Ensuring Consistent Router Security Through Ansible & Git
Time 12/12/19 02:40PM-03:30PM
Room Nottoway (4th)
It is not unusual for a core router configuration to be upwards to 7000 lines long, and in some cases more. This alone is a problem, but when you are managing 10, 30, 50, or even thousands of network devices, the ability to implement network policy, consistently, becomes critical important. Given that the configuration of the network devices, and in particular it's access-lists and filters, are a major line of network defense, inconsistency in the configurations leave gaps available to be exploited. The Indiana University GlobalNOC uses Ansible and Git to automate the common portions of its network configurations to ensure the running network policy exactly matches the intent, on every device in the network.
Speaker Grover Browning Indiana University
Primary track Information Security
Secondary tracks Advanced Networking