HIGHLY SCALABLE NETWORK SECURITY POLICY AUTOMATION www.intellimentsec.com |
[email protected] | Tel. +34 955 323 646
INTELLIMENT DEVELOPS SECURITY AUTOMATION SOFTWARE We allow enterprises to automate network security policy management in order to help them better handle security at scale and to respond faster to network threats
MASSIVE AGILITY GAINS
MASSIVE COST REDUCTION
ZERO MISCONFIGURATIONS
YEARS AGO, NETWORK SECURITY OPERATION WAS A CRAFTSMEN PROCESS Networks and security were manageable because there were a few vendors offering technology to build physical networks (switches, routers, firewalls, etc.)
ON PREMISE
Firewall
Router
Switch
LB
MANAGED BY THE SAME CRAFTSMEN
heterogeneous silos built with different technologies of many different vendors
And there is a worldwide shortage of networking professionals (1.2M people in 20151)
ON PREMISE
Firewall Switch
Router
PUBLIC CLOUD
vFirewall vLB
vRouter
PRIVATE CLOUD
vFirewall vLB
1. There was a worldwide shortage of networking professionals of 1.2M people in 2015. Global Talent Competitive Index, 2015.
vRouter
SDN
vFirewall vSwitch
vRouter
INTELLIMENT UNIFIES NETWORK SECURITY POLICY VISIBILITY AND OPERATIONS, BRIDGING SILOS Intelliment has removed the drivers that cause management complexity growth Security Policy Size
Number of security devices
Heterogeneity of the network
Network & Security Abstraction Layer (Controller)
ON PREMISE
Firewall Switch
Router
PUBLIC CLOUD
vFirewall vLB
vRouter
PRIVATE CLOUD
vFirewall vLB
vRouter
SDN
vFirewall vSwitch
vRouter
NETWORK SECURITY HAS BEEN MANAGED IN THE SAME WAY DURING THE LAST 30 YEARS! The management of the network security policy is a process that requires a large number of highly trained human resources
Manual
Time consuming
Error prone
There have been no new approaches to solve this problem since 2002 rather than 1. Live with the problems Assume that the process is slow and that threats will come in
2. Transfer the problem to a managed service Managed services profit is going down every year
3. Run periodic audits Because Enterprise systems are under continuous attack and are continuously compromised, an ad hoc approach to audit or incident response is the wrong mindset
INTELLIMENT IS A VENDOR NEUTRAL, UNIFIED, NETWORK SECURITY POLICY ABSTRACTION LAYER The abstraction layer (Controller) hides the complexity of both the network and the security policy. Enterprises are able to query, modify and deploy network security policies in seconds, regardless of the size, complexity and heterogeneity of their network. With zero misconfigurations and with no expert knowledge
Today:
Intelliment:
multiple teams and management interfaces
one team and one management interface API
CONTROLLER APPs
INTELLIMENT SECURITY IS A PLATFORM WHERE APPS CAN BE BUILT ON TOP OF THE CONTROLLER VIA ITS API Via its API, Intelliment can be integrated with existing Network, Security and DevOps products in order to serve as THE Security Automation powerhouse in enterprises, unlocking new use cases not previously possible for the first time in 20 years!
Other Products
Network
SIEM
Endpoint protection
Firewall
Tell me what is happening in the network
CONTROLLER
And I will automatically react
VPN
IDS/IPS DevOps Application Filtering
…
Content Filtering Ask complex questions about operations
…
USE CASE. DEVELOPMENT TEAMS Development teams can create networks and policies for services and applications
Configuration Management
• Increase the speed and frequency of deployments • Reduce # of people • Identify problems early • Reduce mistakes • Improve MTTR from fails Policies for services & applications
CONTROLLER
Generate & Deploy
Information about network visibility
Continuous Integration / Provisioning Monitoring
USE CASE. DAILY CHANGE MANAGEMENT For enterprises and service providers, where Intelliment can easily be inserted during migration projects • • • • •
Speed up service delivery Improve visibility&control Optimize the workforce Increase work capacity Minimizes risk of data breaches, and increase service availability: no more periodic audits • Improve negotiation and buying leverage: no more vendor lock-in
USE CASE: FAST RESPONSE TO NETWORK THREATS Service providers can create premium services on top of the abstraction layer, orchestrating network and security products already present in the customer
Security Policy Repository (actions)
1. Network data
Threat Intelligence
3. Relate risk with a pre-defined action
2. Send risk information
CONTROLLER
4. Push network changes
INTEGRATED VENDORS AND PRODUCTS
Infrastructure components • • • • • • • •
Checkpoint R71+ PaloAlto PanOS 6.0+ Fortinet FortiOS V4+ Cisco ASA 8.3+ Linux IPTables 1.4.10+ OpenDaylight Helium SDN Controller Cisco Open SDN Controller Cisco APIC-EM (Production and EFT2)
Other products •
Cisco ISE V2.0
Strong relationships with security vendors
HIGHLY SCALABLE NETWORK SECURITY POLICY AUTOMATION www.intellimentsec.com |
[email protected] | Tel. +34 955 323 646