• Skip to primary navigation
  • Skip to main content
  • Skip to footer

+1-613-287-0393

info@corsa.com

Support

  • LinkedIn
  • Twitter
  • YouTube
Corsa Security

Corsa Security

Scaling network security

  • Solutions
    • Automate Your Managed Virtual Firewall Service
    • Modernize Enterprise Network Firewalls
    • Scaling Virtual Firewall Clusters
    • Complete Communications Monitoring
    • Increase Threat Protection
  • Products
    • Corsa Security Orchestrator
    • Corsa Security Platform for Automating Firewall Virtualization
    • Corsa Security Platform for Scaling Threat Protection
  • Verticals
    • Large Enterprise
    • Service Providers
    • Government
    • State, Local and Education (SLED)
  • Partners
    • Fortinet
    • Palo Alto Networks
    • Find a Reseller or Distributor
    • IT Consultants and Professional Services
    • Industry Collaboration
    • Become a Partner
  • Resources
    • Videos, Whitepapers and Other Content
    • Explainers
  • Company
    • About Corsa Security
      • Corsa Security Recycling Solutions
    • Management Team
    • Board of Directors and Steering Committee
    • News and Blog
    • Careers
    • Support
Contact Us

Why Automate the Network Security Protection Pyramid?

August 4, 2021 by Carolyn Raab

Automation, automation, automation. It’s a buzzword in the IT and security industry at the moment. Gartner highlights that security process automation is one of the key trends to emerge from 2020, in large part due to a shortage in skilled security practitioners. And this is not the only driver: “with the size of data multiplying every day, it is eminent that automation is integrated to give more sophisticated control over the information.”

There’s good reason for this move towards automation: when security tasks are automated we gain speed, scalability and reliability. While automation has become commonplace in many areas of IT and network security, there are levels of the Network Security Protection Pyramid where it has been ignored. To our detriment. Read on and I’ll explain how security automation at the infrastructure layer of the network has the biggest impact on overall risk reduction to network security. Plus, it lowers total cost of ownership (TCO) compared to what you’re doing today!

What is the Network Security Protection Pyramid?

We need to think of network security protection in terms of a pyramid or hierarchy. At the bottom of the pyramid we have the foundational layers of network security: Deploy and Configure. Here are technologies and practices offering the greatest risk reduction—like infrastructure configuration, posture management, patching and configuring. At the top of the pyramid are the Assess and Respond layers with products like advanced threat detection tools, which are important but remove less risk if the underlying layers aren’t solid.

Network Security Protection Pyramid
Network Security Protection Pyramid

The importance of a strong foundation

Nowadays it’s easy to get excited about the innovative cybersecurity tools at the top of the network security protection pyramid. They use cool technology; they’re the bright, shiny objects. Technologies like SIEM (security information and event management) and SOAR (security orchestration, automation and response). Or, how ML (machine learning) and AI (artificial intelligence) bring advantages in the areas of data analysis and remediation. There’s no denying these technologies represent great advances, especially in terms of automation. In reality though, the infrastructure layer of the pyramid is the foundation on which the rest of the security stack relies. In other words, unless you get the security basics right, it doesn’t matter how cool your other security tools look or act.

Why automation is key to the protection pyramid

While we’re comfortable introducing automation at the top layers of the protection pyramid—with technologies like SIEM and SOAR—it shouldn’t stop there. That’s because when we think of the Deploy level, all we see is fixed equipment and boxes. But, if we begin to think of this infrastructure as software-defined or virtualized, then we can introduce automation. Network security automation has the potential to simplify workflows and improve uniformity and accuracy in network security. So, if it is implemented at the most foundational level of Deploy and Configure, we’ll begin to see much greater risk reduction overall.

Automation of the Network Security Protection Pyramid
Automation of the Network Security Protection Pyramid

How to automate network firewalls

So, let’s get practical and take network firewalls. These are classic examples of infrastructure that sit firmly at the base of the pyramid. But even if we virtualize them, we still have an issue.  While we have automation tools for the Respond and Assess layers, when it comes to Deploy and Configure, network engineers are left to figure out infrastructure automation on their own. There are no truly integrated solutions or tools; nothing comes out of the box for virtual firewalls. This leads to a DIY nightmare and one of the main reasons that automation is slow to take on in this area.

To implement automation in network firewalls we need to start by automating the migration of physical firewalls to virtual ones. Operations that would normally be performed manually—generating an ISO image, defining VM settings, bootstrapping, provisioning, for example—need to be implemented seamlessly without requiring custom scripts. And once the virtual firewalls are deployed, we need to automate additional configuration, ongoing management and software upgrades, too.

The benefits of automating the full protection pyramid

It’s no wonder that automation is one of the current superstars in security. It brings a level of efficacy, speed and agility that we haven’t seen historically. But, that shouldn’t be limited to the Assess and Respond layers. When we take that same automation to the base of the pyramid the advantages really begin to add up:

  • Simpler, centralized, more user-friendly management of operations,
  • Faster delivery of new services and capabilities,
  • Dynamic, rapid changes to network firewall capacity thanks to virtualization,
  • And reduced costs as we move away from capital expenditure for hardware to a pay-per-use, software-based model.

If we’re going to make the most of automation and dramatically reduce the risk of a network breach, we need to start with the infrastructure. As we’ve seen, making improvements to the most foundational element of network security brings the greatest reduction of risk. In other words, start with virtualizing your network firewalls so your threat protection increases to any scale, while also lowering your overall TCO. Then, shift your focus to automation at the foundational layer of the network security protection pyramid, and enjoy these many other benefits too.

Category iconBlog Tag iconAutomate firewall virtualization,  Automation,  Carolyn Raab,  Protection Pyramid,  Virtual Firewalls,  Virtualization

Subscribe to our newsletter

Get the latest posts delivered right to your inbox

Automate network security virtualization

Talk to us about how to deploy, scale and optimize virtual on-premise firewalls with speed, simplicity and savings.

Footer

Corsa Security

We are the leader in automating network security virtualization, which helps large enterprises and service providers deploy, scale and optimize virtual on-premise firewalls with speed (24x faster deployment), simplicity (zero-touch operations) and savings (9x lower TCO). By tightly integrating firewall virtualization with intelligent orchestration, the Corsa Security Orchestrator provides an aggregated view of all your virtual firewalls while managing their infrastructure health, capacity and performance. Customers subscribe to the Corsa Security services based on their current needs and then pay as they grow by integrating credit-based licensing from our firewall partners.

info@corsa.com

Sitemap

  • Home
  • Solutions
  • Products
  • Verticals
  • Partners
  • Resources
  • Company

Quick links

  • Support
  • News and Blog
  • About Corsa Security
  • Corsa Security Platform for Automating Firewall Virtualization
  • Corsa Security Platform for Scaling Threat Protection
  • Corsa Security Orchestrator

Headquarters

300 March Road, Suite 400
Ottawa, ON K2K 2E2
Canada

+1-613-287-0393

San Francisco

201 Spear Street, Suite 1100
San Francisco, CA 94105 
U.S.A.

+1-415-887-2131

Boston

177 Huntington Ave., 17th Floor
Boston, MA 02115 
U.S.A.

+1-617-430-7017

  • LinkedIn
  • Twitter
  • YouTube

Copyright © 2023 Corsa Technology Inc. All rights reserved. Privacy. Return to top