavy rule sets, and analysing the rule bases of firewalls inherited from other organisations, it claimed.
In large enterprises regulatory obligations means different network segments have to be secured to comply with different rules, Tufin’s VP Products and Marketing Shaul Efraim explained. “This makes it difficult to construct a manageable and optimised firewall policy for the business.
“The new APG system monitors network traffic behaviour on each segment, studies and learns how the firewall operates, and then recommends the best policy” Efraim told us.
The company describes how APG can be set up to automatically process log data from any of the leading firewall vendors to create a new rule based derived from network traffic. To optimise the rule base for faster performance, APG orders rules according to usage, placing the most-used rules on top and the least-used rules on the bottom.
Once automatic policy generation is complete, firewall managers can add unusual scenarios, such as disaster recovery, that may not have been sampled.
Efraim said this helps overcome a common problem. Network security teams are frequently challenged by the requirement to secure unrestricted network segments without disruption to critical business services, and security professional find installing a firewall on an active, currently unsecured network segment is easier said than done.
“Use of APG changes what might have been a very permissive rule base into one with a fine grained policy that is aligned to the business need,” Efraim added. With APG, security managers can automatically generate a robust firewall policy based on a thorough analysis of current network traffic and compliance with organisational and regulatory policies.
The company argues the resulting firewall rule base ensures that business-critical traffic is flowing normally, but that corporate and regulatory security standards can be met according to a rule base that is not too permissive, and is optimised for performance, easy management and maintenance.
The system is currently in beta test among some of the 300 organisations in financial services, retail and telco companies that are said to be using Tufin’s security products.
They are designed to feed admins with views of policy and configuration changes so that they can carry out compliance monitoring, performance optimisation and auditing across a wide variety of application security and delivery systems, as well as firewalls from the likes of Check Point, Juniper, Cisco and Fortinet.
For organisations spread across multiple data centres or a single large data centre, Tufin said today its latest software now also supports a distributed deployment architecture, meaning that multiple appliances can be centrally managed from a single console.
TSS 5.0 becomes generally available in August 2009, with pricing starting at $20,000 and APG comes as part of that new version.