The more is not always the merrier. At least things could get complicated when an IT organization needs to operate a multi-vendor security environment where each node has a distinct role. Kron SPT (Security Provisioning Tool) is the single source of provisioning to help you for reducing operational burdens and expenses.
Your security nodes start with your peripheral elements such as DDOS appliances. At your DMZ you might have positioned your firewalls. Then there are the load-balancers along with your WAFs along with IPS and IDS systems. The list goes on with others each of which having their own GUI. Kron SPT centralizes all of them into one pane of glass and hence utilizes operational efficiency.
Big organizations have multiple levels of support. Starting at Level-0 with junior engineers, they could go up to Level-3 where planning and design experts are employed. This support model requires a strict differentiation among the operational rights and administrative privileges on subject systems. However, most of times security systems can’t provide the sufficient amount of granularity. That’s when Kron SPT comes into play offering a customizable privilege design per system per support group.
By best practice there shall be no repeating rules on firewalls. Also, rules including ANY statements but not dropping the matched traffic are too generic to constitute a source of risk. Rules with no magic traffic shall be identified by periodic scan. Thanks to it adapter based and vendor agnostic design, to enforce a best practice configuration guidance, Kron SPT can be made use of no matter what the subject system.
It singularizes the security operations from an administrative point of view by providing one management portal for multiple systems. From the information security point of view, it strengthens the privilege management and governance posture by allowing granular task and rights assignments to user groups in full fashion RBAC (Role Based Access Control) approach. The access protocols to the subject elements can API, SSH or through parsing html contents when emulating a user behavior.
Challenges for a daily operation for an IT security organization can be exemplified as below:
These problems can be experienced when operating system including below but not limited to:
On these systems, using Kron SPT one could minimize human error. Sample scenarios when Kron SPT would come handy are limiting packet durations on interfaces, preventing rules on firewalls without comments, enabling logging of all sessions matching policies…. The list can be extended. From the business point of view, you will comply with the industry standards such as HIPAA, PCI/DSS, ITIL and maximize the operational efficiency. In the end of the day it is your network and your specific requirements to which Kron SPT will take an adaptive approach.