Scribd Logo
Upload

Welcome to Scribd!

  • Skybox Change Manager: Automated Rule Life Cycle Management

    Uploaded by

    Hajar Toumzite
    14 views4 pages

    Original Title

    Datasheet_Change_Manager

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    14 views4 pages

    Skybox Change Manager: Automated Rule Life Cycle Management

    Uploaded by

    Hajar Toumzite

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 4

    SKYBOX CHANGE

    MANAGER
    AUTOMATED RULE LIFE CYCLE MANAGEMENT

    Datasheet

    Enterprises have to deal with a constant stream of firewall change


    requests. Despire the pressure that may be felt by the volume of those
    requests, or any implementation errors, it’s important that availability,
    security and compliance are not compromised. Skybox® Change Manager
    fully automates firewall change management workflows, including rule
    creation, recertification and deprovisioning. And its analytics–driven
    automation ensures each change is properly handled from request to
    implementation and verification.

    Change Manager delivers automated modeling capabilities to assess


    potential business impacts, and closed-loop rule life cycle management
    to verify that every change is executed as intended. With customized,
    automated workflows, IT security teams can improve change manage-
    ment efficiency by up to 80 percent.*
    With Skybox Change Manager, you can:

    • Fully automate firewall change management workflows, improving


    communication and efficiency across security teams

    • Validate proposed firewall changes by checking for access and rule


    policy violations, as well as new vulnerabilities

    • Use formalized tickets and closed-loop workflows to ensure changes


    match the original intent

    • Customize and simplify processes to reduce change management


    time by 80 percent*

    • Establish end-to-end rule life cycle management for secure infrastruc-


    ture and optimized firewalls

    *ROI provided by customer deployment analysis. Cost savings based on first year of a 150-
    firewall deployment compared to manual change management costs. Results may vary.

    Total visibility.
    Focused Protection.™
    Change Manager | Datasheet

    Change Management Workflows


    Skybox Change Manager fully automates firewall change management
    workflows to ensure continuous network security, availability
    and compliance.

    Change Manager uses Skybox’s unique modeling capabilities and


    analytics–driven automation to assess change impact prior to imple-
    WORKFLOW STATISTICS
    mentation. This proactive, intelligent approach ensures changes do not
    Statistics can be displayed for introduce new risk, violate policy or miss the original intent — all of which
    each workload, including: would require rollbacks that cost time and resources.

    • How many tickets with Our customizable workflows give you the power to standardize change
    change requests were processes throughout your organization while meeting the needs of
    opened during a selected specific teams and requests.
    period (firewalls for those
    Creation Workflow
    change requests)
    • Formalize change request using Skybox, a third-party ticketing system
    • Breakdown of change
    or hybrid of the two
    requests per type, and the
    total number of change • Identify relevant firewalls and check for existing access
    requests for the workflow
    • Identify potential vulnerability exposures and compliance risks

    • Formalize rule and object changes with the option to push select
    changes live

    • Confirm the change has been correctly implemented

    • Receive a full audit trail of every step of the change

    FIG 1: A list of a user’s requested tickets logged in Skybox Change Manager

    2
    Change Manager | Datasheet

    Recertification Workflow

    • Rule or object usage is assessed to determine necessity

    • Metadata is used to define rule owner, next certification date, etc.


    RULES WITH
    • Rules and objects are checked on an ongoing basis for usage and
    MULTIPLE OWNERS
    policy violations, which trigger the generation of an early recertifica-
    The recertificatio workflow tion ticket
    can also be used for rules
    • Recertification ticket is automatically generated for rules and objects
    with multiple owners. Certain
    that violate policy or are unused for a period of time
    owners can be designated as
    “approvers.” • The rule owner or network admin decides to recertify or reject the rule

    • Recertified rules go back in the recertification workflow

    • Rejected rules move to the deprovision workflow

    Deprovision Workflow

    • Generate a deprovision ticket for any rules rejected in the recertifica-


    tion process

    • Convert a rejected rule into specific request for rule or object modifi-
    cation or deletion

    • Formalize rule and object changes with option to push select


    deletions or modifications

    • Confirm the change has been correctly deleted or modified

    • Receive a full audit trail of every step of the deprovision process

    Change Manager Benefits


    Fully Automates Firewall Change Workflows

    • Reduces the chance of human errors and rollbacks of


    AUTOMATED incorrect changes
    PROVISIONING • Enables customizable change workflow based on type of request
    The automatic implementation • Ensures accurate change planning and implementation within the
    feature supports: context of the network
    • Check Point R80.20 • Provides option for automated provisioning for select firewall changes
    firewalls
    Simplifies and Formalizes Rule Recertification
    • Cisco ASA devices
    • Automates rule recertification workflow
    • Palo Alto Network devices
    • Calculates change risk to inform decisions on when next to review rule

    • Streamlines review process by maintaining information


    on stakeholders

    3
    Change Manager | Datasheet

    Assesses Risk and Compliance Issues of Proposed Changes

    • Identifies potential compliance issues and vulnerability exposures to


    new portions of the network a proposed change could introduce

    • Models change impact on network security and compliance before


    implementation

    Ensures Change Compliance

    • Establishes a fully automated approval process from change request


    through implementation and verification

    • Delivers a complete and verifiable audit trail and change reconciliation


    report

    • Provides closed-loop change management capabilities to ensure all


    changes are implemented as intended

    About Skybox Security


    Skybox provides the industry’s broadest cybersecurity management
    platform to address security challenges within large, complex networks.
    By integrating with 130 networking and security technologies, the Skybox®
    Security Suite gives comprehensive attack surface visibility and the
    context needed for informed action. Our analytics, automation and intel-
    ligence improve the efficiency and performance of security operations
    in vulnerability and threat management and firewall and security policy
    management for the world’s largest organizations.

    www.skyboxsecurity.com | info@skyboxsecurity.com | +1 408 441 8060


    Copyright © 2019 Skybox Security, Inc. All rights reserved. Skybox is a trademark of Skybox Security, Inc.
    All other registered or unregistered trademarks are the sole property of their respective owners. 0626019

    You might also like