Next-Gen Firewall Automation
Next-Gen Firewall Automation
Kenneth Celenza
Automating firewalls is not the easiest task to automate, but once you have done it, the hardest work is now on the users. The users are now expected to have near expert level knowledge of how IP services work within your environment. This is where the Application Dictionary comes in. The Application Dictionary intends to be the Source of Truth that fundamentally change the paradigm of automating firewalls rules. Allowing application owners to define their application and the requests to be made between applications instead of IP services. This allows application owners to ask simple requests like "provide my application access to Splunk". This is not just vaporware, there is a live demonstration to show the reimagining of firewall rules from conception to deployment.
Next-Gen Firewall Automation (pdf)
Watch the NANOG 83 Playlist