Authored on: Nov 26, 2013
Managing network security at scale is not easy, but the organizations that do it best tend to follow a predictable, repeatable pattern. This paper distills those lessons into a pragmatic process designed for larger organizations and those with more complicated networks such as medium-sized businesses with multiple locations. We wouldn't claim our process is magical or easy, but it's certainly easier than many alternatives. Even if you only pick out a few tidbits, our process should help you refine and operate your network security more efficiently.
Network security management isn't easy, but there are more and less efficient ways to handle it. Knowing your posture and maintaining visibility are key, as are developing core workflows to bridge gaps between different operational teams. Network Security Operations monitors the environment and change requests to adapt the security posture as needed in a timely manner. It monitors for changes that slip past approval processes, develops workflows to handle the unexpected, and responds quickly when changes are requested to support other business areas. Finally, Network Security Operations understands that security policy changes impact other operations, and that it needs to analyze and communicate the potential implications.
Read this Executive Guide by Rich Mogull, Analyst and CEO, Securosis.