Clearing up the Clutter with Network Security Policy Management

Security Special Supplement

Clearing up the Clutter with Network Security Policy Management

By Special Guest
Ruvi Kitov, CEO, Tufin
  |  December 15, 2017

Today, IT teams confront the difficult task of protecting complex networks that are subject to constant change driven by highly dynamic businesses. Manual processes to manage this complex environment are inefficient, resulting in ineffective use of security staff, leading to potential security and compliance gaps. Network security policy management clears up the clutter, enabling security teams to achieve visibility and control in the most complex networks – saving time and cost, and increasing business agility.

How NSPM Helps

NSPM makes security manageable by automating and orchestrating network rules and policy changes. It helps network security teams by providing visibility into network devices, rules, and policies; design tools and analytics that optimize firewall policy performance for single or multiple vendor technologies; and automated change management workflows that conform with business policies and comply with industry regulations.

Since many firewalls contain hundreds of rules accumulated over years, these rules are often outdated, conflicting, and/or redundant. This can negatively affect a network’s performance, security, and availability. That, in turn, can cause serious damage to the business. Using NSPM, existing rules are cleaned up and streamlined. Next, a centralized, policy-based approach is implemented to ensure that new rules are correct the first time around, resulting in a consistently secure firewall configuration at all times – or what is referred to as continuous compliance.

NSPM also improves application-based visibility and control by abstracting underlying network rules and policies into an easy-to-read application map, making management of application connectivity easier.

The Hype Cycle

In the latest Gartner (News - Alert) Hype Cycle for Infrastructure Protection, 2016, published on July 6, 2016, and compiled by Greg Young with analysis by Adam Hills, NSPM is given a benefit rating of high. According to the report: “NSPM tools are not just for rule reduction, but are also for managing thousands of rules across many enforcement points. Some NSPM vendors have added capabilities for policy within the cloud, and for migrating security to the cloud. Users with cloud deployments or considering cloud deployments should consider NSPM.”

Applying the right security policies at the right network control points can be challenging as networks grow. NSPM tools reduce headaches for network security teams by providing visibility and simplifying policy provisioning.

The Cloud & Breaches

Companies are increasingly looking to cloud computing to reduce costs and increase efficiency. But they worry about the security of the data and other functions they are moving to the cloud.

Enterprises transitioning to the cloud often have a hodgepodge network comprised of both on-premises and cloud-based solutions, making network security management even more challenging. According to a survey conducted by ESG, a majority of respondents confirmed that network security operations have become more difficult over the past two years. More than 90 percent of the 150 enterprise IT pros surveyed said they are already using cloud-based infrastructure as a service and/or platform as- a service as part of their IT strategies. But more than two-thirds said that their organization is still learning how to apply security policies to public/private cloud infrastructure.

“We're witnessing a new network model evolving: the heterogeneous, multi-dimensional cloud infrastructure, in which enterprises have a little bit of everything – AWS, Microsoft Azure, Google, IBM (News - Alert) SoftLayer, VMware, and Cisco. As this model evolves, organizations are struggling to implement policies that help them manage all of these fragments and meet security, compliance, and risk mandates,” said Jon Oltsik, principal analyst with ESG.

Complexity is the reality of today’s enterprise networks, and the need for visibility and control is essential to increase business agility and maintain a tight security posture. NSPM provides a powerful solution that addresses these challenges while helping organizations meet their business objectives. The market will continue to experience rapid growth as more and more enterprises realize the many benefits of these solutions. The time is now for NSPM. 

Ruvi Kitov is CEO and Co-Founder of Tufin (

Edited by Erik Linask


Sign up for our free weekly Internet Telephony Newsletter!

Get the latest expert news, reviews & resources. Tailored specifically for VoIP and IP Communications.