Automate Key Network Compliance Tasks

Transcription

1 NETBRAIN SOLUTIONS Network Compliance Network Document Automation Automate Key Network Compliance Tasks CHALLENGE: Generating audit documents to demonstrate compliance is extrememly time consuming. Proactive planning to ensure enterprises stay compliant with internal and external policies proves difficult. SOLUTION: Enterprises can overcome manual processes associated with compliance by leveraging NetBrain software. Automation of recurring data collection, indexing and generation of requred audit reports reduces the amount of man-hours spent by internal or consulant teams and can help ensure continous rather than point-intime compliance. BENEFIT: Enterprises can save the time and resources associated with collecting and maintiaing data in additon to creating documentation required for compliance mandates. NetBrain can also help organizations proactively stay compliant with automated checks. Regulatory compliance standards such as PCI DSS, SOX, and HIPPA require that organizations take proactive measures to ensure vulnerabilities to sensitive information are properly secured. It's not enough just to be compliant; organizations must also be able to prove their compliance during an audit. To demonstrate compliance, regulatory auditors require detailed reports that demonstrate appropriate measures have been taken to prevent data from being compromised. They also require enterprises to maintain a repository of log data for applications and devices to confirm compliance over time. It is critical for enterprises to observe such guidelines, since noncompliance can result in severe penalties. By leveraging NetBrain s automated data collection, analysis, and documentation capabilities, engineers can overcome the challenges associated with verifying and documenting compliance: Maintaining up-to-date diagrams of network topology Generating detailed audit reports of infrastructure Running configuration compliance checks and reporting Automatically Maintain Up-to-Date Network Diagrams A key compliance requirement is to ensure network diagrams are up-to-date and that there is a formal process in place to keep them that way. As internal teams or auditors begin to examine infrastructure, network diagrams are often referenced. As a general rule, it is recommended that these diagram/topology documents include: Firewalls Load Balancers Routers and Switches Demilitarized Zone (DMZ) Wireless Networking or Networks Web Servers Proxy Servers Servers DNS Servers With NetBrain, engineering teams can create the diagrams required with unparalleled precision and speed. After an initial network discovery, NetBrain determines both network topology as well as the underlying design. A recurring network discovery, known as a benchmark, is used to ensure NetBrain s network intelligence remains accurate and up-to-date. The benchmark captures the following data:

2 NETBRAIN SOLUTIONS Network Compliance 02 Configuration files Route tables CDP/ARP/MAC/STP tables Inventory information These recurring benchmarks provide a repository of log data that can be referenced during audits to demonstrate compliance over time. Accessing accurate data, NetBrain can automatically generate network diagrams from simple user inputs. Diagrams are generally in the form of either layer-3 or layer-2 diagrams and can also be organized into site overview diagrams as shown below. EXAMPLE 1: A network overview diagram created with NetBrain. EXAMPLE 2: A topology diagram displaying site connections.

3 NETBRAIN SOLUTIONS Network Compliance 03 NetBrain is used to create these diagrams on-demand in its native and interactive Qmap format. All device and design data associated with a segment of the network is embedded within a Qmap file, and easily accessed. For compliance documentation, most auditors will require Visio format diagrams. NetBrain s Qmaps can be exported to Visio in seconds. EXAMPLE 3: A static Visio diagram that has been exported from a dynamic NetBrain map. Besides creating maps on-demand, NetBrain supports many ways to create multiple diagrams in batches one for each site, for instance. To proactively prepare for compliance, users can batch export Visio diagrams to a central repository and keep them updated on a pre-defined schedule. EXAMPLE 4: Set a recurring schedule for Visio updates.

4 NETBRAIN SOLUTIONS Network Compliance 04 Automatically Generate Detailed Audit & Design Reports Although updated diagrams are the most critical form of compliance documentation, regulatory bodies will also need to have detailed audit and design reports. NetBrain can automate the creation of design documents leveraging highly customizable templates. After selecting a template outlining what to include in the final report, NetBrain will create a Word document based on the selected style. EXAMPLE 5: A report generated automatically in Word format. EXAMPLE 6: Network Design Reports are highly customizable through a template-driven approach.

5 NETBRAIN SOLUTIONS Network Compliance 05 Automate Configuration Compliance Checks and Reporting Compliance verification requires organizations not only to document their network s design, but also to maintain an adequate internal control structure. Leveraging this control structure, NetBrain can automatically detect compliance discrepancies. This is achieved by leveraging unique Automation Procedures which index the network, collect data, and report anomalies. Automation Procedures are executable within NetBrain to perform a series of actions normally completed using the CLI. NetBrain includes hundreds of these procedures out of the box, including a series of compliance checks such as: Is login authentication enabled Is password encryption enabled Is public or private keyword configured in SNMP community strings EXAMPLE 7: Run Automation Procedures to detect and highlight compliance discrepancies automatically. Additionally, organizations can customize their own procedures to meet other in house or regulatory compliance needs through a visual and sample-driven platform.

6 NETBRAIN SOLUTIONS Network Compliance 06 EXAMPLE 8: Define a series of probes and triggers to create a customized automation procedure without scripting. Summary Compliance doesn t have to be unwieldy for organizations. By removing the burdens associated with manual diagramming, documentation, and organizational processes, organizations can shift focus from proving past compliance to enforcing real-time adherence. Automation is the key to proactively enforcing compliance policies and to a secure, compliant network. NetBrain Technologies Inc Network Drive 1 st Floor [email protected] Burlington, MA 01803

7 NETBRAIN SOLUTIONS Network Compliance 07