Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How can networking and security project groups work together better?

A single pane of glass approach to networking and security projects might be able to improve enterprise security. Expert Mike O. Villegas explains what enterprises need to know about it.

There are arguments for a "single pane of glass" to help foster collaboration and cooperation between networking...

and security project teams. This would mean both teams following the same process and using the same tools to make changes to the network security devices. Would this single pane approach improve enterprise security?

Enterprise policies, standards and procedures exist, so every employee adheres to common corporate policies such as change management, procurement, security, data retention, privacy policies, system configuration standards, acceptable use of corporate resources and system development methodologies. All of these policy documents need to be updated and formally approved on an annual basis and be accessible to all employees.

Without enterprise sponsored and approved mandates, changes to the environment will appear desultory or chaotic, and ultimately there will be overlapping or conflicting activities that could have disastrous results such as not meeting SLA goals, contradicting protection schemes and tools being rendered ineffective. This is where the benefits of a single pane of glass approach to enterprise networking and security projects come into play.

This single pane of glass approach also applies to common tools used to change the IT environment. These tools should be embedded in the change management process and include a common ticketing system for reference. If changes are allowed outside of the commonly accepted process, one change could overlay another. This could potentially lead to unnecessary and regrettable finger-pointing and overall damage the enterprise's ability to service its customers and meet its processing goals. Non-collaborative changes vetted by networking and security project groups could also introduce otherwise preventable vulnerabilities.

That said, monitoring systems do not need to follow the single pane of glass approach and can be unique to each group. For example, SIEM is focused on security monitoring of devices, event anomalies, attack vectors, rule violations and forensic activity. A security operations center (SOC) uses SIEM to track activity driven by an incident response plan. Whereas a network operations center (NOC) uses other tools on the same network and log activity to monitor network traffic, response times, bandwidth and service level agreements.

Some of the benefits of combining networking and security project teams and using a single pane of glass approach include better change management, accountability, and integrity. However, not all tools have enough features to satisfy the needs of the SOC and the NOC. Consequently, there may have to be some redundancies in tools, but processes and methodologies such as change management, release management, and ticketing systems can and should be used by all groups.

Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)

Next Steps

Learn more about the importance of security operations centers in SDN

Find out security operations centers could be the key to the future

Discover the latest advances in SIEM products

This was last published in June 2016

PRO+

Content

Find more PRO+ content and other member only offers, here.

Essential Guide

Set up your system for the best network security possible

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

4 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Do you think a single pane of glass approach to security and networking is a good thing? Why or why not?
Cancel
It can be if it is implemented correctly. I recently had a discussion with one of our security architects that revolved around how to implement security practices. One of the areas we both agreed on was that, no matter what process you are trying to implement, you have to have both sides participating, and you have to consider both side’s tools and processes when creating that single pane of glass. Otherwise, you’re more likely to inhibit transparency, and create a one-way mirror that serves only one side of the organization.
Cancel
The premise is good. Security and networking groups definitely need to work together better. The article left out one key point – every business should create a visibility architecture based upon taps (for inline security tools, out-of-band tools, and virtual data centers) and network packet brokers. Once you set this up, security groups and network groups can work together to share tool resources and efficiently access the proper data across the network. The packet brokers also enable remote access to the tools, load balancing of data between tools, and simplified filtering that makes the monitoring and security tools as efficient as possible. A proper visibility architecture will help break down the security and networking groups.
Cancel
The single pane of glass approach works well for pretty much every group within IT. The article gives the example of a common set of tools embedded in a change management process. We’ve found that not only help security and networking to work together better, but also project management, development, QA, configuration management, etc. It essentially creates a common platform or language with which each team works.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close