《紅帽：利用自動化提升網絡安全-紅帽客戶成功案例（2023）（英文版）（16頁）.pdf》由會員分享，可在線閱讀，更多相關《紅帽：利用自動化提升網絡安全-紅帽客戶成功案例（2023）（英文版）（16頁）.pdf（16頁珍藏版）》請在三個皮匠報告上搜索。

1、Enhance securitywith automationA Red Hat customersuccess seriesSuccess storiesIntroductionConclusion031605-13Retailer Schwarz Group automates IT with Red Hat Ansible Automation Platform07Agile Defense enhances security compliance with Red Hat Ansible Automation Platform09Cepsa boosts efficiency with

2、 Red Hat Ansible Automation Platform12Siemens improves communication security with Red Hat Ansible Automation Platform14Emory University mitigates sudo threat with Red Hat Ansible Automation Platform05The challenge to integrate IT security teams and solutions in a fast-paced environment is a require

3、ment that every organization must solve for.And,while each approach to security is different,there are strategies that can be learned and adapted to help protect your valuable data,applications,IT systems,networks,and devices from malicious or unintended activities.To help share these strategies,thi

4、s e-book highlights 5 success stories from Red Hat Ansible Automation Platform customers that use automation to integrate and scale their security solutions to investigate and respond to threats across their organization in a coordinated and unified way.Automation is evolving securityHow does automa

5、tion enhance security?Most organizations have a security team that knows what needs to be done,but configuring systems and applications manually,especially thousands of them,to protect against attackers takes more time and more skilled resources than is practical.Automation can close this skills and

6、 resource gap by applying and enforcing security standards that adapt to meet internal and external security guidelines.The result is drastically reduced response times and decreased vulnerability.Ansible Automation Platform helps teams automate and integrate security solutions that can investigate

7、and respond to threats across the enterprise in a coordinated and unified way using a curated collection of modules,roles,and playbooks.Organizations with fully deployed security AI and automation were able to detect and contain a breach much more quickly than organizations with no security AI and a

8、utomation deployed.IBM.“Cost of a Data Breach Report 2022.”July 2022.3What does a unified security approach include?Investigation enrichmentCollecting logs across firewalls,intrusion detection systems(IDS),and other security systems programmatically enable on-demand enrichment of triage activities p

9、erformed through security information and event management systems(SIEMs).Threat hunting Automatically tune the level of logging and create new IDS rules and new firewall policies facilitating the detection of more threats in less time.Incident responseRemediate faster-automating actions like blackl

10、isting IP addresses or domains,whitelisting non-threatening traffic,or isolating suspicious workloads for further investigation.Security solutions are constantly evolving to stay one step ahead of security threats.Some key aspects to consider include:Security is everybodys responsibility.Ansible is

11、a powerful,agentless tool that makes automation accessible across the organization,from IT operations to development to network engineers to security teams because it delivers automation in a human-readable language.This allows organizations to do more with automation,including:Increase productivity

12、.Ansible uses a simple human readable language so theres no need for specialized skills to code or manage to ensure tasks are executed in the proper order.Manage all IT infrastructure.Gain the ability to gather and audit information and stay on top of configuration management and workflow orchestrat

13、ion.Boost efficiency and security.An agentless architecture lets you deploy solutions more quickly without the vulnerability of agents to exploit or update.The following success stories illustrate the power and scalability of automation for security,and how a unified automation platform,such as Ansi

14、ble Automation Platform,helps organizations enhance their security posture.Why choose Ansible for security automation?4Emory University mitigates sudo threat with Red Hat Ansible Automation PlatformEmory University in Atlanta,Georgia is home to more than 15,000 students at its metro Atlanta campuses

15、.With research ties to institutions around the globe and as the operator of Georgias largest healthcare system,its no surprise that the institution is a target for cyberattackers looking to exploit and gain access to confidential information through its digital footprint.Once theres an entry through

16、 a vulnerability,the concern is the attacker would surreptitiously move throughout the network taking intellectual property and slipping away undetected.The schools Office of Information Technology(OIT)is tasked with maintaining systems for students,staff,faculty,researchers,and other stakeholders t

17、o ensure that networks and data are protected from unauthorized access and potential security breach.This is why there was such an alarm in January 2021 when the Red Hat team alerted OIT to a vulnerability within Emorys Red Hat Enterprise Linux systems affecting the operating systems sudo utility.An

18、sible automation accelerates security risk remediationPatched updates in hours not weeksWith more than 500 servers using Red Hat Enterprise Linux under their charge,the OIT knew they had a difficult road ahead if they had to install the patch manually,which would have put the universitys infrastruct

19、ure in danger.The solution was to use an Ansible Playbook to apply the patches automatically to each server.What would have taken up to two weeks to remediate across all servers took collectively four hours.People didnt think we could patch Linux servers every 30 days,but with Red Hat Ansible Automa

20、tion Platform its possible and its necessary.Steve Siegelman,Manager of Systems Engineering,Office of Information Technology,Emory University5Download the Emory University success storyFreed valuable resources to focus on higher-value projectsAnsible Automation Platform was first used for Emorys fin

21、ancial systems before it was rolled out to the student and Human Resources systems.“Were pressed to do more with the same number of staff like many other organizations.And when you dont have to handle repetitive tasks that could be taken care of by Ansible Automation Platform,that frees people to wo

22、rk on other more critical projects,”said Siegelman.IT staff freed to focus on adapting to COVID-19 challengesAnother example of the Ansible Automation Platforms flexibility was in March 2020 when Emory,like nearly every school and organization,was forced to close its buildings and send students and

23、staff to work from home.OIT needed database servers to be quickly deployed in order to handle tracking essential employees for on-campus clearance.The selected staff filled out questionnaires that were fed into the system.Setting this up on the servers manually would have taken days,but with Ansible

24、 Automation Platform it was completed in a matter of minutes.“It showed what automation on the backend could do,”said Siegelman.Security innovation beyond the campus with automationThe need for automation is critical to Emorys plans moving forward,especially as it transitions to the cloud.“We have s

25、ome legacy systems that are a mix of old and new builds,and were putting a great deal of effort into our AWS platform,”said Siegelman.“With these different systems,Ansible Automation Platform allows us to have repeatable processes that are standardized.No matter if the platform is in the cloud or on

26、 premises,everything looks in place.”6The Schwarz Group is the fourth-largest retailer in the world.The German retailer operates more than 12,500 stores in 33 countries.Schwarz is rapidly growing its international presence,and to succeed,the group must balance consistent store management with the fl

27、exibility to adapt to local demands and the agility to open new stores quickly,particularly in new marketsall while mitigating risk.To manage these stores consistently while flexibly adapting to local demand,the group migrated from existing Puppet management to Red Hat Ansible Automation Platform.Wi

28、th a consistent operational foundation,the group can use self-service capabilities to quickly deploy innovative digital services and stay competitive while maintaining a strong security posture.Consistency is the key to security across thousands of retail stores worldwideSchwarz IT employs more than

29、 3,500 engineers to support more than 1,000 SAP systems and 28PB of datacenter-hosted storage.Each Schwarz store operates a Storeserver,a central operational system installed by the companys local IT team that controls a range of store functions,from checkout kiosk systems and closed-captioning secu

30、rity(CCTV)to recycling and reward programs.To improve user management and authorization,Schwarz IT sought to introduce controlled,efficient self-service capabilities to speed deployment processes.To achieve this,Schwarz IT implemented Ansible Automation Platform.Due to complex and time-intensive pro

31、cesses,the community version did not work to our satisfaction.Automation is a critical component of our business operations,and enterprise support was a key reason we decided to use Red Hats solution.Felix Kuehner,Head of Storeserver,Core Infrastructure Services,Schwarz IT.Retailer Schwarz Group aut

32、omates IT with Red Hat Ansible Automation Platform7Weve valued working with Red Hat and hope to continue using Ansible to find new ways to make our business more modern and efficient.Felix Kuehner,Head of Storeserver,Core Infrastrastructure Services,Schwarz ITImproved risk management with role-based

33、 system access Download the Schwarz success storyUsing Ansible Automation Platform,Schwarz IT can more effectively balance controlling system access by authorized application and development with desired self-service capabilities.Role-based access control means application teams can automate deploym

34、ents as regular users without requiring root access to critical core business systems.“This feature provides high-level consistency while letting individuals be proactive in working on new and existing projects,”said Kuehner.After its initial success with Ansible Automation Platform,Schwarz IT plans

35、 to continue exploring ways to help The Schwarz Group achieve consistent yet responsive store operations.During a two-day workshop,Schwarz ITs teams worked with Red Hats technical experts to review the architecture and establish best practices for the new automation solution.The group now runs more

36、than 5,000 Ansible Automation Platform jobs each day to manage its store servers.8Agile Defense enhances security compliance with Red Hat Ansible Automation PlatformAgile Defense is a leading information technology services business based in Reston,Virginia.With many U.S.Government clients,including

37、 several U.S.civil agencies and various branches within the U.S.Department of Defense,IT security is a top priority.Preventing cybercriminals from gaining unauthorized access to their systems and infrastructure has never been more pertinent.Many breaches that occur are the result of configuration er

38、rors.For the U.S.Department of Defense(DoD)and federal agencies,avoiding threats requires them to adhere to strict information,security,configuration,and compliance standards in the Defense Information Systems Agency(DISA).Regular audits that check for misconfigurations and other errors are part of

39、the job,but these audits are repetitive,resource-intensive,and costly.Agencies can spend months preparing for an audit.A reactive,manual approach to this work was leaving their customers open to known vulnerabilities between checks.Our customers production tasks would grind to a halt ahead of an ins

40、pection while they got all their documentation in line.Shawn Draper,Solutions Engineer at Agile Defense9Using automation to mitigate the impact of auditsThe security advantage of Ansible PlaybooksMisconfigurations and audits are a pervasive pain point for many of Agile Defenses government customers.

41、The leading IT services business,which prides itself on innovation through information technology,partnered with Red Hat to create a Security Technical Implementation Guide(STIG)configuration,reporting,and remediation tool.The STIG automation solution performs ad hoc systems audits,optionally remedi

42、ates misconfigurations,and reports on the current state of devices.Otherwise known as Agile Defenses Compliance as a Service(CPaaS),the STIG automation solution uses Red Hat Ansible Automation Platform because of its flexible and scalable automation capabilities.Additionally,Red Hat collaborated wit

43、h DISA on a STIG for Red Hat Enterprise Linux and understands the importance of creating standards for every device,operating system,and software version.CPaaS uses Red Hat Ansible Automation Platform configuration management automation capabilities to audit for open vulnerabilities.“Red Hat Ansible

44、 Automation Platform connects to devices and executes commands specified in an Ansible Playbook,”said Draper.Having identified misconfigurations automatically,CPaaS can also automatically remediate them by following commands in a bespoke Ansible Playbook.Agile Defense has built a variety of playbook

45、s,each designed to test a different type of device.These include playbooks for Red Hat platforms,Windows devices,VMware hypervisors,Cisco routers and switches,and firewalls.We chose Red Hat Ansible Automation Platform to tackle this problem because it can communicate with everything.Shawn Draper,Sol

46、utions Engineer at Agile Defense 10Download the Agile Defense success storyCPaaS helps with all of the paperwork by automatically producing all necessary documentation.Specifically,CPaaS uses Ansible Automation Platform to write an XML check file(viewable in DISAs STIG Viewer)for every device on the

47、 network and vulnerability identified to present to the auditor.These artifacts can show current-state information and demonstrate that particular security configurations have been implemented.Ansible Automation Platform also allows customers to extend the capabilities of CPaaS to manage workflows a

48、nd inventory,schedule audits,and introduce role-based access control.CPaaS also ensures consistency across devices.The proactive monitoring of an agencys security posture that CPaaS provides is critical to maintaining readiness in the face of cyberthreats.Historically,this monitoring has been resour

49、ce-intensive and required additional software on endpoint devices.By using Ansible Automation Platform to scan for open vulnerabilities,Agile Defenses CPaaS saves its government customers 98%of time spent on audits.One of the great things about automation is that it does the same thing every time.Sh

50、awn DraperCustomers time spent on audits reduced by11Cepsa boosts efficiency with Red Hat Ansible Automation PlatformGlobal energy and chemical company Cepsa is on a mission toward carbon reduction around the globe.In 2022,the company presented its strategy to be a leader in sustainable mobility,bio

51、fuels,and green hydrogen with a focus on Spain and Portugal and a key benchmark in the Energy Transition.To be successful,Cepsa needed to increase efficiency and stay compliant while reducing costs,risk,and downtime.To achieve this goal,the company began automating processes to save work hours,impro

52、ve service response times,and enhance IT security.Working in collaboration with Red Hat Consulting,the company used Red Hat Ansible Automation Platform to make automation a core pillar of its innovation strategy,led by an automation manager.As a result,Cepsa increased productivity by 35%and increase

53、d response times by 1015%.Improved IT security with enhanced access controlsWith the success of its early automation projects and its long-standing relationship with Red Hat,Cepsa decided to extend Ansible across their entire business.Ansible Automation Platform provides enterprises with a supported

54、 foundation for building and operating automation services at scale,and a composable,collaborative,and trusted execution environment.This not only increases efficiency,it standardizes complex IT environments where security is important.12Download the Cepsa success storyAutomation helped support a po

55、sitive cultural shift,resulting in better collaboration between teams.Red Hat is collaborating with us to implement best practices and learn from their expertise across our entire organization.Francisco Jos Martn,Automation Manager,Department of Exploitation and Operation,CepsaShifting to a security

56、-focused culture with expert automation guidanceRed Hat Consulting helped Cepsa implement the changes needed to maximize the value of their new automation technology and approach.Working alongside the Cepsa team,Red Hat experts helped show the value of an agile work approach and ongoing quality impr

57、ovements through a continuous integration and continuous delivery(CI/CD)approach.Productivityincreased by 35%Response timesincreased by 10-15%Ansibles easily understood Playbook syntax allowed Cepsa to define security parameters for any part of their system,whether its setting firewall rules,locking

58、 down users and groups,or applying custom security policies.Standardizing processes has helped Cepsa reduce the number of additional security administration permissions in its systems,mitigating risk.It now groups users by job role and department to ensure the correct permission levels are granted w

59、ithout overextending access.As a result,Cepsa increased productivity by 35%and increased response times by 1015%.A technician can now access Ansible Automation Platform and can restart the service without credentials,giving them the assurance that the process will be executed the same way it is outl

60、ined in the predetermined code.13Siemens improves communication security wth Red Hat Ansible Automation PlatformHeadquartered in Munich,Germany,Siemens is the largest engineering company in Europe.The international technology group focuses on electrificationfrom power generation,transmission,and dis

61、tribution to smart grid solutions and the efficient application of electrical energy.Due to the sensitive nature of its business,Siemens is committed to staying at the forefront of security technology.In order to reliably protect access to confidential information,Siemens 295,000 employees and 100,0

62、00 employees from its business partners use public key infrastructures(PKIs),checking the certificates and identity of public keys.A growing use of this technology is to secure Internet-of-Things(IoT)communication and now maintains two PKI environments for different application use cases.This is esp

63、ecially important since infrastructure-as-code with Red Hat Ansible Automation Platform is more than the introduction of a new toolit requires a fundamental change in the mindset of system administrators.Rufus Buschart,head of public key infrastructure(PKI),Siemens14Whenever we need Red Hat,theyre t

64、here for us,and our vision is to work together to develop a best practice platform for automation to optimize efficiency and innovation of our organization.Rufus BuschartAs communications between service teams across the organization expands,configuration complexity is also increasing for Siemens PK

65、I team.To support this demand,Siemens replaced its legacy automation solution with Ansible Automation Platform.Using Ansible Automation Platform,Siemens is now able to automate administrative tasks,help increase configuration quality,and help improve communication security throughout the company.Fur

66、thermore,Siemens has benefitted from Red Hat expertise and plans to work with Red Hat to explore automating testing processes,with the goal to establish a common blueprint for continuous deployment.Download the Siemens success story15Enhance your security posture using automation.About Red HatRed Ha

67、t is the worlds leading provider of enterprise open source software solutions,using a community-powered approach to deliver reliable and high-performing Linux,hybrid cloud,container,and Kubernetes technologies.Red Hat helps customers develop cloud-native applications,integrate existing and new IT ap

68、plications,and automate and manage complex environments.A trusted adviser to the Fortune 500,Red Hat provides award-winning support,training,and consulting services that bring the benefits of open innovation to any industry.Red Hat is a connective hub in a global network of enterprises,partners,and

69、communities,helping organizations grow,transform,and prepare for the digital future.Copyright 2023 Red Hat,Inc.Red Hat,Red Hat Enterprise Linux,the Red Hat logo,and Ansible are trademarks or registered trademarks of Red Hat,Inc.or its subsidiaries in the United States and other countries.Linux is th

70、e registered trademark of Linus Torvalds in the U.S.and other countries.All other trademarks are the property of their respective owners.Latin America+54 11 4329 7300 info-Asia Pacific+65 6490 4200 Europe,Middle East,and Africa00800 7334 2835 North America 1 888 REDHAT1 Ansible Automation helps secu

71、rity teams:Chain workflows and playbooks for modular reusability.Security teams can configure a sequence of jobs that share inventory,playbooks,or permissions to fully automate investigations or remediations.Support local directory services and access controls.Pairing user directory services with in

72、frastructure allows security teams to centralize job access and execution,assign operation subsets to specific roles,and share tasks with other groups.Consolidate and centralize logs.Integration with third-party external log aggregation services helps security teams identify trends,analyze infrastru

73、cture events,monitor anomalies,and correlate disparate events.Integrate external apps using RESTful APIs.Security teams can use Red Hat Ansible Automation Platform to manage other enterprise applicationslike security orchestration and automated response(SOAR)solutions.Ansible Automation Platform hel

74、ps organizations manage automated security systems to stay ahead of malicious attacks.With access to hundreds of modules that help security teams to automate all aspects of their IT environment and IT processes,Ansible can integrate many teams to protect complex security perimeters,unifying your security approach and strengthening your security posture.Learn more about Red Hat Ansible Automation Platform.16