Armature Systems recently worked with a Fortune 1000 company that had over three hundred globally distributed datacenters. They had acquired a large number of network devices through acquisitions but lacked an effective method to determine if their devices were properly configured to their security standards and industry best practices. By leveraging our experience with network security architecture, security best practices, and data analysis we were able to provide actionable data that allowed them to secure their global network.
Our Key Challenge
Deciding on the best-unstructured data model to allow large scale configuration data ingestion across different networking manufacturers (Cisco, Juniper, Arista, etc.)
There are only a few tools that can identify security vulnerabilities in select vendor platforms but no tools exist for cross-platform configuration analysis. We used our expertise in data analysis and leveraged technologies like MongoDB to ingest, parse, and store the configuration data for analysis.
We worked with security teams across APAC, EMEA, and the Americas to develop configuration benchmarks for each region, vendor, and device role.
Our Pathway to a Solution
Armature Systems used a homegrown custom assessment tool to aid in efficiently analyzing large sets of configuration data. We built a tailored data model along with scripts in order to have a better idea of how all of these devices were configured.
We used our tools to test their network devices against two criteria:
1) What the customer expected their configuration to look like based on their configuration standards
2) Our recommended best practices from our experience in the different operating systems and industry best practices.
Through these tests, we created a benchmark and built a configuration of what it’s supposed to look like in an ideal world, and compared it to the ingested data. Leveraging MongoDB, we were able to parse and store our data model while analyzing the data at scale. This process allowed us to attain key details as-well-as see live results about which devices were or weren’t properly configured.
The customer was provided actionable data to easily and quickly remediate the issues found in the device configurations.
This was a unique situation as using MongoDB is usually reserved for big web applications.
Creating a Custom Solution
Best Practice Recommendations
We provided a benchmark that allowed them to prioritize where they needed to focus in order to get their network configurations to be secure.
Custom Assessment Tool
We built a custom data model to ingest the configurations of thousands of devices and ran an analysis that could identify which devices had proper configurations and which didn’t.
Armature Systems can use data analysis with its security expertise to solve problems where no commercial tools exist and are difficult to solve.