2019 Technology Exchange

Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Ensuring Consistent Router Security Through Ansible & Git

Time 12/12/19 02:40PM-03:30PM

Room Nottoway (4th)

Session Abstract

It is not unusual for a core router configuration to be upwards to 7000 lines long, and in some cases more. This alone is a problem, but when you are managing 10, 30, 50, or even thousands of network devices, the ability to implement network policy, consistently, becomes critical important. Given that the configuration of the network devices, and in particular it's access-lists and filters, are a major line of network defense, inconsistency in the configurations leave gaps available to be exploited. The Indiana University GlobalNOC uses Ansible and Git to automate the common portions of its network configurations to ensure the running network policy exactly matches the intent, on every device in the network.


Speaker Grover Browning Indiana University

Presentation Media

Primary track Information Security

Secondary tracks Advanced Networking

gold Sponsors

bronze Sponsors