In today's rapidly evolving digital landscape, network security is of paramount importance. Recent high-profile network outages have underscored the need for organizations to not only automate improvements in network security but also recover quickly and minimize downtime when disaster strikes.
While data backups receive significant attention, operational tasks that keep networks secure, such as device backups, OS upgrades, and configuration grooming, often go undone. It's incredible that even today, the majority of these changes are made by hand, which makes them error-prone. Even the simplest misstep can have a ripple effect that brings down a network and/or disrupts a supposedly fault-tolerant business service. No one is immune – not even tech giants like Microsoft and Google.
Furthermore, with the pace at which new CVEs and OS bugs are identified, deploying OS updates and patches has become a never-ending project for most organizations operating at scale. A record 26,448 software security flaws were reported in 2022, with the number of critical vulnerabilities up 59% from 2021 to 4,135, according to an analysis by The Stack of data on Common Vulnerabilities and Exposures (CVEs). Network teams have such a hard time keeping pace that a recent CISA advisory found that in 2022, the number one exploited vulnerability was more than two years old. Threat actors realize organizations are behind on OS updates, so they take advantage of low-hanging fruit and continue to exploit the same vulnerability successfully for years.
I'm happy to share my expertise on how network teams can strategically leverage network automation to enhance network security and ensure operational success. Every week, I speak with network operations leaders who express the same challenge—they are completely overwhelmed with work, and there seems to be no end in sight. Amidst this never-ending workload, enhancing network security may seem impossible. However, network automation is a technology that can be strategically utilized to not only automate network operations tasks and save time but also continuously improve hygiene and the security posture of the network.
Using network automation to improve security
So, how can you achieve this? Here are seven easy steps to remember when implementing network automation to enhance network security:
Step 1. Select a network automation platform
Assessing your team's resources and capabilities, including the time and manpower available for managing and implementing the platform, will lead you to select the right type of automation platform. Be sure to consider the skill sets of your team members and the complexity of your network architecture – spanning multiple vendors and devices – so you make the right decision from the start and get as much capability out-of-the-box as possible instead of having to build it yourself.
Step 2. Automate backups and validate your restore procedures
Implement automated backups and one-click rollback for network infrastructure, such as firewalls, routers, switches, and IDS/IPS devices. This is important not only in case of an outage but also in the event you need to roll back an automated change that has inadvertently led to a failure. Schedule regular backups, including before and after changes, and ensure the ability to capture backups via API integration for seamless automation.
Step 3. Implement compliance audits
Conduct compliance audits based on industry standards, internal best practices, and golden configs. Leverage the automation platform to collect device configurations, identify compliance violations, and automate remediation or notification processes.
Step 4. Automate onboarding and discovery
Enable automated discovery and onboarding of new devices to ensure their inclusion in the management ecosystem, backups, and compliance checks. Avoid leaving any device unmanaged, as it poses potential risks to your organization. At the same time, automate backups and audit for compliance so you don’t introduce risk when you add new devices.
Step 5. Integrate vulnerability and risk intelligence data
Integrate vulnerability, risk intelligence, and end-of-life (EOL) data within the automation platform. Compare discovered devices against known CVE IDs, assign risk scores, and prioritize and automate upgrades based on potential vulnerabilities and exploits.
Step 6. Automate upgrades
Develop a comprehensive upgrade automation strategy for your network infrastructure devices. Regularly evaluate the automation platform’s ability to handle frequent upgrades, success rates, and complexity of workflows, including traffic rerouting for seamless connectivity.
Step 7. Funnel all changes through the automation platform
Channel all changes, including manual ones, through the network automation platform. Use the platform as a centralized hub for making changes, ensuring accountability, and maintaining an immutable log of activities.
A final word on network automation and its role in security
By implementing these steps, you can free up precious time spent on essential but time-consuming tasks like improving hygiene and focus on strategic initiatives such as digital transformation, cybersecurity, and cloud migrations.
Network automation offers immense potential for enhancing network security and operational efficiency. By strategically leveraging network automation platforms, organizations can automate backups, perform compliance audits, streamline device onboarding, integrate vulnerability intelligence, automate upgrades, and centralize change management. The result is a network infrastructure that is not only secure and resilient but also optimized for future growth.
Josh Stephens is the CTO of BackBox.