Security Consolidation

Issues

Number of tools required to “secure” organization.
- For some organizations, this numbers into hundreds
Amount of manpower needed to manage all tools
- Need people to monitor/operate tools
- Training for existing staff and/or hire specialists
Cost of all the tools
- Acquisition cost
- Deployment cost
- Annual maintenance cost
- Training cost
Integration/correlation of information between security tools
- Consistency enforcement of policy between tools
- Consistency of information provided by tools (logs)
- Correlation of logs across security tools (SIEM)
Management Consolidation vs Function Consolidation
- More security functionality managed from fewer places
Increased use of Cloud Infrastructure
- Can be Private Cloud or Public Cloud
- Rapid rate of change requires different deployment model for security
- Automation required to retain cloud efficiency and reduce human error

Review entire architecture to look for protection gaps
Where possible extend existing tools to cover protection gaps
Manage more security functions from fewer management consoles
- Vendor consolidation does not necessarily equal management

consolidation

Consolidate security functions where appropriate to:
- Increase consistency of enforcement throughout environment
- Lower acquisition costs for suite versus “best of breed”
- Lower operational effort/cost to maintain security infrastructure
- Reduce need to be cross-trained on security tools
Automate and Orchestrate
- Management should be scriptable/automatable using Open APIs
- Information from cloud environments should integrate into physical

enforcement modules

possible