As organizations are migrating more services to “AWS”, “Azure”, “GCP” (etc.) and usage of SaaS such as “Office365”, “Zoom”, “Webex” is increasing, maintaining a strict level of security for traffic traversing from the on-premise network to the cloud becomes a challenging task, even more than before (and especially without automation). IP Addresses of many of the services are rapidly changing, and organizations are required to update the security policy in their firewall \ proxy to allow access to the new addresses and remove access to those that are no longer relevant. Failing to do either, will cause the organization connectivity problems with the desired services or result in a loose security policy, and an inflated database of irrelevant IP Addresses/URLs.
While the different cloud and SaaS providers are aware of the difficulty mentioned, they publish a list of IP addresses/URLs that the customers can occasionally query, usually after something already breaks, but even then, the method of publishing the IP/URLs list differ between the services and providers. it could be a JSON for download, a Webservice, or a simple HTML page that lists the current IP addresses and URLs. The administrator has to understand, parse & compare the feeds, then remove & create the different policy objects (usually in multiple network security products) in order to keep up with the changes.
Cyberm8 Automation Platform simplifies the process for the administrator – Using built-in actions in Cyberm8 AP, you can pull the current IP/URL lists of the most of the popular cloud & SaaS providers (simply by selecting the service from a drop-down list), and then select to update your policy in one or more of your security products. Cyberm8 Automation Platform will handle the parsing, comparisons, and object handling.
Want to keep your policies updated without running the task manually?
Set a scheduled task in Cyberm8 AP to perform the validation (and changes, if needed) on a daily bases.
Cyberm8 team will be happy to assist with the task configuration.
Contact us to hear more about our automation scenarios and schedule a demo.
https://www.cyberm8.com/request-a-demo/