Community Ansible® is a great platform for experimental and proof-of-concept projects, but how do you know if upstream community-supported software is providing the right level of security for your organization? Have you considered your team’s response time when handling open source vulnerabilities such as patching or updates? How are they alerted to these types of vulnerabilities? Do you have the appropriate level of expertise on your team to assess and remediate these security issues? This checklist details 6 security benefits of Red Hat® Ansible Automation Platform that organizations using community Ansible should be aware of and how Red Hat addresses security risks.
1. Ensure enhanced quality assurance and testing
The community version of Ansible is constantly changing, which can cause version control issues and make regular testing and quality assurance a challenge. Ansible Automation Platform can help protect you from performance-testing bugs by:
- Rigorous, proactive, and nightly quality assurance and integration testing.
- Regular simulated-attack testing of the product to prevent new security vulnerabilities from being exploited.
- Performance and stress testing of automation controller and automation mesh for scale-out execution of Ansible Playbooks and content.
2. Access enterprise support
While the upstream community version of Ansible is a great place for proof-of-concept, it lacks the direct access to dedicated expertise that enterprises need. With Ansible Automation Platform, enterprise support means you get:
- 24x7 support for any packaged component with enhanced troubleshooting and root cause analysis with Red Hat experts.
- Front-line prioritization for bug fixes and features from Red Hat’s Ansible Engineers.
- Self-service access to a wealth of accumulated knowledge via the award-winning Red Hat Customer Portal.
- Extended life cycles for bundled versions and upgrades instead of a rolling release model seen in the community version of Ansible.
3. Prioritize security grading as product release blockers
When using community versions of Ansible, the responsibility of security monitoring on open source execution environments falls on the customer’s organization, which can be labor-intensive. An Ansible Automation Platform subscription means:
- If an execution environment lands anywhere other than an “A” security grade, the service level agreement (SLA) is 5 business days to return it to the “A” grade.
- Container image health is continuously monitored with the Container Health Index.
4. Red Hat quality assurance for bug fixes
Identifying bug fixes without dedicated support can create delays, as they may not be ready for deployment in community production environments. With Ansible Automation Platform, our engineering completes the quality assurance testing for bug fixes, which means:
- Customers have access to Red Hat-identified bug fixes via access.redhat.com.
- Customers can either open a case via the Red Hat Customer Portal or for more urgent bug fixes, can immediately contact their local support center via phone.
5. Use security-focused development life cycle practices
Community-based repositories are prime targets for supply chain attacks. Using security-focused development life cycle practices, Ansible Automation Platform can help:
- Reduce the number of vulnerabilities in released software.
- Mitigate the potential impact of undetected or unaddressed vulnerabilities.
- Address the root causes of vulnerabilities to prevent future recurrences.
- Build confidence by using Red Hat Ansible Certified Content that is fully supported by Red Hat and the Red Hat ecosystem of technology partners.
6. Maximize efficiency with Event-Driven Ansible
Automation can save time and money for your organization. With Event-Driven Ansible, you are likely to have more satisfied engineers and subject matter experts because you are eliminating mundane activities by:
- Straightforward wins—having the ability to solve cases efficiently, cost-effectively, and in a timely manner.
- Automating fact gathering, network administration, and edge device management.
- Remediating drift, slow performance, and outage issues.