Sean Keef Director of Sales Engineering

Firewall Change Management

© 2013 Skybox Security Inc. 2

Solution Overview

Change Management

Policy Compliance

Optimization & Cleanup

Remediation

Analysis / Prioritization

Discovery

Network Security Management Vulnerability & Threat Management

© 2013 Skybox Security Inc. 3

Change Management Workflow

Risk Assessment

Verification Implementation Technical

Translation Request

Ticketing System

Or

eMail

Manual Process Manual Process Manual Process Not Done

© 2013 Skybox Security Inc. 4

Change Management Integration

Skybox Analytics Engine

Risk Assessment

Verification Implementation Technical Details

Request

3rd Party Ticketing System

or

Skybox Change Manager

© 2013 Skybox Security Inc. 5

Change Management Integration

Translate

Path identification

Rule analysis

Skybox Analytics Engine

Risk Assessment

Verification Implementation Technical Details

Request

• Reduce workload

• Reduce time to process

• Reduce # of firewall changes

• Reduce overlapping rules

• Excellent ROI

© 2013 Skybox Security Inc. 6

Technical Details

© 2013 Skybox Security Inc. 7

Technical Details

© 2013 Skybox Security Inc. 8

Risk Assessment

Identify policy violations &

Vulnerability exposures

Accept/Reject

Skybox Analytics Engine

Risk Assessment

Verification Implementation Technical Details

Request

Skybox and/or 3rd Party Ticketing System

• Reduce human error

• Reduce role back

• Reduce misconfigurations

• Create risk acceptance audit trail

© 2013 Skybox Security Inc. 9

Risk Assessment

© 2013 Skybox Security Inc. 10

Change Management Workflow – 3rd Party

Changes are queued by firewall

Skybox Analytics Engine

Risk Assessment

Verification Implementation Technical Details

Request

Skybox and/or 3rd Party Ticketing System

• Administrators see only the changes they are responsible for

• Displayed by firewall – not by ticket

• Tickets are promoted when all changed have been implemented

• Auto-provisioning in the works

© 2013 Skybox Security Inc. 11

Verification

Skybox Analytics Engine

Reconcile against observed changes

Verify Access

Risk Assessment

Verification Implementation Technical Details

Request

Skybox and/or 3rd Party Ticketing System

• 3rd party validation that a change ticket has been implemented

• Protection against “fat fingering”

• Changes without tickets can be identified

© 2013 Skybox Security Inc. 12

Summary

Path Analysis – Demonstrable ROI

Risk Analysis – Automated, accurate, complete

Implementation – Changes grouped by firewall

Reconciliation – 3rd party validation of ticket completion