Co -author Gavin Littleboy
Challenges in compliance with the network subject
Government agencies face significant challenges in maintaining network compliance due to the excessive complexity of the regulations. From NIST 800-53, cyber security injuries to other safety requirements, such as Stig Wizard (STIG) for the Ministry of Defense, comprehensive measures require configuration and maintaining networks to ensure that they remain in harmony and safe against vulnerability and threats. This problem is limited budgets and resources available in government subjections, which can make the allocation of sufficient personal and tools for effective compliance management. In addition, the need to integrate different technologies and old systems of systems further complicate the efforts to comply with the regulations. This system often lacks the flexibility needed to quickly adapt to the new and developing threats, which makes the task to achieve and manipulate continuous compliance with the ongoing fight. Agencies look at how automation and orchestration can help with these challenges.
Development of Netops and SECOPS teams
The development of NETOPS and SECOPS teams transforms how government agencies approach compliance and network security.
Netops, Devops, Secops Confused? See Details here – What is Netops?
These teams, which are traditionally operating, are now incredibly necessary to cooperate and solve shared challenges. Netops are trying to deploy the automation and verification of the network Continuou to simplify operations, increase speed and efficiency to provide services and improve the performance and durability of critical network infrastructure. SECOPS teams are constantly lining developing threats, such as vulnerabilities made of configuration errors, neglected updates, and non -participating visibility for security, delaying efforts to respond.
Need automation on scale
To expand this effort, automation, enabling teams to effectively manage routine tasks and quickly reactions to threats with increasing network requirements are required. There are many technical challenges when automating network compliance. For example, what are we looking for when it comes to maintaining a network? For networks we verify equipment at the end of life, version of versions, CVE/PSIRTS (common vulnerability and exhibitions/teams for securing product security), security implement guide such as DOD Stig and network and organizational stands. As this list of compliance aspects shows, there are many touch points that make adherence to the regulations by a quick task and become a “fire” scenario where all sources are urgently focused on catching up with the regulations before further audit. As for network configurations, there are three patterns in conformity checks.
Network observance patterns
The consensus is required necessary assessment of either network configuration or network status. These checks generally fall within 3 evaluation formulas: configuration of configuration, variable agreement, gold business logic.
Configuration of configuration Look for accurate matches in the configuration. Examples include deactivation or service permits such as http or password retracting. Conformity variables See a partial substitution agreement with a gold variable in the configuration. Example includes verification that multiple NTP servers (network time) are configured or that BGP (Border Gateway Protocol) is used by the BGP (BGP Protocol). Logical matches Look for organizationally defined patterns in configuration. Examples include verification that access control list is applied to the correct interface and that it blocks organizational defined protocols. This last formula is to implement the most complex and differ in organizations on the basis of local implementation of the required policy.
Today, Secops use the network audit and the creation of messages. These messages are then shared with the Netops team, which must interpret, translate into network domain configurations and then change the network. This lengthy process then repeats.
Allow continuous automation of match
Imagine a network automation platform where Netops and SECOPS can use uniform tools to deal with common goals and allow continuous understanding of audit, report and remedy. Security teams usually describe compliance with the “intention” regulations in the form of rules that verify where the network configuration met the criteria. When creating a final template to be used on a network, network operators must meet not only compliance requirements, but also requirements for network design and other factors.
Cisco Crosswork Network Network Services Orchestrator (NSO) provides this ability by making network operators easy to automate and manage complex networks with a built -in engine to comply with regulations to verify network conformity. It offers a versatile and powerful solution that promotes configuration management, orchestration service and promotion of policies throughout the network. Cisco NSO 6.x comes with significant conformity updates, such as compliance templates, intuitive interface for administering conformity, and continues to introduce ABOO patterns. Cisco NSO has a modern API and a status database where a continuous agreement can be verified in a real -time network and postponed to northern systems. Cisco NSO is also controlled by a model, which means data models and their intensity can be directly converted to the intended state of implementation in the network. This allows the new paradigm to ensure that SECOPS teams can audit and report compliance checks with the same tool templates and configurations that the NECPS team defined for the axle network. With Cisco NSOs, teams can ensure that they connect more sales on the network, make operations more efficient and increase cooperation between different teams within the organization.
If you want to learn more about Cisco Crosswork NSO or see an example of how to create compliance templates, see below.
Overview of NSO solutions solutions
Example reporting of compliance with the conquest on NSO github developers
Closing thoughts
As the role in Netops and SECOP evolves, support for learning and adaptability ensures that personal technologies and regulatory requirements can effectively control. By building an interference professional knowledge and problem solving, agency can add compliance needs and predict future requirements, leading to more resistant and responsive operations. To achieve effective solutions to compliance and use of automation brings significant return on investment (King) for government agencies, resulting in remarkable cost savings and enably agencies to assign sources more strategically and focus on their main missions. This not only protects the reputation of the agency, but also ensures continuous provision of basic services.
You want to immerse yourself in harmony and network automation, join us Cisco Live San Diego from 8 to June 12, 2025 For two keen sessions investigating strategies and solutions to improve your network operations:
Devnet-2144- “network automation compliance: Cisco NSO use for audit, report and remedy”
Devwks-2083- “The Path of Automation of Media with Cisco NSO”
Sign up for Cisco Live
If you would like to read about how Cisco can help your compliance or start on your automation trip, contact the account team.
Other links
Read about last year Cisco CX Customer Hero, which won the Cyber Security Award at World level for the Ministry of Defense Fabric Support Support
More automation blogs
More information about other Cisco solutions helps government agencies with compliance with regulations
Product Availability Compatible with Cisco Saas
Share: