SlideShare a Scribd company logo

Intent Based Networking: turning intentions into reality with network security policy management

S
shira koper

The document discusses Intent-Based Networking (IBN), which enables the translation of business policies into network configurations, automated implementations, and continuous validation of network state in real-time. It highlights Algosec's capabilities in supporting IBN through automation, awareness of network state, and assurance mechanisms to align security with business processes. The presentation emphasizes the differentiation of IBN from traditional network management approaches and the importance of real-time compliance and risk management.

Technology
1 of 45
Downloaded 59 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
Intent Based Networking - Turning Intentions Into Reality With Security Policy Management Edy Almer, VP Product
WELCOME Have a question? Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 2
3 | Confidential
WHAT IS IT – ANDREW LERNER@GARTNER • Isn’t Intent Based Networking just a fancy term for SDN ? • No, although the early usage and value will seem similar. Advanced automation solutions typically do not: a) Translate what to how b) Validate that desired intent is being met c) Continuously ingest a broad set of real-time network state indicators • A good intent-based networking system will embed advanced automation, but you can (and many do) advanced automation without Intent.
WHAT IS IT – SANJIT GANGULI @GARTNER
WHAT IS IT – SANJIT GANGULI@GARTNER • Translation and Validation — The system takes a higher-level business policy ( what ) as input from end users and converts it to the necessary network configuration ( how ). The system then generates and validates the resulting design and configuration for correctness. • Automated Implementation — The system can configure the appropriate network changes ( how ) across existing network infrastructure. This is typically done via network automation and/or network orchestration. • Awareness of Network State — The system ingests real-time network status for systems under its administrative control, and is protocol- and transport- agnostic. • Assurance and Dynamic Optimization/Remediation — The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met.
ARE YOU DEPLOYING INTENT BASED NETWORKING? • Yes – Cisco Tetration, Cisco ACI • Yes – Juniper • No – its just marketing fluff • Yes – other. Please let us know which in questions tab Please vote using the “votes from audience” tab in your BrightTALK panel
WHAT ARE MY OPTIONS TODAY ? 1. Technically automate heterogenous networks, without intent and without understanding – Orchestration systems (Chef, Ansible) and dedicated systems 2. Declare intent, but have very limited automation capabilities – anybody trailing (poll) 3. Describe application, and automate operations, but for single type of infrastructure – VMware NSX, Cisco ACI 8 | Confidential
THE ALGOSEC ECOSYSTEM Integrate Support Manage
10 | Confidential AlgoSec enables companies to align security with their business processes Business-driven Agility Business-driven Visibility Business-driven Security BUSINESS DRIVEN SECURITY MANAGEMENT
Business-Driven Security Business-Driven Agility Business-Driven Network Security Policy Management Unified Visibility Across Cloud, SDN & On-Premise Enterprise Networks Auditing & Compliance Risk Management Business Continuity Digital Transformation Change Management Incident Response DevSecOpsMicro- Segmentation BUSINESS-DRIVEN SECURITY MANAGEMENT USE CASES
THE ALGOSEC SECURITY MANAGEMENT SOLUTION 12 | Confidential
ALGOSEC FOR INTENT BASED NETWORKING • (ABF) Translation and Validation — The system takes a higher-level business policy ( what ) as input from end users and converts it to the necessary network configuration ( how ). The system then generates and validates the resulting design and configuration for correctness. • (AFF) Automated Implementation — The system can configure the appropriate network changes ( how ) across existing network infrastructure. This is typically done via network automation and/or network orchestration. • (AFA) Awareness of Network State — The system ingests real-time network status for systems under its administrative control, and is protocol- and transport-agnostic. • (Additional Analytics + RT connectivity check) Assurance and Dynamic Optimization/Remediation — The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met. 13 | Confidential
ALGOSEC FOR INTENT BASED NETWORKING • (ABF) Translation and Validation — The system takes a higher-level business policy ( what ) as input from end users and converts it to the necessary network configuration ( how ). The system then generates and validates the resulting design and configuration for correctness. • (AFF) Automated Implementation — The system can configure the appropriate network changes ( how ) across existing network infrastructure. This is typically done via network automation and/or network orchestration. • (AFA) Awareness of Network State — The system ingests real-time network status for systems under its administrative control, and is protocol- and transport-agnostic. • (Additional Analytics + RT connectivity check) Assurance and Dynamic Optimization/Remediation — The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met. 14 | Confidential
Discover, provision, maintain and securely decommission network connectivity for critical business applications. 15 | Confidential APPLICATION CONNECTIVITY MANAGEMENT Automated discovery and mapping of business connectivity Translation of business requirements in to networking terms Secure application decommissioning Business-centric risk analysis Impact assessment to avoid outages Rapid datacenter and cloud migration
ALGOSEC FOR INTENT BASED NETWORKING • (ABF) Translation and Validation — The system takes a higher-level business policy ( what ) as input from end users and converts it to the necessary network configuration ( how ). The system then generates and validates the resulting design and configuration for correctness. • (AFF) Automated Implementation — The system can configure the appropriate network changes ( how ) across existing network infrastructure. This is typically done via network automation and/or network orchestration. • (AFA) Awareness of Network State — The system ingests real-time network status for systems under its administrative control, and is protocol- and transport-agnostic. • (Additional Analytics + RT connectivity check) Assurance and Dynamic Optimization/Remediation — The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met. 16 | Confidential
Process firewall changes with zero- touch automation. 17 | Confidential SECURITY POLICY CHANGE AUTOMATION Security policy workflow automation Topology analysis and optimal rule design SLA tracking and complete audit trail Integration with ticketing systems Change validation and reconciliation Proactive risk and compliance verification Automated policy push
ALGOSEC FOR INTENT BASED NETWORKING • (ABF) Translation and Validation — The system takes a higher-level business policy ( what ) as input from end users and converts it to the necessary network configuration ( how ). The system then generates and validates the resulting design and configuration for correctness. • (AFF) Automated Implementation — The system can configure the appropriate network changes ( how ) across existing network infrastructure. This is typically done via network automation and/or network orchestration. • (AFA) Awareness of Network State — The system ingests real-time network status for systems under its administrative control, and is protocol- and transport-agnostic. • (Additional Analytics + RT connectivity check) Assurance and Dynamic Optimization/Remediation — The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met. 18 | Confidential
19 | Confidential NETWORK ABSTRACTION & POLICY ANALYSIS Topology map and traffic simulation Firewall rule optimization and cleanup Network segmentation enforcement Baseline configuration compliance Audit-ready compliance reports Risk assessment Visibility and analysis of complex network security policies across on premise and cloud networks.
GENERATE AND PUSH WHITELIST POLICIES: CISCO TETRATION/ACI/ASA/IOS/FTD • Cisco Tetration Analytics generates whitelist policy recommendations and enforces host based polices • AlgoSec configures security policies to multi-vendor security devices and SDN controllers (automatically/with modifications) ACI
ALGOBOT: HELPS USERS VERIFY INTENT IS MET 21 | Confidential
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
Intent Based Networking: turning intentions into reality with network security policy management
SUMMARY • Intent-Based Networking is an exciting advancement in Networking • Application owners can express intent and receive a continuously maintained active path • Algosec implements intent-based networking today!
MORE RESOURCES 41 www.algosec.com/resources WHITEPAPER DATASHEET PPT
UPCOMING WEBINARS https://www.algosec.com/webinars Topic: Agility vs. Control: The Security Policy Management Balancing Act When: Tuesday, May 15 Presented by: Anner Kushnir, VP Technologies Topic: Best Practices to Manage Security Across a Software Defined Network When: Tuesday, May 22 Presented by: Omer Ganot, Director of Product Management ---Sign up now ---
AlgoSummit World Tour 2018 AlgoSummit EMEA 2018 The premier event for AlgoSec customers and channel partners Barcelona, May 4-7, 2018 For more info: https://www.algosec.com/algosummit/
BE OUR FRIEND Follow us for the latest on security policy management trends, tips & tricks, thought leadership, fun stuff and prizes, and much more! And subscribe to our YouTube channel for a wide range of educational videos presented by Prof. Wool www.linkedin.com/company/algosec www.facebook.com/AlgoSec www.youtube.com/user/AlgoSec www.twitter.com/algosec blog.algosec.com
Thank You

More Related Content

What's hot (20)

PPTX
Shift Happens: Eliminating the Risks of Network Security Policy Changes
AlgoSec
 
PPTX
Put out audit security fires, pass audits -every time
AlgoSec
 
PPTX
Best Practics for Automating Next Generation Firewall Change Processes
Adi Gazit Blecher
 
PDF
Build and enforce defense in depth - an algo sec-cisco tetration webinar
AlgoSec
 
PPT
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
AlgoSec
 
PPTX
Tying cyber attacks to business processes, for faster mitigation
Maytal Levi
 
PPTX
A business driven approach to security policy management a technical perspec...
AlgoSec
 
PDF
Avoid outages-from-misconfigured-devices-webinar-slides
AlgoSec
 
PDF
Security Change Management: Agility vs. Control
AlgoSec
 
PDF
2021 01-13 reducing risk-of_ransomware
AlgoSec
 
PDF
Taking the fire drill out of making firewall changes
AlgoSec
 
PDF
Radically reduce firewall rules with application-driven rule recertification
AlgoSec
 
PPTX
Simplifying Security Management in the Virtual Data Center
AlgoSec
 
PDF
Examining the Impact of Security Management on the Business (Infographic)
AlgoSec
 
PDF
Managing application connectivity securely through a merger or acquisition – ...
AlgoSec
 
PDF
Managing risk and vulnerabilities in a business context
AlgoSec
 
PDF
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
AlgoSec
 
PPTX
AWS Security Fundamentals: Dos and Don’ts
AlgoSec
 
PPTX
Technologies You Need to Safely Use the Cloud
CloudPassage
 
PDF
Cisco aci and AlgoSec webinar
Maytal Levi
 
Shift Happens: Eliminating the Risks of Network Security Policy Changes
AlgoSec
 
Put out audit security fires, pass audits -every time
AlgoSec
 
Best Practics for Automating Next Generation Firewall Change Processes
Adi Gazit Blecher
 
Build and enforce defense in depth - an algo sec-cisco tetration webinar
AlgoSec
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
AlgoSec
 
Tying cyber attacks to business processes, for faster mitigation
Maytal Levi
 
A business driven approach to security policy management a technical perspec...
AlgoSec
 
Avoid outages-from-misconfigured-devices-webinar-slides
AlgoSec
 
Security Change Management: Agility vs. Control
AlgoSec
 
2021 01-13 reducing risk-of_ransomware
AlgoSec
 
Taking the fire drill out of making firewall changes
AlgoSec
 
Radically reduce firewall rules with application-driven rule recertification
AlgoSec
 
Simplifying Security Management in the Virtual Data Center
AlgoSec
 
Examining the Impact of Security Management on the Business (Infographic)
AlgoSec
 
Managing application connectivity securely through a merger or acquisition – ...
AlgoSec
 
Managing risk and vulnerabilities in a business context
AlgoSec
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
AlgoSec
 
AWS Security Fundamentals: Dos and Don’ts
AlgoSec
 
Technologies You Need to Safely Use the Cloud
CloudPassage
 
Cisco aci and AlgoSec webinar
Maytal Levi
 

Similar to Intent Based Networking: turning intentions into reality with network security policy management (20)

PPTX
Platform Observability and Infrastructure Closed Loops
Liz Warner
 
PPTX
AlgosecOverviewforcybersecurityinprotectio.pptx
vignesh702129
 
PDF
Cisco Connect 2018 Thailand - Cisco automation
NetworkCollaborators
 
PDF
Reducing Cost with DNA Automation
Cisco Canada
 
PDF
Best practices for building network operations center
Satish Chavan
 
DOCX
Key Features of High-Performance NOC Services from AI-NOC
HEX64
 
PDF
Implementing and auditing security controls part 2
Rafel Ivgi
 
PPTX
Acceleration_and_Security_draft_v2
Srinivasa Addepalli
 
PPTX
Service Assurance Constructs for Achieving Network Transformation by Sunku Ra...
Liz Warner
 
PPTX
Service Assurance Constructs for Achieving Network Transformation - Sunku Ran...
Liz Warner
 
PPTX
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
ThousandEyes
 
PPTX
SyAM Software Solutions Overview
SyAM Software
 
PPTX
What is SCADA system? SCADA Solutions for IoT
Embitel Technologies - A VOLKSWAGEN GROUP COMPANY
 
PDF
Whitepaper factors to consider when selecting an open source infrastructure ...
apprize360
 
PPTX
Design and Deploy Secure Clouds for Financial Services Use Cases
PLUMgrid
 
PDF
Visualizing Your Network Health - Know your Network
DellNMS
 
PDF
NMS Projects and POCs completed and ongoing for OSS NAM v 1.5 Linkedin
Javier Guillermo, MBA, MSc, PMP
 
PPTX
Empowering Uptime with a 24/7 Network Operations Center (NOC)
dikshanfc
 
PDF
Whitepaper factors to consider commercial infrastructure management vendors
apprize360
 
PDF
Compliance-as-a-Service document pdf text
Earthling security
 
Platform Observability and Infrastructure Closed Loops
Liz Warner
 
AlgosecOverviewforcybersecurityinprotectio.pptx
vignesh702129
 
Cisco Connect 2018 Thailand - Cisco automation
NetworkCollaborators
 
Reducing Cost with DNA Automation
Cisco Canada
 
Best practices for building network operations center
Satish Chavan
 
Key Features of High-Performance NOC Services from AI-NOC
HEX64
 
Implementing and auditing security controls part 2
Rafel Ivgi
 
Acceleration_and_Security_draft_v2
Srinivasa Addepalli
 
Service Assurance Constructs for Achieving Network Transformation by Sunku Ra...
Liz Warner
 
Service Assurance Constructs for Achieving Network Transformation - Sunku Ran...
Liz Warner
 
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
ThousandEyes
 
SyAM Software Solutions Overview
SyAM Software
 
What is SCADA system? SCADA Solutions for IoT
Embitel Technologies - A VOLKSWAGEN GROUP COMPANY
 
Whitepaper factors to consider when selecting an open source infrastructure ...
apprize360
 
Design and Deploy Secure Clouds for Financial Services Use Cases
PLUMgrid
 
Visualizing Your Network Health - Know your Network
DellNMS
 
NMS Projects and POCs completed and ongoing for OSS NAM v 1.5 Linkedin
Javier Guillermo, MBA, MSc, PMP
 
Empowering Uptime with a 24/7 Network Operations Center (NOC)
dikshanfc
 
Whitepaper factors to consider commercial infrastructure management vendors
apprize360
 
Compliance-as-a-Service document pdf text
Earthling security
 
Ad

More from shira koper (7)

PDF
25 years of firewalls and network filtering - From antiquity to the cloud
shira koper
 
PDF
Migrating and Managing Security in an AWS Environment- Best Practices
shira koper
 
PDF
Simple Misconfiguration Equals Network Vulnerability!
shira koper
 
PDF
Managing Application Connectivity in the World of Network Security
shira koper
 
PDF
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
shira koper
 
PDF
DevSecOps: Putting the Sec into the DevOps
shira koper
 
PDF
Security a Revenue Center: How Security Can Drive Your Business
shira koper
 
25 years of firewalls and network filtering - From antiquity to the cloud
shira koper
 
Migrating and Managing Security in an AWS Environment- Best Practices
shira koper
 
Simple Misconfiguration Equals Network Vulnerability!
shira koper
 
Managing Application Connectivity in the World of Network Security
shira koper
 
Movin' On Up to the Cloud: How to Migrate your Application Connectivity
shira koper
 
DevSecOps: Putting the Sec into the DevOps
shira koper
 
Security a Revenue Center: How Security Can Drive Your Business
shira koper
 
Ad

Recently uploaded (20)

PPT
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
PPTX
Webinar: Introduction to LF Energy EVerest
DanBrown980551
 
PPTX
Building and Operating a Private Cloud with CloudStack and LINBIT CloudStack ...
ShapeBlue
 
PDF
The Builder’s Playbook - 2025 State of AI Report.pdf
jeroen339954
 
PPTX
MSP360 Backup Scheduling and Retention Best Practices.pptx
MSP360
 
PDF
Apache CloudStack 201: Let's Design & Build an IaaS Cloud
ShapeBlue
 
PPTX
Building Search Using OpenSearch: Limitations and Workarounds
Sease
 
PDF
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
PDF
Windsurf Meetup Ottawa 2025-07-12 - Planning Mode at Reliza.pdf
Pavel Shukhman
 
PDF
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
PDF
Blockchain Transactions Explained For Everyone
CIFDAQ
 
PDF
Français Patch Tuesday - Juillet
Ivanti
 
PDF
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
PDF
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
PDF
Human-centred design in online workplace learning and relationship to engagem...
Tracy Tang
 
PDF
Rethinking Security Operations - SOC Evolution Journey.pdf
Haris Chughtai
 
PDF
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
PDF
SFWelly Summer 25 Release Highlights July 2025
Anna Loughnan Colquhoun
 
PDF
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
PDF
Fl Studio 24.2.2 Build 4597 Crack for Windows Free Download 2025
faizk77g
 
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
Webinar: Introduction to LF Energy EVerest
DanBrown980551
 
Building and Operating a Private Cloud with CloudStack and LINBIT CloudStack ...
ShapeBlue
 
The Builder’s Playbook - 2025 State of AI Report.pdf
jeroen339954
 
MSP360 Backup Scheduling and Retention Best Practices.pptx
MSP360
 
Apache CloudStack 201: Let's Design & Build an IaaS Cloud
ShapeBlue
 
Building Search Using OpenSearch: Limitations and Workarounds
Sease
 
LLMs.txt: Easily Control How AI Crawls Your Site
Keploy
 
Windsurf Meetup Ottawa 2025-07-12 - Planning Mode at Reliza.pdf
Pavel Shukhman
 
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
Blockchain Transactions Explained For Everyone
CIFDAQ
 
Français Patch Tuesday - Juillet
Ivanti
 
Building Real-Time Digital Twins with IBM Maximo & ArcGIS Indoors
Safe Software
 
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
Human-centred design in online workplace learning and relationship to engagem...
Tracy Tang
 
Rethinking Security Operations - SOC Evolution Journey.pdf
Haris Chughtai
 
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
SFWelly Summer 25 Release Highlights July 2025
Anna Loughnan Colquhoun
 
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
Fl Studio 24.2.2 Build 4597 Crack for Windows Free Download 2025
faizk77g
 

Intent Based Networking: turning intentions into reality with network security policy management

  • 1. Intent Based Networking - Turning Intentions Into Reality With Security Policy Management Edy Almer, VP Product
  • 2. WELCOME Have a question? Submit it via the chat This webinar is being recorded! Slides and recording will be sent to you after the webinar 2
  • 4. WHAT IS IT – ANDREW LERNER@GARTNER • Isn’t Intent Based Networking just a fancy term for SDN ? • No, although the early usage and value will seem similar. Advanced automation solutions typically do not: a) Translate what to how b) Validate that desired intent is being met c) Continuously ingest a broad set of real-time network state indicators • A good intent-based networking system will embed advanced automation, but you can (and many do) advanced automation without Intent.
  • 5. WHAT IS IT – SANJIT GANGULI @GARTNER
  • 6. WHAT IS IT – SANJIT GANGULI@GARTNER • Translation and Validation — The system takes a higher-level business policy ( what ) as input from end users and converts it to the necessary network configuration ( how ). The system then generates and validates the resulting design and configuration for correctness. • Automated Implementation — The system can configure the appropriate network changes ( how ) across existing network infrastructure. This is typically done via network automation and/or network orchestration. • Awareness of Network State — The system ingests real-time network status for systems under its administrative control, and is protocol- and transport- agnostic. • Assurance and Dynamic Optimization/Remediation — The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met.
  • 7. ARE YOU DEPLOYING INTENT BASED NETWORKING? • Yes – Cisco Tetration, Cisco ACI • Yes – Juniper • No – its just marketing fluff • Yes – other. Please let us know which in questions tab Please vote using the “votes from audience” tab in your BrightTALK panel
  • 8. WHAT ARE MY OPTIONS TODAY ? 1. Technically automate heterogenous networks, without intent and without understanding – Orchestration systems (Chef, Ansible) and dedicated systems 2. Declare intent, but have very limited automation capabilities – anybody trailing (poll) 3. Describe application, and automate operations, but for single type of infrastructure – VMware NSX, Cisco ACI 8 | Confidential
  • 10. 10 | Confidential AlgoSec enables companies to align security with their business processes Business-driven Agility Business-driven Visibility Business-driven Security BUSINESS DRIVEN SECURITY MANAGEMENT
  • 11. Business-Driven Security Business-Driven Agility Business-Driven Network Security Policy Management Unified Visibility Across Cloud, SDN & On-Premise Enterprise Networks Auditing & Compliance Risk Management Business Continuity Digital Transformation Change Management Incident Response DevSecOpsMicro- Segmentation BUSINESS-DRIVEN SECURITY MANAGEMENT USE CASES
  • 12. THE ALGOSEC SECURITY MANAGEMENT SOLUTION 12 | Confidential
  • 13. ALGOSEC FOR INTENT BASED NETWORKING • (ABF) Translation and Validation — The system takes a higher-level business policy ( what ) as input from end users and converts it to the necessary network configuration ( how ). The system then generates and validates the resulting design and configuration for correctness. • (AFF) Automated Implementation — The system can configure the appropriate network changes ( how ) across existing network infrastructure. This is typically done via network automation and/or network orchestration. • (AFA) Awareness of Network State — The system ingests real-time network status for systems under its administrative control, and is protocol- and transport-agnostic. • (Additional Analytics + RT connectivity check) Assurance and Dynamic Optimization/Remediation — The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met. 13 | Confidential
  • 14. ALGOSEC FOR INTENT BASED NETWORKING • (ABF) Translation and Validation — The system takes a higher-level business policy ( what ) as input from end users and converts it to the necessary network configuration ( how ). The system then generates and validates the resulting design and configuration for correctness. • (AFF) Automated Implementation — The system can configure the appropriate network changes ( how ) across existing network infrastructure. This is typically done via network automation and/or network orchestration. • (AFA) Awareness of Network State — The system ingests real-time network status for systems under its administrative control, and is protocol- and transport-agnostic. • (Additional Analytics + RT connectivity check) Assurance and Dynamic Optimization/Remediation — The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met. 14 | Confidential
  • 15. Discover, provision, maintain and securely decommission network connectivity for critical business applications. 15 | Confidential APPLICATION CONNECTIVITY MANAGEMENT Automated discovery and mapping of business connectivity Translation of business requirements in to networking terms Secure application decommissioning Business-centric risk analysis Impact assessment to avoid outages Rapid datacenter and cloud migration
  • 16. ALGOSEC FOR INTENT BASED NETWORKING • (ABF) Translation and Validation — The system takes a higher-level business policy ( what ) as input from end users and converts it to the necessary network configuration ( how ). The system then generates and validates the resulting design and configuration for correctness. • (AFF) Automated Implementation — The system can configure the appropriate network changes ( how ) across existing network infrastructure. This is typically done via network automation and/or network orchestration. • (AFA) Awareness of Network State — The system ingests real-time network status for systems under its administrative control, and is protocol- and transport-agnostic. • (Additional Analytics + RT connectivity check) Assurance and Dynamic Optimization/Remediation — The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met. 16 | Confidential
  • 17. Process firewall changes with zero- touch automation. 17 | Confidential SECURITY POLICY CHANGE AUTOMATION Security policy workflow automation Topology analysis and optimal rule design SLA tracking and complete audit trail Integration with ticketing systems Change validation and reconciliation Proactive risk and compliance verification Automated policy push
  • 18. ALGOSEC FOR INTENT BASED NETWORKING • (ABF) Translation and Validation — The system takes a higher-level business policy ( what ) as input from end users and converts it to the necessary network configuration ( how ). The system then generates and validates the resulting design and configuration for correctness. • (AFF) Automated Implementation — The system can configure the appropriate network changes ( how ) across existing network infrastructure. This is typically done via network automation and/or network orchestration. • (AFA) Awareness of Network State — The system ingests real-time network status for systems under its administrative control, and is protocol- and transport-agnostic. • (Additional Analytics + RT connectivity check) Assurance and Dynamic Optimization/Remediation — The system continuously validates (in real time) that the original business intent of the system is being met, and can take corrective actions (such as blocking traffic, modifying network capacity or notifying) when desired intent is not met. 18 | Confidential
  • 19. 19 | Confidential NETWORK ABSTRACTION & POLICY ANALYSIS Topology map and traffic simulation Firewall rule optimization and cleanup Network segmentation enforcement Baseline configuration compliance Audit-ready compliance reports Risk assessment Visibility and analysis of complex network security policies across on premise and cloud networks.
  • 20. GENERATE AND PUSH WHITELIST POLICIES: CISCO TETRATION/ACI/ASA/IOS/FTD • Cisco Tetration Analytics generates whitelist policy recommendations and enforces host based polices • AlgoSec configures security policies to multi-vendor security devices and SDN controllers (automatically/with modifications) ACI
  • 21. ALGOBOT: HELPS USERS VERIFY INTENT IS MET 21 | Confidential
  • 40. SUMMARY • Intent-Based Networking is an exciting advancement in Networking • Application owners can express intent and receive a continuously maintained active path • Algosec implements intent-based networking today!
  • 42. UPCOMING WEBINARS https://www.algosec.com/webinars Topic: Agility vs. Control: The Security Policy Management Balancing Act When: Tuesday, May 15 Presented by: Anner Kushnir, VP Technologies Topic: Best Practices to Manage Security Across a Software Defined Network When: Tuesday, May 22 Presented by: Omer Ganot, Director of Product Management ---Sign up now ---
  • 43. AlgoSummit World Tour 2018 AlgoSummit EMEA 2018 The premier event for AlgoSec customers and channel partners Barcelona, May 4-7, 2018 For more info: https://www.algosec.com/algosummit/
  • 44. BE OUR FRIEND Follow us for the latest on security policy management trends, tips & tricks, thought leadership, fun stuff and prizes, and much more! And subscribe to our YouTube channel for a wide range of educational videos presented by Prof. Wool www.linkedin.com/company/algosec www.facebook.com/AlgoSec www.youtube.com/user/AlgoSec www.twitter.com/algosec blog.algosec.com