SECURITY COMPLIANCE & FIREWALL ORCHESTRATION
Situation: Manual Compliance & Firewall Orchestration
- Without automated security policy compliance management in place all security policy change requests require manual human intervention.
- A user request to update a security policy creates a ServiceNow (or similar ITSM) ticket, specifying the target security policy and the changes to be made.
A member of the SecOps team manually reviews and takes action on the requested changes. This involves checking the policy changes to ensure they have been defined correctly and are not in conflict with other policies.
- The ITSM ticket is then updated and closed. Although this process is well-understood, it is ineﬃcient and prone to human error that can result in disruption or downtime.
Manual Compliance & Firewall Orchestration
The Conventional Workflow Approach
A user recognizes that a service has gone down and creates a ServiceNow ticket. Service Ops assigns the ticket to NetOps with a Priority 1.
NetOps team members now manually start diagnostics, discovering that an interface is down. Remediation action is performed to bring up the interface.
NetOps team now either updates the ticket if successful or continues running diagnostics to discover why the interface went down, staying as a priority level 1 task. The ServiceNow record is then updated and closed.
Orchestral.ai's Composer Solution
Automated Security Compliance & Firewall Orchestration
Composer Security Automation & Orchestration
- With the addition of Composer’s event-driven architecture, security policy change requests can be validated and implemented automatically.
- For example, an operator can initiate a change request with Composer directly or they can do so with an ITSM ticket that triggers a Composer workflow.
- And, once validated, Composer orchestrates a cascade or changes across the security infrastructure to ensure the end-to-end configuration is accurate and policy compliant.
- Next, Composer will ensure that the validated and implemented changes are synchronized with the appropriate security policy management tool.
- Composer will then reconcile the ITSM ticket corresponding to the change request and notify the SecOps team so they are aware that the change request has been successfully implemented.
- With Composer, SecOps teams can automate management of the security policy change life-cycle, with a dramatic reduction in the response time for change requests while minimizing the risk of disruption due to conflicting or non-compliant changes.