Automation is a key element as organizations adapt to digital transformation, and security operations are not excluded. Automating changes to Palo Alto Networks Next Generation policies can maximize agility and productivity without losing control.
"Tufin's zero-touch automation will allow Panorama users to expedite the creation of security policies that still coincide with device group hierarchy. The return on investment for companies will be bolstered security and allowing the IT security team to gain back more time in the workday." — Fuel Member Paul Carter, information security engineer
We caught up with
Joe Schreiber, technical director of business development at Tufin, and Erez Tadmor, senior product manager, automation and orchestration, at Tufin, to help address questions related to automation. Schreiber and Tadmor presented a
Fuel webinar on May 11 that addresses how to:
- Implement changes to Panorama device group Next-Generation Firewall (NGFW) policies in minutes
- Enforce continuous compliance with security standards with proactive risk analysis
- Reduce the complexity of your hybrid network environment
Fuel: When it comes to automation changes, what's the greatest challenge to keep in mind?
Joe & Erez: We believe the greatest challenge in automating changes is to implement them with security and accuracy, and in alignment with a central policy. Specifically, for Palo Alto Networks, changes have to be designed and implemented according to the device groups' framework of Panorama.
Without an accurate understanding of device groups' hierarchy, the risk analysis and design of the required change may mislead the administrator and open the wrong access. Concerns of security and accuracy are usually an inhibitor for automating security operations, but with a solution like Tufin, you can gain more control over changes to firewall and device group policies.
Fuel: What are the benefits of automating changes this way?
Joe & Erez: With policy-based automation, security and network teams gain security and accuracy on top of productivity. There are many solutions for change automation, but most of them don't provide the accurate analysis of Panorama device group policies and cannot ensure compliance with security standards and regulations.
Another benefit is the ability to automate security and connectivity changes across a hybrid network, meaning not only for Palo Alto Networks next-generation policies, but also for any other physical firewalls and routers and/or private and public cloud platforms.
Tufin customers have some of the most complex, hybrid networks and need a central console for managing security policies across vendors and platforms to maintain consistency and compliance. For example, Palo Alto Networks customers that are also using VMware NSX, AWS and/or Cisco routers are leveraging the
Tufin Orchestration Suite to gain visibility and control from a single pane of glass.
Fuel: What is the key takeaway that attendees can expect from this webinar?
Joe & Erez: Attendees will learn how policy-based automation can help address challenges that hinder the adoption of firewall automation and increase productivity without compromising control. Attendees will understand the value of Tufin firewall automation and how together with Palo Alto Networks next-generation firewall policies they can:
- Implement security changes in minutes instead of days
- Ensure continuous compliance with security standards
- Reduce complexity of managing a hybrid network
Tuesday, May 11, 2017
10:00 a.m. - 11:00 a.m. Central Time
Speaker: Joe Schreiber, Technical Director of Business Development at Tufin; Erez Tadmor, Senior Product Manager, Automation and Orchestration at Tufin
