Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Survey shows application connectivity disjointed from network security

Tufin Technologies : 13 June, 2013  (Technical Article)
Firewall management and application connectivity changes are revealed in a survey as a source of problems in network management in over half of cases
Survey shows application connectivity disjointed from network security

Tufin Technologies has announced the results of a recent survey.  Previous Tufin surveys revealed that because  application connectivity requirements drive the vast majority of firewall changes, managing application connectivity has become the number one firewall management challenge.  This survey, conducted in April at InfoSecurity UK, was designed to get a better understanding of the problem. 105 IT professionals, ranging from network administrators to CIOs, reported that network security teams deploy applications based on incomplete or inaccurate connectivity data, resulting in delays, downtime, and unnecessary risk and compliance exposure.

Application connectivity challenges:  a quick overview

* 1/3 of the sample report their organisation has more than 500 applications, 74% report they will be deploying up to 100 new applications this year.
* There is little standardisation as to how organisations structure application connectivity processes.  Network operations teams work mainly with application owners (30%), but other application connectivity stakeholders include app developers (26%), other network engineers (16%), or any variety of other parties such as a consultant, a VAR, the application vendor or an MSP (29%).
* When it comes to determining connectivity requirements, 72% report they are given a list of ports to open. 19% look it up on the Internet, 13% look at logs, and 9% rely on trial and error.

Impact on business agility

* 55% report that applications are not deployed correctly the first time, mainly (67%) due to incorrect or missing connectivity data.
* 1/3 report the Service level Agreement (SLA) for application-related firewall changes is a week or more; 81% believe it should be between 1-3 days.
* When asked what would enable a faster SLA, 1/3 cited more accurate information from application owners, 26% said knowing what ports to open, and 24% said faster risk/compliance approvals.

Impact on security and compliance     

* Administrators often have no insight into why a rule was created.  41% either use the (limited) firewall comments field or rule base sections to document the business justification for a rule.  13% don’t document at all.
* 40% are not notified when an application is decommissioned.
* 30% take a ‘best effort’ approach to remove unneeded connections when an application is decommissioned.  1/6 of respondents do nothing to decommission applications.

‘This survey highlights the fact that security engineers are having to adopt new processes on the fly - processes that require them to interact with a new set of stakeholders,’ said Reuven Harrison, CTO, Tufin.  ‘As a result they are not just changing who they work with but how they work. Anyone who has experienced this kind of change knows it is not easy.  That’s why we are putting so much development effort into SecureApp. SecureApp provides a much needed application connectivity model on top of our network abstraction layer, enabling security teams to rise above any existing technology constraints and collaborate with other IT groups for a common goal - application delivery and business agility.'

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo