Setting up ceremonies and abstracting firewall managers

Written by Wilfried Kirschenmann, on 25 September 2019

This year, Aneo is renewing its participation in DevOps REX! On this occasion, we share our feedback on concrete DevOps cases.

We assisted a major bank specializing in financing, management, and financial services, which needed to continue developing software that abstracts the security management of its entire machine park.

Currently, a team of ten people handles the creation of security rules on various firewall managers. The number of machines (physical or virtual) continues to increase, leading to a growing workload for those managing security.

That's why we are currently working on software aimed at automating the management of security rules across various firewall managers, such as NSX V (or) T, Illumio, Fortinet, Palo Alto, etc.

In a way, we are seeking to develop a Rosetta Stone between all these technologies.

Currently, we manage connections between the two NSX technologies (V&T) and synchronize all the rules between these two entities. There is still much work to be done in this regard.

Another background challenge, not mentioned until now but of great importance, is the implementation of ceremonies within the team.

The security team is driven by incident management and the creation of new rules sent by multiple internal clients. They are constantly in a run environment, and in such urgency, it is challenging to progress in project mode.

Therefore, we had to implement agile ceremonies to structure the project and provide visibility to the (internal) client through demos or a well-enriched Jira.

We believe that the project will lead to the creation of a team, which will be responsible for managing the automation of all these rules, handling firewall manager updates, and evolving the project itself.

In our opinion, the project's evolution will generate new needs and truly become a Rosetta Stone within the team.

The project continues today, and we will tell you more about it next year!