Tufin SecureTrack
Tufin SecureTrack
Tufin SecureTrack
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Introduction<br />
Managing network security for an organization or a service provider has become a highly<br />
complex operation involving dozens or even hundreds of firewalls and routers. Multiple sites<br />
and teams, different hardware and software vendors – all of these factors make it virtually<br />
impossible to maintain an accurate, airtight security policy on every device. At the same time,<br />
internal security policies have become more rigorous, and organizations need to comply with<br />
a growing body of industry and government regulations.<br />
To make sure that security standards are being met, most organizations rely on periodic<br />
audits – a process involving days of manual, painstaking effort. In addition to the tremendous<br />
investment of time and resources, relying on audits is a reactive approach to network security<br />
that can leave threats undetected for months at a time.<br />
Today’s security operations teams urgently need a management solution that can proactively<br />
assure network security and achieve Continuous Compliance with standards while<br />
automating labor-intensive day-to-day tasks. In practical terms, firewall operations teams<br />
need:<br />
� Central management starting with a top-down view of all Cisco firewalls, routers and<br />
switches in the organization, the Cisco Security Manager (CSM), and firewalls from<br />
other vendors<br />
� Management of both next-generation and network-layer firewalls<br />
� Change management to ensure that every configuration change made to a firewall,<br />
router or switch is accountable and in accordance with corporate standards<br />
� Proactive risk analysis and business continuity management to evaluate the impact<br />
of every configuration change and ensure Continuous Compliance with standards<br />
� ACL optimization and cleanup to eliminate security loopholes, improve firewall<br />
performance, and reduce hardware costs<br />
� Network topology intelligence to visually analyze the access path between any<br />
source and destination<br />
� Rule (ACE) documentation that enables you to manage ACE ownership, expiration<br />
and recertification.<br />
� Automated security audits to efficiently comply with corporate policies as well as<br />
industry and government regulations<br />
� Automatic ACL generation to enable rapid deployment of new firewalls without<br />
disrupting business continuity or resorting to permissive rules<br />
� Alignment with best practices from vendors and security industry veterans<br />
� Scalable support for large enterprises and datacenters including distributed<br />
deployment, multiple device domains and role-based management.<br />
<strong>Tufin</strong> <strong>SecureTrack</strong> enables security operations teams to dramatically reduce risk while<br />
increasing compliance and efficiency. With a powerful set of real-time and analytical tools,<br />
<strong>SecureTrack</strong> tackles the practical challenges that operations teams face every day when it<br />
comes to managing Cisco firewalls, routers and switches. This paper takes a closer look at<br />
each of the key requirements in security operations management and explains how<br />
<strong>SecureTrack</strong> enables companies to eliminate potential threats, lower costs, and achieve their<br />
strategic security objectives.<br />
Firewall Operations for Cisco 3/11