Improving Network Security Change Management Using RedSeal

Transcription

1 SOLUTION BRIEF Mapping the Impact of Change on Today s Network Security Infrastructure Improving Network Security Change Management Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc Freedom Circle, Suite 800, Santa Clara, Tel (408) Toll Free (888)

2 2 SOLUTION BRIEF Mapping the Impact of Change on Today s Network Security Infrastructure Contents Executive Summary 3 Network Change: The Target That Never Stops Moving 3 Limping Ahead: The Crippling Effect of Change on Network Security 4 Infrastructure Evolution: Automating Network Security Change 5 The Solution: RedSeal Proactive Security Intelligence 6 Conclusions 7

3 Mapping the Impact of Change on Today s Network Security Infrastructure SOLUTION BRIEF 3 Mapping the Impact of Change on Today s Network Security Infrastructure Improving Network Security Change Management Using RedSeal Executive Summary: This solution brief will address the requirement for enterprise organizations to enlist more effective and proactive measurement of the impact that proposed changes to network infrastructure will have on security defenses, to gain visibility into resulting gaps in protection before they can be compromised by attackers. In addition to outlining the immense challenges faced by organizations in maintaining necessary infrastructure defense in today s environment of constant network evolution, and citing limitations of traditional response methods, the paper will specifically detail the manner in which RedSeal s proactive security intelligence solutions address these highly critical issues. By leveraging automation to provide unprecedented visibility into the interaction of all network defenses deployed across the enterprise, RedSeal empowers organizations to move away from retroactive remediation of risks to adapt infrastructure protection before changes are actually enacted. Network Change: The Target That Never Stops Moving Today s network security infrastructure must adapt to near constant demands for change, driven by powerful catalysts including emerging business requirements, the proliferation of new devices, and the need to protect against more advanced attacks. From displacement of traditional network perimeters by the widespread adoption of mobile devices, to the increasing exposure of internal assets, effective management of network security and related policy compliance has never been more significantly challenged. According to Enterprise Management Associates 2010 report The Changing Role of Network Management Keeping Pace with the New Demands of Virtualization and Cloud, network security strategists must adopt new approaches and methods to accommodate accelerated rates of change, new topologies and relationships between connected virtualized environments. As a result, enterprises have found themselves in need of new methodologies that empower them to understand the specific impact that proposed network

4 4 SOLUTION BRIEF Mapping the Impact of Change on Today s Network Security Infrastructure alterations will have on security infrastructure, and any risk remediation necessitated by those changes, prior to implementation. Security management also requires a more effective means of communicating the impact that changes will have on network security to clearly illustrate any risks resulting from proposed alterations to their CISOs and the line of business leaders who originally requested them. To address these significant challenges, enterprises have recognized the need to adopt more proactive, continuous monitoring of security infrastructure that provides in-depth visibility into the precise manner that changes impact their network security and policy compliance. By gaining the ability to measure the impact of change on their security posture across the entire network and trend that information over time, organizations can begin making more informed decisions that allow them to optimize responsive efforts and prevent defensive weaknesses, before they can be attacked. Limping Ahead: The Crippling Effect of Change on Network Security IT security and network management professionals have long struggled with the conflicting requirements of facilitating changing business demands on infrastructure while maintaining network security that protects their organization s most critical assets. In today s environment of rapid IT innovation, distributed business models and advanced threats, practitioners have been forced to recognize the shortcomings of traditional processes used to understand the impact of network changes, and plan subsequent remediation. As noted by Gartner analyst Neil MacDonald in his 2011 presentation Enable Business Growth: Improving Information Security Decisions, most, if not all information security models are at a breaking point, driven in large part by evolving business demands. In fact, the static and rigid nature of today s security infrastructure actually discourages change, MacDonald contends, while catalysts including device consumerization, cloud computing and distributed collaboration dictate that network defenses become contextual and adaptive to support emerging requirements and stop threats. According to Gartner s 2011 report Improve Security Risk Assessments in Change Management With Risk Questionnaires, traditional means of reconciling security infrastructure with evolving requirements are insufficient in that: The nature and complexity of requested changes typically varies greatly, but the risk attributed to each change rarely correlates with either factor. Existing security change management processes often rely on incomplete risk analysis, leading to ineffective response.

5 Mapping the Impact of Change on Today s Network Security Infrastructure SOLUTION BRIEF 5 Change requests themselves often contain misleading risk mitigation advice due to inconsistent impact assessment. Security practitioners are not well equipped to react to shifts in technology, business expectations and process ownership, as observed by Forrester Research Analyst Khalid Kark in the 2010 Computer Weekly news article IT Security Must Address Business Trends. While this evolution has advanced for years, Kark notes, network change has accelerated significantly. Driven by these conditions, today s enterprises clearly require new processes and solutions that provide full visibility into the true impact of change on security infrastructure, to identify and quickly resolve any resulting gaps in network security. Infrastructure Evolution: Automating Network Security Change Whenever a network change occurs, the potential exists to create real-world security exposures, some changes that don t appear to necessitate risk mitigation may unknowingly compromise defenses. Today, most organizations create security rules to address each approved change, but these rules are often narrow in scope and to few security factors are taken into consideration, resulting in unexpected risks and even policy breaches. To evolve network security change management to keep pace with today s rate of change, industry analysts recommend that organizations maintain continuous visibility into network design and all available access across their infrastructure. Eliminating the practice of retroactive response is one of today s critical security management challenges, Forrester s Kark is quoted as saying in the Computer Weekly Address Business Trends piece. To tackle the issue, advises Forrester, enterprises must implement methods to: Understand all the potential implications of every proposed change before implementation to assess all their risks and inform response. Develop the strategies, policies and solutions needed to address changing requirements, including automated network security assessment. Build security programs around the trending and management of new classes of change as they occur, while measuring performance of those initiatives to trend effectiveness. As noted in the 2010 TechTarget SearchSecurity.com article 5 Steps for Developing Strong Change Management Program Best Practices, management s primary challenge is to integrate itself into existing IT change management processes by accounting properly for all the systems and devices it encompasses. Getting involved in the decision-making process before changes are agreed upon is also becoming easier for security management as business leaders increasingly

6 6 SOLUTION BRIEF Mapping the Impact of Change on Today s Network Security Infrastructure understand the risks that some proposed IT changes could introduce, the TechTarget story contends. By leveraging automated solutions that isolate unseen weaknesses in security resulting from network change, and clearly communicating that intelligence to management, today s practitioners can move beyond reactionary efforts to maintain protection post implementation into proactive mitigation of risks. RedSeal is the only solution that reports which vulnerabilities will become exposed by a proposed network change and the potential downstream impact of the change. This screen shot shows that over 120 vulnerabilities will be exposed if the proposed change is implemented. The Solution: RedSeal Proactive Security Intelligence RedSeal s proactive security intelligence solutions are the only products on the market today that allow management to measure the precise impact of network change on security infrastructure, and isolate any unintended access resulting from simple systems upgrades to major network expansion. After changes are made, RedSeal automatically reviews and analyzes any subsequent effect on network defenses to ensure necessary protection and policy compliance saving time and resources previously spent on reactive assessment and remediation. With RedSeal, instead of chasing issues created by change after the fact, risk mitigation can be planned ahead of implementation, improving efficiency and mitigating risk by allowing organizations to: Proactively view and examine all relevant rules and configurations that may present new points of exposure across the entire network. Clearly demonstrate resulting gaps in network defenses to IT management, line of business and other constituencies requesting proposed modifications.

7 Mapping the Impact of Change on Today s Network Security Infrastructure SOLUTION BRIEF 7 Continually auditing remediation to confirm its efficacy and prevent unexpected creation of additional risks, as well as maintain required policy compliance. Many regulations, including PCI DSS, also compel organizations to demonstrate that all changes affecting access to critical data receive full approval before implementation. RedSeal provides detailed justification reports and serves as an automated control that proves continuous application of PCI s change management control process requirements to third party compliance auditors. Using RedSeal, enterprises can isolate and trend detailed metrics that highlight their overall process efficiency in responding to network security change to drive improved protection, continuous compliance and optimal allocation of available resources toward the resolution of the most critical risks. RedSeal is the only solution to provide network security and vulnerability risk metrics, helping IT security organizations to understand the impact of daily IT changes. This screen shot shows the change over time of the number of vulnerable hosts that are directly exposed to the Internet. Conclusions: In today s world of relentless change, where new business drivers and disruptive technologies seemingly appear overnight, and attacks quite literally materialize without warning, network security must be adapted to address emerging demands on a constant basis. As noted in the 2011 Gartner report Network Security Monitoring Tools for Lean Forward Security Programs, a crucial element of enterprises network security change management capabilities will come from automated solutions that view of the effectiveness of all network security controls in aggregate and offer what-if analysis to understand the full implications of infrastructure evolution before it occurs.

8 8 SOLUTION BRIEF Mapping the Impact of Change on Today s Network Security Infrastructure About RedSeal: RedSeal Networks develops proactive security intelligence software that enterprise organizations depend on to visualize the effectiveness of security infrastructure, maintain continuous policy compliance and protect their most critical business assets and data. Unlike systems that measure the impact of attacks after they transpire or address individual elements of network protection, RedSeal analyzes the cumulative ability of defenses to control access and mitigate vulnerability exposure across the entire enterprise, providing the critical metrics necessary to trend performance and isolates gaps before they can be discovered by hackers. For more information on RedSeal products please visit the company s web site at or contact RedSeal representatives directly at (888)

9 Mapping the Impact of Change on Today s Network Security Infrastructure SOLUTION BRIEF 9

10 WHITE PAPER RedSeal Networks, Inc Freedom Circle, Suite 800, Santa Clara, Tel (408) Toll Free (888) Copyright 2011 RedSeal Networks, Inc. All rights reserved. RedSeal and the RedSeal logo are trademarks of RedSeal Networks, Inc.