Tips for successful security policy migration

“Our company is going through a technology migration. Can Tufin help?” or “Can you move security policies from Vendor X’s devices to Vendor Y’s devices?” or “We’re moving our applications to the cloud, can Tufin move our security policies from our on-premises data centers to the cloud?”

The answer to these questions? YES.

But Tufin’s added value in migration projects extends far beyond simply moving policies from X to Y. From planning and preparation to migration and ongoing operations, Tufin can significantly reduce friction and streamline the process, allowing you to realize the benefits of your migration project faster, while reducing potential risk. 

      • Planning

A key component in the planning phase is a thorough understanding of what needs to be migrated and the relevant impact. Tufin’s in-depth network visibility facilitates this by providing both a macro (topology) and micro (rule) understanding of the current state of your network.

      • Preparation

Tufin’s ability to identify unused and empty rules and objects, overly permissive rules, less than optimal configurations, and policy violations can help enterprises ensure the policy base is optimized and risk-free before the migration occurs.

      • Migration

When Tufin ingests security policies, each device, rule, and object is normalized into a standard format.  Security policy normalization is what makes the Tufin Rule Viewer such a powerful tool. Every rule, regardless of its origin, can be queried and managed from a single console within the context of the entire security policy base.

      • Ongoing operations

Tufin’s Unified Security Policy (USP) allows enterprises to define security policy guardrails that are applied uniformly across devices and vendors. Each time a policy change is made, the new policy revision is checked against all defined USPs, immediately alerting the enterprise to potential risk which may have been inadvertently introduced as part of a change.

Tufin’s topology and policy visibility provides network admins with the critical situational awareness required to maintain seamless operations throughout the migration. With this visibility, admins can continue to manage the enterprise network with confidence that their decisions are based on its most current state.

Migrations are times of change, and change introduces complexity and risk. As hundreds of changes are being made as part of a migration, a simple omission or mistake can easily lead to a critical business outage, or worse, exposure of critical data or services.

If you’d like to discuss your specific migration project and how Tufin can help, you can contact Ward Wuyts, Tufin BDM at Exclusive Networks.

Full Article