FAQ about the Webinar, NetCitadel, and OneControl Security Orchestration: Why today s IT Initiatives will fail without it

Similar documents
SOFTWARE DEFINED NETWORKING

Business Case for Open Data Center Architecture in Enterprise Private Cloud

WHITE PAPER. Automating Network Provisioning for Private Cloud

Network Virtualization Solutions - A Practical Solution

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Zenoss for Cisco ACI: Application-Centric Operations

VIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers

Implementing Software- Defined Security with CloudPassage Halo

A Presentation at DGI 2014 Government Cloud Computing and Data Center Conference & Expo, Washington, DC. September 18, 2014.

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Software Defined Data Centers Network Virtualization & Security. Jeremy van Doorn Director of Systems Engineering EMEA, Network & Security

How To Build A Software Defined Data Center

How To Buy Nitro Security

An Application-Centric Infrastructure Will Enable Business Agility

Virtualization Essentials

Customer Benefits Through Automation with SDN and NFV

Always On Infrastructure for Software as a Ser vice

Network Services in the SDN Data Center

How OpenFlow -Based SDN Transforms Private Cloud. ONF Solution Brief November 27, 2012

Increased Security, Greater Agility, Lower Costs for AWS DELPHIX FOR AMAZON WEB SERVICES WHITE PAPER

EMC VPLEX FAMILY. Continuous Availability and Data Mobility Within and Across Data Centers

Reasons Enterprises. Prefer Juniper Wireless

HYBRID CLOUD SERVICES HYBRID CLOUD

Network Monitoring Fabrics Are Key to Scaling IT

SOLUTION WHITE PAPER. BMC Manages the Full Service Stack on Secure Multi-tenant Architecture

Cisco Network Services Manager 5.0

Software-Defined Networks Powered by VellOS

Software-Defined Storage: What it Means for the IT Practitioner WHITE PAPER

PLUMgrid Open Networking Suite Service Insertion Architecture

VMware vcloud Networking and Security

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

I D C A N A L Y S T C O N N E C T I O N

Readiness Assessments: Vital to Secure Mobility

SOFTWARE-DEFINED NETWORKS

Securing Virtual Applications and Servers

How To Compare The Two Cloud Computing Models

Use Case Brief CLOUD MANAGEMENT SOFTWARE AUTOMATION

RED HAT OPENSTACK PLATFORM A COST-EFFECTIVE PRIVATE CLOUD FOR YOUR BUSINESS

Transforming Service Life Cycle Through Automation with SDN and NFV

ILLUMIO ADAPTIVE SECURITY PLATFORM TM

RIDE THE SDN AND CLOUD WAVE WITH CONTRAIL

Elastic Private Clouds

HOW SDN AND (NFV) WILL RADICALLY CHANGE DATA CENTRE ARCHITECTURES AND ENABLE NEXT GENERATION CLOUD SERVICES

Sikkerhet Network Protector SDN app Geir Åge Leirvik HP Networking

The Advantages of Cloud Services

Whitepaper: A Business Case For Virtual Desktop Infrastructure (VDI) Deployments

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

REMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION

VMware Hybrid Cloud. Accelerate Your Time to Value

Getting on the Road to SDN. Attacking DMZ Security Issues with Advanced Networking Solutions

Cloud Computing: Elastic, Scalable, On-Demand IT Services for Everyone. Table of Contents. Cloud.com White Paper April Executive Summary...

BMC Control-M Workload Automation

WHITEPAPER A BUSINESS CASE FOR VIRTUAL DESKTOP INFRASTRUCTURE (VDI) DEPLOYMENTS.

EMC VPLEX FAMILY. Continuous Availability and data Mobility Within and Across Data Centers

Is Your Network Cloud Ready? Network Enable Your Cloud With MPLS VPNs

How the Software-Defined Data Center Is Transforming End User Computing

Juniper Solutions for Turnkey, Managed Cloud Services

The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know

Group-Based Policy for OpenStack

Virtualized Security: The Next Generation of Consolidation

Simplifying Data Data Center Center Network Management Leveraging SDN SDN

Solution White Paper Build the Right Cloud, Quickly

Cross-Domain Service Management vs. Traditional IT Service Management for Service Providers

WHITE PAPER. Building Blocks of the Modern Data Center

SOLUTION WHITE PAPER. Building a flexible, intelligent cloud

vision realize your software-defined with the Digital Data Center from Atos Whitepaper

SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for Disaster Recovery

A Look at the New Converged Data Center

ILLUMIO ADAPTIVE SECURITY PLATFORM TM

WHITE PAPER: Egenera Cloud Suite for EMC VSPEX. The Proven Solution For Building Cloud Services

VMware Solutions for Small and Midsize Business

2010 Virtualization and Cloud Computing Survey

Wedge Networks: Transparent Service Insertion in SDNs Using OpenFlow

SDN and NFV in the WAN

The BYOD Opportunity. Say Yes to Device Diversity and Enable New Ways to Drive Productivity WHITE PAPER

Cisco Secure BYOD Solution

Palo Alto Networks. Security Models in the Software Defined Data Center

Open Cloud Networking: Unlocking the Full Potential of Cloud Computing. A Dell Technical White Paper

DEVOPS: INNOVATIVE ENGINEERING PRACTICES FOR CONTINUOUS SOFTWARE DELIVERY

Software Defined Environments

INTRODUCING isheriff CLOUD SECURITY

Debunking the Myths: An Essential Guide to Software-Defined Networking April 17, 2013

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments

ENSEMBLE OSA Bringing the Benefits of the Cloud to the Metro Edge

VMware vsphere 4.1. Pricing, Packaging and Licensing Overview. E f f e c t i v e A u g u s t 1, W H I T E P A P E R

The Production Cloud

Migration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module

Transcription:

FAQ about the Webinar, NetCitadel, and OneControl Security Orchestration: Why today s IT Initiatives will fail without it FAQ about the Webinar... 2 1. What is NetCitadel presenting?... 2 2. What problems is NetCitadel trying to solve?... 2 3. Can existing tools or solutions solve the problem?... 3 4. What is Security Orchestration?... 3 OneControl Product FAQ... 3 5. How does OneControl perform the task of Security Orchestration?... 3 6. What are OneControl s modes of operation and their advantages?... 4 7. What are the architectural components of OneControl?... 4 8. What firewalls do you support today? Plans to expand?... 5 9. What are the requirements for OneControl?... 5 10. Any hardware or software changes to the infrastructure?... 5 11. What is the impact to IT processes?... 6 12. What are the main benefits for Enterprise customers?... 6 13. What are NetCitadel s product offerings?... 6 14. When will the products, such as OneControl, be available?... 7 FAQ about NetCitadel... 7 15. Who is NetCitadel?... 7 16. What is NetCitadel s vision?... 7 17. Who are the customers for OneControl?... 8 18. Who are your partners today?... 8

FAQ about the Webinar 1. What is NetCitadel presenting? NetCitadel is presenting the NetCitadel OneControl Security Orchestration Platform (OneControl), a solution that revolutionizes your network security infrastructure by bringing real-time, centralized intelligence to your existing security devices. The entrance of virtualization, cloud and BYOD makes for a dynamic enterprise environment that challenges current security network solutions. OneControl makes existing security infrastructure intelligent and agile to accurately and consistently implement network security policy changes across cloud, virtual and physical environments to best protect organizations networks. 2. What problems is NetCitadel trying to solve? The problem that NetCitadel is solving stems from business initiatives that demand IT to help increase revenue and lower IT costs. To help increase revenue and lower IT costs, today s IT Teams took advantage of solutions that use virtual machines to reduce operating cost, Cloud environments to build virtual environments only when needed, and put in place policies allowing employees to use BYOD in the workplace. Unfortunately, using these solutions came with their own set of problems. For example, the deployment of virtual machines can be completed in a matter of minutes, but securing virtual machines network-wide takes days or months, depending on the amount of configurations required, the number of network security devices to deploy the change, and the change management process. The same example also plagues Cloud environments, including compliance irregularities when proprietary information are left unsecured. In fact, a study made by Gartner showed that 95% of security issues come from misconfigured network security devices. In addition, the demands from business initiatives are overwhelming. Many IT security teams are contending with at least 10,000 Firewall configuration changes per year, increasing the chances of a network security breach to occur. The number of Firewall configuration changes also affects network configuration changes, which, according to studies, contributes to more than 50% of planned and unplanned network outages. As pressure from increasing business initiatives rise, IT teams must complete overwhelming requests with little amount of time with zero network security breaches, and outages. Doing so requires Security Orchestration.

3. Can existing tools or solutions solve the problem? There are no products today in the market that orchestrates security changes from virtual and cloud environment with network security devices. Many solutions today deliver manual activation of network security devices, and have limited visibility of any changes in virtual and cloud environments. In addition, orchestrating security changes from virtual and cloud environments are difficult to implement due to the nature of the infrastructure. For example, cloud environments are external or off-network, requiring additional network security considerations. Having built, secured and operated many large networks, the NetCitadel Team made all of these considerations in OneControl. 4. What is Security Orchestration? Security Orchestration, delivered by OneControl, removes manual updates of network security devices from any changes within the virtual and cloud environments. Today s enterprises are being held back by legacy security infrastructure that requires a steady stream of manual updates to maintain effective protection in the face of constant changes to their computing environments. This situation is only becoming more acute as firewalls and other traditional security devices have also begun to impede investments being made in virtualization, cloud computing, and other technologies intended to enhance IT agility. OneControl Product FAQ 5. How does OneControl perform the task of Security Orchestration? With OneControl, the external management system is an intelligent control plane for security. Similar in concept to a Network Controller for Software Defined Networking, OneControl works at a high level by: Maintaining connections with key elements of the computing environment including physical, virtual, and cloud infrastructure management systems to enable real-time detection of changing conditions. Maintaining connections with other sources of intelligence that are ultimately relevant to maintaining robust defenses, such as directories, identity and threat management systems, and custom-developed information stores. Coordinating and intelligently mapping the contextual information it gathers to an organization s security infrastructure, including physical firewalls, virtual firewalls, cloud security services, routers, and other devices capable of enforcing access control rules and other essential security policies.

6. What are OneControl s modes of operation and their advantages? OneControl can be employed in either of the following modes: Security Context Orchestration Security Policy Manager Security Context Orchestration (SCO) can be used in conjunction with existing Firewall Policy Managers or a Policy Manager from any network security vendor. IT Teams can insert SCO in any change management process, removing any disruption to a change process, while orchestrating security changes from virtual and cloud environment to the network security infrastructure. Once integrated and dynamic objects are created, SCO maintains state information of virtual and cloud environment to guarantee that network security device gets updated immediately. This removes any chance of any security breach to occur and maintains the necessary regulatory requirements. Security Policy Manager (SPM) is a Firewall Policy Manager (FPM) for IT Teams that need to move from CLI-based management to a systematic solution. Unlike traditional FPMs, SPM allows IT Teams to build dynamic objects for virtual and cloud environment. Once in a dynamic object, any changes made in virtual or cloud environments gets reflected in the network security infrastructure. 7. What are the architectural components of OneControl? OneControl s unique advantage is built from the following four key components that helps orchestrates in real-time human-level security policies down to device-level security actions: Common Event Framework. The Common Event Framework (CEF) is responsible for: (a) obtaining and interpreting events from available sources of intelligence, (b) maintaining the mapping between dynamic objects and the target devices that use them, and (c) establishing and initiating the appropriate action when an event that impacts one or more devices is detected. Security Policy Language. NetCitadel s Security Policy Language (SPL) provides the underpinnings for building and maintaining security policies in a common and intuitive way. The SPL foundation allows you to define policies and high-level objects representing common security elements, like IP addresses, Networks and Services, that can be deployed across a vast array of devices from multiple vendors, irrespective of their underlying capabilities and configuration syntax. Device Configuration Translator. The Device Configuration Translator (DCT) is responsible for converting OneControl s vendor neutral SPL to the specific configuration syntax required by each of the supported security devices. By design, the DCT has a pipelined architecture where the required transforms are grouped in distinct layers, progressing from those that have the broadest applicability to those that are unique to a given vendor or device.

Scalable Deployment Engine. The Scalable Deployment Engine (SDE) is responsible for connecting to security devices and implementing the configuration changes that are required to enforce the intended security policy using a highly parallelized design that enables OneControl to push thousands of configuration updates simultaneously. This capability is essential to responding to changes in near real-time - a key requirement for a truly adaptive Security Orchestration solution. In addition, OneControl provides a simple web GUI to manage security policy across multiple heterogeneous firewalls, routers, and servers. In a mixed-platform environment, OneControl allows administrators to uniformly apply access control to all network assets using a single management interface, while at the same time avoiding syntax errors and typos. 8. What firewalls do you support today? Plans to expand? There are definitely plans to include other vendors, and the supported network security devices are as follows: Linux iptables (1.4.x) Cisco IOS Routers (IOS 12.x) Cisco ASA Firewalls (ASA 8.3+) Juniper SRX (Junos SRX 10.4.0, Junos SRX 11.2.0, Junos SRX 11.4.0, Junos 12.1.0) Juniper SSG (Junos SSG 6.2.0) 9. What are the requirements for OneControl? OneControl is distributed as a virtual appliance packaged as an OVA file. To run the appliance you need a virtual environment, such as VMware, Xen or HyperV, with ability to install and run an OVA file. 10. Any hardware or software changes to the infrastructure? None. Although OneControl orchestrates security changes across varying network security devices, OneControl requires no additional hardware or software changes to existing network security infrastructure.

11. What is the impact to IT processes? None, in fact, OneControl s SCO can be used to transforms static, blind devices into dynamic defenses by: Enabling the creation of dynamic objects that adapt security policies to your changing environments. Analyzing the changes based on contextual information about virtual and cloud applications and workloads. Synchronize dynamic policy deployment of hundreds of devices simultaneously. 12. What are the main benefits for Enterprise customers? Additional strategic and business-oriented benefits include: Increased IT and business agility as Security Orchestration facilitates routine changes to IT infrastructure and accelerates the transformation to a highly dynamic computing environment. Reduced operating expenditures as intelligent automation cuts the time and effort required to administer security infrastructure despite the proliferation of required configuration changes. Reduced capital expenditures as the infusion of additional intelligence and advanced capabilities extends security infrastructure refresh cycles. Reduced risk as IT gains the ability to accommodate rapid-fire IT changes without having to compromise in terms of access control and other defenses. 13. What are NetCitadel s product offerings? The NetCitadel product offerings are as follows: NetCitadel OneControl Security Orchestration Platform or OneControl seamlessly integrates virtualized infrastructures and cloud-based services with traditional security devices such as Cisco ASA, Juniper SRX, and iptables. OneControl continually monitors these services and can immediately detect changes or additions to the network, and automate the process of updating the surrounding security devices. Through the use of dynamic objects in OneControl, administrators can define security policies for these services that require minimal ongoing maintenance. Virtual Security Module module that gives OneControl complete visibility of any changes in any virtual environment, bridging the security divide between network security devices and virtual environments. Virtual Security Module creates a live-link to virtual environments and translates changes in virtual environments to the OneControl platform, enabling persistent and dynamic security orchestration.

Cloud Security Module - creates a live-link to the cloud environment and translates any changes occurring in cloud environments to the OneControl. This dynamic connection creates a real-time context awareness of cloud resources and existing network security infrastructure that is capable of adapting existing security policies in response to cloud resource changes. OneControl includes Virtual Security Module, and Cloud Security Module can be purchased separately and requires OneControl. 14. When will the products, such as OneControl, be available? OneControl is available today, including Virtual Security Module and Cloud Security Module. FAQ about NetCitadel 15. Who is NetCitadel? NetCitadel is the pioneer of security orchestration across physical, virtual and cloud environments. The NetCitadel OneControl Security Orchestration Platform is the industry s only solution that creates a security control plane, transforming existing security infrastructure into a context-aware environment that transcends security silos and adapts to dynamic changes across cloud, virtual and physical environments. The visionaries behind NetCitadel are the founding team members of CEO Mike Horn (formerly of Level 3 and Virtela); CTO Theron Tock (formerly of Neoteris/Juniper and Healtheon/WebMD); Chief Engineer Vadim Kurland (formerly of Google and Healtheon/WebMD); and Surya Koneru (formerly of Neoteris/Juniper and Healtheon/WebMD). Together, the team combines a wealth of experience that ranges from developing patented security technologies in use around the globe, to building automation tools for the world s largest datacenters. 16. What is NetCitadel s vision? Enterprises clearly need a better way to manage their security infrastructure, to have it keep up with the speed of business. The solution is the industry s first and only security orchestration platform: NetCitadel s OneControl. By bridging the gap between existing static security devices and the information they require to deliver effective protection, OneControl effectively transforms network security into a software-defined security infrastructure capable of adapting to changes from a number of dynamic sources including virtual and cloud computing environments.

At a high level, OneControl works by leveraging the same proven method employed by both leading server virtualization/datacenter orchestration products and emerging software defined networking (SDN) solutions. Specifically, an independent security control plane continuously gathers relevant data about the changing computing environment and intelligently applies this information in real-time to the devices that need to adapt. 17. Who are the customers for OneControl? The customers for OneControl are Enterprises with Data Centers that includes virtual and cloud environments, especially those that require rapid network security deployments to computing environment that scales up or down rapidly to meet changing business demands. Enterprises, such as large financial and retail, that deploy customer-facing web servers using cloud environment are a perfect fit for using OneControl. In addition, other customers include Enterprises that run large virtual environments for MRP, CRM, ERP or webapplications that front-ends large database management system. 18. Who are your partners today? As a pioneer in security orchestration, NetCitadel recognizes the benefits that a joint technology partnership brings to our customers. NetCitadel partners with key companies, like VMware, with the mission of building new business opportunities and long-term partnerships that enable us to deliver comprehensive and proven best-of-breed technology solutions to our shared markets. Key partners also include industry leading network security vendors, like Cisco, Juniper and Palo Alto Networks, and Cloud vendors, like Amazon and Terramark, to make sure OneControl flawlessly works with their products.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information