Implementing Sensible Network Segmentation
Packet Pushers Tech Bytes about Network Segmentation with Tufin
A new week, a new Tech Bytes Packet Pushers podcast. This time Tufin markets their policy management, which was a interesting show, but i have some comments.
i think it’s a valid point to say that automated firewall policy management can make a business more agile, especially considering how long the change process normally takes and how we do it today the whole point about understanding the topology sounds like this is really very slow to implement it’s hard to get any visibility from what i hear and how i understand the Tufin platform Zoning or very wide segmentation is nice, but what you really want is to be able to do finer grained segmentation without modifying or rearchitecting the network relying on hardware firewalls will never be able to free you from the constraints of those devices, especially throughput limits, the hardware cycle that will just happen every three or five years and the inability of a firewall to really be point to point and not zone to zone i would assume that the integration of this is very hard, thanks god it is usually owned by just one team, but what about outsourcers and system integrators?