IT Security Orchestration & Automation: Your seat by the band?

Innovations in today’s IT infrastructure and security market are coming at a staggering pace, with enterprises facing an array of options to improve efficiencies and reduce costs, whilst balancing data availability with data security. No easy task in today’s environment.

One particular innovation now building rapid mainstream adoption, for example, is that of Software Defined Networking or SDN. This new architecture highlights the move towards a more agile and dynamic environment, but in turn, also points to a need to improve how these complex systems can be effectively managed.

With cloud adoption well established, and also heralding another game-changing degree of infrastructure adjustment, the time to consider how security should be delivered through new approaches is surely ripe for debate. With new vendors and solutions starting to address the many challenges this scenario presents, I have recently been looking with interest at the journey of “Automation and Orchestration” solutions and seeking to understand how they will become a key feature for network security.

As we are already aware, in a private cloud environment, applications and desktops are increasingly being virtualised at an unprecedented rate and scale. As these instances increase, automation and orchestration suites can’t be seen as “nice to have’s” any longer. Why? It has become increasingly complex to configure and manage multiple security devices, as well as being extremely inefficient with a high propensity for error. Not a recipe for operational effectiveness…

So, what does orchestration in a security context mean? Simply put, it is network change automation, done intelligently. It goes further than automating basic tasks by having an intimate understanding of the network and its operation, and by using analytics, complex policies can be applied and workflow’s automated. The advantages for security folks are numerous, including an extra level of governance and more control – so critical to ensure security and business continuity.

Management of security policy in such a way very clearly shows the growing importance that managed security policies are having on IT systems today.  Management of security policies is an increasingly arduous task that needs automation to overcome, and policy orchestration has emerged as a defined solution to meet the many parallel factors impacting the business today, including:

• The increasing importance of business agility as a differentiating factor.
• Internal Segmentation Firewall strategies have significantly increased the size of the enterprise firewall estate, pushing security policies into complex rule sets.
• IT departments are under significant pressure provide the convenience, speed and self-service provisioning the cloud environment offers, but for internal application deployments too.
• More traffic, more routing, and more datacentres to manage.
• Increasing hybridisation of networks driving higher management, compliance and increased bandwidth concerns.

The combined impact of these developments on security and network operational tasks is having a profound impact on optimum “trinity” of people, process and technology with increasing pressure to deploy services ever faster.

Policy orchestration and automation for Security helps to ease this pressure and provides a vital pivot to meet the demands of the business, and reduce risk. The capability of automatically creating, providing and synchronising security policy changes across the wide array of systems, and remain compliant whilst doing so. Additionally it unlocks significant operational efficiencies, increased flexibility, and manpower bandwidth ensuring security does not become a bottleneck that slows down business transformation in the future.

With security now a wide spread board-level consideration, it is encouraging that emerging technologies such as these can truly add value to the business, further bolstering the CISO impact at the board table. By reducing and managing risk far more quickly and accurately, as well as reinforcing best practice, such IT departments are very well placed to drive transformational change and be prepared for future demands as part of the “every-day”.