Heavy Networking 573: Using Application Dictionaries For Better Security Policy Management

Let’s say you’ve applied firewall and security policies to an application, and they mostly work. Who owns this policy now? Networking? Security? The business? What if it’s a container-based or cloud-native app with lots of chatter and lots of dependencies on other applications and services? How do you manage that? What happens if the application changes? If you’re the networking person tasked with the firewall policy, do you ask the security team about the changes? The developers? What if they don’t know? Our guests today are Ken Celenza and Brett Lykins from Network To Code, and they’ve been thinking hard about how to manage security policy in modern IT infrastructure. We’re going to get into sources of truth, application modeling, approval workflows, and more–all in the context of automation. We discuss: * Application dictionaries and application data models * Identifying data stakeholders * Understanding application lifecycles * Technical challenges * Cultural/human challenges * More Sponsor: CBT Nuggets CBT Nuggets is IT training for IT professionals and anyone looking to build IT skills. If you want to make fully operational your networking, security, cloud, automation, or DevOps battle station visit cbtnuggets.com/heavynetworking. Sponsor: Alkira & Packet Pushers Livestream Join us on April 22nd, for our first ever livestream event with Alkira. Alkira Network Cloud lets you deploy and manage single and multi-cloud networks with built-in visibility, security, and governance–all delivered as-a-service. Go to packetpushers.net/livestream to register. Show Links: Application Dictionary – Network To Code @itdependsnet – Ken on Twitter Ken on Github @lykinsb – Brett on Twitter Brett on Github NetworkToCode Slack Channel