Demo

Leveraging Automation & Orchestration to Rapidly Respond to Security Notifications (ONUG)

Today’s enterprise network is a complex environment that spans on-prem data centers and multiple cloud platforms. In order to deploy, maintain, and secure an environment this diverse and dynamic, organizations must move away from manual processes that are slow and error prone and transition into an environment where infrastructure automation and orchestration is the standard.

To rapidly respond to security notifications from SIEM and SOAR systems, your automation solution must be able to quickly integrate with multiple IT systems, cloud, and traditional network infrastructure. Enterprises can use Itential to quickly integrate with cloud platforms, network solutions, IT, and security systems to build automations that can immediately respond to security events by documenting trouble tickets, sending notifications to multiple teams, and making critical changes to secure both cloud and on-prem infrastructure.

In this demo, see how the Itential Automation Platform can help your organization accomplish:

  • Integration with your complex, dynamic ecosystem of cloud, network, security, and IT systems.
  • Receiving security notification event data, parsing, and transforming it to be used within the automation workflow.
  • Automating security responses based on event data, and making security changes to both cloud and physical networks.
  • Documenting the event and response details in trouble tickets and team messaging channels.

Demo Notes

(So you can skip ahead, if you want.)

00:00 Intro & Demo Overview
02:13 Overview of an Automation Workflow
03:43 Transforming Data from Security Event Notifications
04:25 Using GitLab as a Source of Truth for ACLs
05:52 Managing ServiceNow CRs & Making Changes to the Network & Cloud
08:10 Running Automation via External API Using Postman
09:33 Using Slack Notifications for Automation Details
10:50 Verifying Global Block List Update in GitLab
11:57 Viewing Automation Job Status in the Itential Automation Platform
13:03 Verifying ServiceNow CR Ticket Creation & Updates
13:43 Verifying AWS Network ACL Updates
14:02 Verifying Azure Network Security Group Updates
14:35 Running Compliance & Audit on CLI Devices
16:08 Running Compliance & Audit on API Devices & Services
17:17 Utilizing Global Block List as Source of Truth for Additional Network Devices

Automating Firewall Policy Changes with Itential  
On-Demand Webinar
Automating Firewall Policy Changes with Itential
Watch Now  

Additional Resources

Network Configuration & Compliance Management Blog: Would Your Network Pass a Configuration Compliance Audit? White Paper: Requirements for Operationalizing Multi-Cloud Networking with Automation Demo: How to Integrate ServiceNow with the Itential Automation Platform Customer Stories: Blocking as a Service: How a Global Financial Services Company Leveraged Itential for Vendor-Agnostic SOAR Integration