It's no secret that IT operations is a complex area. Teams face demanding workloads, where many tasks have to be completed quickly. Objectives typically focus on smooth and resilient operations, and enabling fast innovation to support organizational needs. In their distinct role, security teams must manage risk and compliance, respond quickly to incidents, protect data, and govern access. All these priorities must be simultaneously met, and this leaves the ITOps and SecOps teams searching for the best ways to collaborate. In this article, This article provides an overview of how Red Hat Ansible Automation Platform can automate nearly any task for an IT organization, bridging the gaps between IT and security needs.

Provisioning and orchestration: Seamless security integration from the start

Ansible Automation Platform includes an automation orchestrator (in Technology Preview) that allows teams to automate a series of tasks across a workflow and to leverage your automation mode of choice, such as tactical, event-driven, and agent-driven.

These workflows can include multi-domain steps in a process, for example, provisioning a Red Hat Enterprise Linux server, creating virtual machines, orchestrating across related infrastructure such as networks, storage, and applications, and embedding security processes into these workflows (see figure 1 for an example) for seamless implementation.

Infuse security and compliance steps seamlessly into ITOps.

When security steps are agreed to and implemented as "code" through automation, a busy system administrator can meet security requirements without extra manual effort. When implementations are aligned, consistent, and accurate, and there's a clear audit trail of every action taken, the result is time savings for IT roles, and peace of mind for security roles.

Now that you understand how security needs can be worked into IT management, let's explore some use cases.

Automated hardening: Fast, compliant operations

With Red Hat Enterprise Linux, you can validate that your "source of truth" configuration (or baseline) is implemented. For example, SELinux is enabled, STIG and OpenSCAP compliance are aligned, secrets management is in place, and your observability agent is installed using automated workflows. You can choose to create a separate hardening workflow, or to include hardening checks in a provisioning workflow.

Ansible Automation Platform's event-driven automation can play a role as well. For example, from alerts of new resources created, you can trigger hardening checks and create a service ticket when results do not align. No matter how you design your process, you can better deliver new systems in line with security and compliance processes. This helps reduce the impact of human error and contributes to lower risk and more resilience.

Automate audit and compliance: Create reports without manual steps

After an incident occurs, audit reports are typically required to satisfy compliance standards. The process has traditionally been manual, but Ansible Automation Platform can capture information from infrastructure including the audit trails and generate dynamic reports on all automated actions taken for remediation or reports on incident data. You can also use reporting to demonstrate governance processes, such as who has role-based access control (RBAC) access to operate on a given inventory of resources.

For incident reporting, Ansible Automation Platform can easily gather a set of forensics to help diagnose problems (figure 2), determine remediations, and assess the blast radius. All of this occurs with less disruption of IT resources that must also focus on operational needs and priorities.

Flexibly automate security for any infrastructure, network, edge or cloud resource.

Automated healthchecks: Perform scans

With Day 2 operations underway, automation helps keep resources aligned to policies. You can perform a variety of health checks, for example, to detect and remediate drift, apply vulnerability patches, apply new policies, rotate secrets, and much more. By targeting a specific inventory group for scanning, you can verify every resource in the inventory.

Time savings can be significant. For example, KreditPlus is a financial services company based in Indonesia with branch offices across 200+ regions. They replaced a manual and time-consuming patching process with automation, so they patch their entire environment efficiently with a single click. They gain confidence in knowing that their systems are up to date on patches.

Automate remediation: Event-driven automation enables fast response to alerts

What is the process today when you receive an alert for a security risk? Does resolution take longer than you wish? This is where Ansible Automation Platform's included Event-Driven Ansible comes in to expedite responses. When a security alert is received, you can automatically take actions like revoking suspicious user access, rapidly gathering forensics, creating tickets or notifications, shutting ports, disabling services and more. The sooner you identify and disable a threat, even as you investigate, the more you can reduce its impact.

Comprehensive sanitizing: Automatically revoke obsolete access

At the end of any operational lifecycle, resources must be sunset. For example, an unneeded virtual machine can be automatically taken down or moved to low-cost storage.

But this is only part of a sunsetting process. You also need to comprehensively revoke any access privileges associated with that resource.

Using Ansible Automation Platform, you can thoroughly decommission no longer used resources. Automatically scan the resource to get a list of access points and secrets that were available to this virtual machine. Using this list, automatically revoke these access points, giving you peace of mind that you have more comprehensively closed potential attack points. As needed, you can create audit reports that demonstrate your actions.

Get started on your journey to security automation

Now you've gained some insight as to how you can use Ansible Automation Platform to build in security across your full operational lifecycle. It is a highly flexible solution that can be applied to security tasks, integrated into other automated processes for more seamless completion of security steps, included in Day 2 operations such as automated issue resolution, expedited reporting, and closed access points when a resource is decommissioned.

Red Hat recommends a "start small, think big" approach to automation adoption. Start with simple compliance use cases, and grow from there. Keep an eye on metrics such as hours saved, positive impacts on resilience and risk, fewer issues due to human error, and more.

Here are some recommended resources for learning more:

리소스

비즈니스 자동화의 5단계

이 e-book에서는 Red Hat Services가 엔터프라이즈 수준의 자동화를 도입하여 팀을 통합하고 프로세스를 표준화하고 IT를 혁신하는 데 어떻게 도움이 되는지 살펴봅니다.

저자 소개

Cindy Russell is a Senior Principal Product Marketing Manager for Ansible Automation Platform.

UI_Icon-Red_Hat-Close-A-Black-RGB

자세히 알아보기

채널별 검색

automation icon

오토메이션

기술, 팀, 인프라를 위한 IT 자동화 최신 동향

AI icon

인공지능

고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트

open hybrid cloud icon

오픈 하이브리드 클라우드

하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요

security icon

보안

환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보

edge icon

엣지 컴퓨팅

엣지에서의 운영을 단순화하는 플랫폼 업데이트

Infrastructure icon

인프라

세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보

application development icon

애플리케이션

복잡한 애플리케이션에 대한 솔루션 더 보기

Virtualization icon

가상화

온프레미스와 클라우드 환경에서 워크로드를 유연하게 운영하기 위한 엔터프라이즈 가상화의 미래