Home » Security Bloggers Network » Security integration must be simple, flexible and customizable

Security integration must be simple, flexible and customizable

by Josh Williams on February 26, 2020

Today, FireMon announced the ability to extend intelligent security automation to the cloud. This benefits our customers in that we‘re able to give them a single platform that continues to be infrastructure agnostic. This required a lot of integration work behind the scenes, but we felt it was important that we continue to offer our customers enhanced abilities to maximize existing investments.

Those investments encompass many separate tools for managing multiple on-premise and cloud environments, devices such as switches and routers, and DevOp tools. There’s also a need for depth of integration — customers want two-way sharing of data between security devices, platforms and applications so they can enable security more quickly.

The growing scale and complexity of hybrid clouds, the rise of DevSecOps and digital transformation efforts all demand faster security integration that enables the exchange of intelligent information for effective automation.

Not only must integration be easy, it must be enterprise-grade and meet business expectations.

Easy-to-use APIs better align DevOps and security

FireMon’s annual State of Hybrid Cloud Security survey cements the need for better integration. It emphasizes the use of multiple, siloed tools and lack of automation as an ongoing challenge, and that relationships with DevOps/Application teams aren’t improving — they’re either difficult or non-existent.

Simplifying integration can go a long way to helping CISOs maximize existing security investments in third-party and multi-vendor security stacks. Lines of business are putting pressure on speed of service delivery, and Chief Digital Officers are seeking to unify multiple platforms across versions, geographies, and domains as part of their digital transformation efforts.

Similarly, DevOps teams want to integrate and monetize multiple tools across the security stack. They’re also reviewing tools that overlap and cut out tools so they can offload functions somewhere else. However, even when there’s a will, there’s not always an easy way. Inflexible APIs that are difficult to use and often lead to costly professional services engagements and vendor support for help. Integration efforts are even abandoned completely if APIs are too complex.

Because IT teams already have multiple tools to manage security, any new tool must integrate with what they have and supplement their functionality. They want flexible platforms that support both out-of-the-box and custom integrations with third party tools and two-way data sharing without additional complexity.

If we want DevOps teams to be better aligned with security policy, they can’t be spending too much time grappling with APIs. Unique customizations must be supported with easy drag-and-drop interfaces so they can be productive, and APIs must be able to provide all the data they want, whether they pull it from the cloud or on-premise. Ultimately, security architects and DevOps teams need to see value quickly from any new tool.

Integration that supports automation and customization

Just like firewall changes, security professionals would want most integrations to be automatic, but also have the option for partial or full customization for specific use cases.

FireMon offers a broad set of APIs to support those deployment options, directly or through partners. Developers can leverage our robust APIs by connecting to them via clicks using the SwaggerUI or code. Using OpenAPI makes it easier to collaborate on the APIs, avoid errors during the coding process and ensure easy customization and quality.

For out-of-the-box integrations, FireMon has focused on key platforms with which our customers want to easily connect.

Microsoft Azure: FireMon’s integration enables customers to maintain continuous visibility and control even as public cloud workloads move and regroup. Security policies are normalized and unified into a single view across the Azure public cloud and on–premise with monitoring, alerting, and observability for complex environments. FireMon also supports Azure Marketplace application security groups.
CISCO ACI: This integration enhances Cisco APIC’s capabilities for discovery and dynamic management of security policies across physical, virtual, and cloud deployments with deﬁned access controls in a simple interface. Our integration further reinforces security controls through dynamic policy management and automation that reduces misconfigurations.
ServiceNow: Integration with ServiceNow enables customers to log in and track change tickets without switching between ServiceNow and the FireMon tools. The ServiceNow workﬂow can be used to control the lifecycle of security policy-related changes with minimum disruption to IT services. Integration with FireMon’s Global Policy Controller speeds up the change management process.
Swimlane: This integration enables security personnel to triangulate SOAR analytics with FireMon’s real-time visibility across known and unknown networks, including the cloud, providing continuous security control across traditional and virtual platforms. Policy management changes are accelerated while manual errors are reduced, and device rules no longer in use are automatically cleaned up.

These enterprise-grade integrations leverage FireMon APIs that are flexible and easy to use, but they’re complemented by deep integration capabilities that enable DevOps to use their own toolchain for all integrations. FireMon’s RESTful APIs can integrate deeply with multiple tools across the enterprise security stack and configure flexible workflows.

Most of the time, security teams want out-of-the-box integration with common platforms for maximum automation, but FireMon’s APIs also enable the flexibility to code custom integrations quickly, complete with robust two-way data sharing and automation.

The post Security integration must be simple, flexible and customizable appeared first on FireMon.