The more is not always the merrier. At least things could get complicated when an IT organization needs to operate a multi-vendor security environment where each node has a distinct role. Kron SPT (Security Provisioning Tool) is the single source of provisioning to help you for reducing operational burdens and expenses.
One GUI for all systems
Your security nodes start with your peripheral elements such as DDOS appliances. At your DMZ you might have positioned your firewalls. Then there are the load-balancers along with your WAFs along with IPS and IDS systems. The list goes on with others each of which having their own GUI. Kron SPT centralizes all of them into one pane of glass and hence utilizes operational efficiency.
Manage Privileges Correctly
Big organizations have multiple levels of support. Starting at Level-0 with junior engineers, they could go up to Level-3 where planning and design experts are employed. This support model requires a strict differentiation among the operational rights and administrative privileges on subject systems. However, most of times security systems can’t provide the sufficient amount of granularity. That’s when Kron SPT comes into play offering a customizable privilege design per system per support group.
No more faulty configurations on firewalls
By best practice there shall be no repeating rules on firewalls. Also, rules including ANY statements but not dropping the matched traffic are too generic to constitute a source of risk. Rules with no magic traffic shall be identified by periodic scan. Thanks to it adapter based and vendor agnostic design, to enforce a best practice configuration guidance, Kron SPT can be made use of no matter what the subject system.
As any other product of Kron, SPT prevents vendor lock-in for its customers.
It singularizes the security operations from an administrative point of view by providing one management portal for multiple systems. From the information security point of view, it strengthens the privilege management and governance posture by allowing granular task and rights assignments to user groups in full fashion RBAC (Role Based Access Control) approach. The access protocols to the subject elements can API, SSH or through parsing html contents when emulating a user behavior.
Challenges for a daily operation for an IT security organization can be exemplified as below:
- Over-costed night shift operations due to extra resource allocation
- Obligation of employing high qualified employee for basic operations
- Difficulties in applying and tracing company specific provisioning standards
- Uncontrolled simple individual errors cause big damages and maintenance costs
- Tracing user actions and having executive reports
- Direct access to devices (Web GUI and CLI) requires high experience which is difficult to share with inexperienced users
These problems can be experienced when operating system including below but not limited to:
- Firewalls and NGWFs
- Load Balancers
- DDOS Protection
- WAF, IPS, IPD
- SDWAN
On these systems, using Kron SPT one could minimize human error. Sample scenarios when Kron SPT would come handy are limiting packet durations on interfaces, preventing rules on firewalls without comments, enabling logging of all sessions matching policies…. The list can be extended. From the business point of view, you will comply with the industry standards such as HIPAA, PCI/DSS, ITIL and maximize the operational efficiency. In the end of the day it is your network and your specific requirements to which Kron SPT will take an adaptive approach.