Modern applications connect to multiple servers and services and proper network security policies need to be in place.
Avishai Wool, CTO of AlgoSec explained to EnterpriseNetworkingPlanet that the people that own the business applications use different terminology than typical network security people to define their needs. For example, a business application owner might say that their ecommerce application needs to access a credit card database. In contrast, the network security engineer needs to know IP addresses, ports and protocols so that rules can be put in place for the firewall.
“There is a gap between what the business application owners say and what the network staff think and say,” Wool said. “That gap causes configuration mistakes and it slows things down.”
What ends up being the case is that firewall rules are written, that are separate from the application and it’s not always clear what rules belong with a given application.
The BusinessFlow technology aims to close that communication gap. Wool explained that BusinessFlow is a system that sits in between network security policy infrastructure and business applications. BusinessFlow acts as a centralized repository that gives an accurate view of application connectivity requirements.