CISCO:What Is Network Security Policy Management?
文档来源:https://www.cisco.com/c/en/us/pr ... icy-management.html
What Is Network Security Policy Management?
Network administrators and IT teams use network security policy management to control their network environments and protect their organizations against evolving threats.
Network security policy management streamlines security policy design and enforcement. It applies rules and best practices to manage firewalls and other devices more effectively, efficiently, and consistently.
Why is network security policy management necessary?
Businesses must protect people, physical assets, and data that travels across and lives within their networks. Administrators do this by setting security policies that describe in detail parameters such as who or what is allowed to access which resources.
The job gets more challenging as networks become more complex. Companies with large infrastructures accumulate vast libraries of security policies across a vast array of security products.
As organizations add more people and more devices, they seek ways to automate tedious and repetitive tasks, simplify operations, and identify inconsistencies that could leave them vulnerable to attack. Network security policy management helps them gain visibility across their distributed environment, and then organize and standardize these policies to improve business security.
How does network security policy management improve business security?
Security policies govern the integrity and safety of the network. They provide rules for accessing the network, connecting to the Internet, adding or modifying devices or services, and more.
However, rules are only effective when they are implemented. Network security policy management helps organizations stay compliant and secure by ensuring that their policies are simplified, consistent, and enforced.
How is network security policy management implemented?
Network security policy management tools and solutions are available. Businesses use them to automate administrative tasks, which can improve accuracy and save time. The solutions can make management processes less tedious and time consuming, and can free up personnel for higher-value projects.
These solutions also help IT teams avoid misconfigurations that can cause vulnerabilities in their networks. And if problems arise, network security policy management solutions can ease troubleshooting and remediation.
Benefits of network security policy management
Streamline security policy design and enforcement
A network security policy management solution can help organizations achieve:
Better security. Network security policy management streamlines security policy design and enforcement.
Ease of use. Network security policy management tools orchestrate policy design and implementation.
Consistency. Solutions provide templates, model policies, and configurations.
Time savings. Deployments are faster, and automation helps empower staff to focus on other business priorities.
Lower costs. Cloud-based solutions scale to thousands of devices, requiring fewer resources and allowing for centralized management.
Apply best practices to meet challenges in firewall management
Over time, firewalls collect more and more configuration rules and objects. Network security policy management solutions can help combat this bloat and improve security by addressing:
Object auditing. Administrators need to merge and reduce duplicate objects, determine which unused objects should be deleted, and identify inconsistent objects. Network security policy management tools help them achieve a cleaner, more consistent configuration that is less of a nuisance to manage and less vulnerable to attacks.
Policy inconsistencies. The network security policy management tools locate unused or shadow policies and assist IT to fix possible problems.
Version control and upgrades. Network security policy management solutions ease these transitions with filters that simplify and automate processes and ensure high availability. |