infoTECH Feature

June 22, 2015

Parkour for Enterprise Networks

Just as the French discipline of parkour identifies the most efficient route from point A to point B, Tel Aviv based network security company Tufin automates secure application connectivity over an enterprise network. And like parkour—the subject of viral Internet videos of athletes scaling skyscraper facades and hopping between rooftops—the idea, in theory at least, is to do this as safely as possible.

“The problem that we solve is that large enterprises have accumulated network technology over 20 years of evolution,” Reuven Harrison, CTO and co-founder, Tufin, told TMC (News - Alert) at the recent Cloud Expo event. “How do we enable business connectivity on top of that in a secure way?”

Efficient business connectivity is the cornerstone of productivity in the modern enterprise and as Harrison explained, changing network technology complicates this process. This includes the lightning pace at which enterprises are migrating to cloud and hybrid infrastructures. As these networks spread out and become more elaborate, getting from point A in the network to point B as efficiently as possible is beginning to feel a bit more like jumping between moving skyscrapers. Throw in points C, D, E, F, and the rest of the alphabet—well, you get the point.

And while in the enterprise network world the danger of messing up doesn’t entail falling to your death, it could result in security shortcomings capable of crippling an enterprise.

“Every time you connect a business application, you’re actually introducing an attack path for malicious hackers,” Harrison said. “Just for one small connection, they open up a huge hole.”

The good news is that companies like Tufin address both the complexity of modern network communications, as well as the inherent security pitfalls associated with it. 

“We automate the change process for network connectivity and we look at it from these two perspectives: the application connectivity (the business), and the security (or compliance),” Harrison said. Rather than a human operator manually configuring these complex paths, computers find efficient routes in the network. It would be like installing a GPS in a parkour athlete’s brain that automatically routes him or her along the most direct path, while also managing his or her safety practices.

The fact that hybrid cloud models are in proliferation is by no means a setback. To the contrary, this is where Tufin’s network security Orchestration Suite shines, because as networks grow to have more moving parts the need for automating secure connectivity increases. Additionally, the speed at which things happens because of cloud computing leaves less time for manual reviews and manual implementation. Enterprises can therefore get more value from automation. That said, the solution also allows for retrospective analysis of all changes, and enterprises can dictate the degree of automation through a Workflow Builder.

Tufin’s network orchestration goes hand-in-hand with its security management, which is key to enterprises network security—perhaps even more so than security enforcement. 

“The problem for the enterprise is that there are so many moving parts in their network infrastructure that without very, very good management tools they’re just not going to be able to take advantage of their lower level enforcement gear,” Harrison said. In other words, Tufin can architect enforcement much in the same way that they can orchestrate connectivity—sort of like an omniscient military strategist who can identify and secure important, or weak, garrisons on the map before events are set in motion.

Looking forward, Harrison believes that network infrastructure will only continue to move toward hybrid models. As this happens, Tufin will be adding full security policy automation to improve security management across hybrid environments.

Enterprise connectivity, like parkour, will always be a dangerous game. And while companies like Tufin can’t change the world we live in, they can improve the obstacle course that is network architecture through automation of secure application connectivity, and help eliminate pitfalls between points A and B, and beyond.  

 
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers