Simply put, Security Policy Orchestration (SPO) is intelligent network change automation that is automated. It goes beyond simple task automation by allowing users to gain a true understanding of the network through simulation and data analytics. Security personnel benefit from an additional level of governance and control, which is essential for ensuring security and business continuity.
Security Policy Orchestration reflects the increasing importance that managed security policies are having on information technology (IT) infrastructure. Security policies are referred to as firewall policies in network security jargon, but they can also apply to access control lists (ACLs), router and load balancer configurations, among other things. To manage security policies effectively, automation is required. Security Policy Orchestration has emerged in response to some factors occurring at the same time, chief among them being the following:
Business agility is becoming increasingly important as a key competitive differentiator. As a result, there is an increased demand for automation across the IT infrastructure, and particularly at the network layer.
When it comes to internal application deployment, IT organizations are under pressure to match the speed, convenience, and self-service provisioning that the cloud environment provides.
To service multiple data centers, enterprise networks are becoming larger and more complex. To accommodate this growth, a wide range of traffic routing and shaping technologies are being implemented.
With the widespread use of stateful and next-generation firewalls for external and internal network segmentation, the size of the enterprise firewall estate has increased significantly, forcing security policies to morph into complex rule sets that map how business is conducted over the network.
The collective impact of these developments on network and security operations tasks is having a profound impact on people, processes, and technology, including DevOps groups, which, like their Security Operations (SecOps) brethren, are under pressure to roll out services more quickly than they were previously accustomed to.
With Security Policy Orchestration, that pressure is alleviated, allowing SecOps teams to keep up with business demands, all while maintaining security and preventing an outage or data security breach. It is unlikely that security will become a bottleneck that causes DevOps teams to sluggishly implement and maintain Security Policy changes across a growing number of systems – especially when security, compliance, and governance concerns are taken into consideration.
While Security Policy Orchestration originated in network security operations, its benefits extend far beyond the realm of network security. Even though it will continue to be a SecOps function, its impact on DevOps will only grow in the future, particularly as Network and Security Operations become more integrated. Automation, on the other hand, is the fundamental enabler of Security Policy Orchestration.
The result is that when it comes to automating application connectivity, there is a lot of common ground between DevOps and SecOps. Although it may not have been an issue for you at the time, my introduction to DevOps came as a result of my work with Tufin customers who wanted to automate application connectivity. It’s a topic that is extremely relevant to DevOps teams, and it’s a topic that I intend to cover extensively in this blog because those of us who are leading the Orchestration charge within Security Operations are like-minded with DevOps advocates.
The goal of Security Policy Orchestration, contrary to popular belief, is not to constrain a company, but rather to liberate it and assist DevOps teams in achieving their vision while maintaining the lowest possible level of information technology risk. After all, when it comes to Internet security, there is no such thing as “bulletproof security.”
Instead, security professionals concentrate on risk reduction, which puts us in a much better position to add value to the organization. Furthermore, because so many of today’s most serious threats (such as APTs) are network-based, implementing the principles of Security Policy Orchestration – which automates best security practices into change processes – is in the mutual best interest of both SecOps and DevOps teams.