IT infrastructure compliance to make adopting Puppet easier

New Member.
0 0 1,565

Article written by Nimish Shelat (Product Marketing) and Derek Kruger (Technical Marketing)

Data security threats and breaches are on the rise, and as a result IT compliance is gaining significance. IT Ops teams are responsible for ensuring infrastructure compliance with benchmark standards—depending on the regulations that apply to their industry. However, this can be a daunting task as many IT departments face enormous challenges to meet their compliance objectives—from the proliferation of infrastructure resources and platforms to intensifying regulatory compliance demands and a shortage of time.

The lack of compliance visibility across the data center, splintered audit reporting, and lengthy, manual remediation processes makes IT compliance a difficult endeavor. Furthermore, with shadow IT and cloud adoption by business units on the rise, being compliant across the entire IT estate is getting more dynamic and increasingly challenging. Micro Focus Data Center Automation Suite (DCA) addresses all of these compliance challenges. DCA automates compliance at scale and accelerates compliant infrastructure service delivery.

Let’s take a closer look at what Data Center Automation offers for IT compliance:

  • One platform to manage compliance of operating systems, databases, and middleware across multi-vendor environments
  • Single-view compliance dashboard for a comprehensive view of the infrastructure compliance state
  • Out-of-the-box compliance content for CIS, PCI DSS, FISMA, HIPAA, SOX, NERC, ISO to meet benchmark requirements
  • Closed-loop remediation with service level objective (SLO) enforcement to remediate and restore compliance levels automatically against business objectives and within a defined period of time
  • Container-based architecture that’s easy to deploy and scale effortlessly to meet higher workloads by running multiple stateless container services and upgrade.




Keeping Puppet-managed servers compliant using DCA

IT departments within lines of businesses (LOB) may use open-source software configuration management tools, such as Puppet, for infrastructure provisioning activities. While open-source tools offer autonomy and flexibility to business units, central IT must manage the risks associated with data breaches and failed audits due to potential IT noncompliance.

DCA can perform compliance audit and closed-loop remediation of resources (operating systems, databases, and middleware) deployed by Puppet along with directly managed infrastructure resources.  Here is what DCA offers for Puppet-managed environments.

  • Discover and import Puppet-managed servers along with databases and middleware deployed in the environment
  • Use compliance benchmark content to perform policy-based compliance audits of the resources in the Puppet-managed environment to ensure enterprise SLOs
  • Execute compliance scans on Puppet-managed resources within the scheduled maintenance windows
  • Remediate the resources to fix potential exposures and make them secure and compliant
  • Examine compliance status, score, and scan summary of the resources in a single-view compliance dashboard and drill-down reports
  • Leverage enterprise class features like Role Based Access Control to simplify security administration and ensure only authorized users have access to data center resources, and integrated exception management




What our cutomers are saying

“The automated remediation option accelerated our compliance process for patch and audit rules. Without automated remediation, more than 500 rules would have to be remediated manually… With built-in benchmarks, we continuously identify and remediated all out-of-compliance elements across our infrastructure.” Baris Altiner – Automation Expert, Kuveyt Turk

Bringing it all together

The inovations in DCA now allows IT to deploy a manager-of-managers configuration and establish IT compliance across the entire organization. Integrating Puppet-managed resources into DCA allows central IT to develop and automate consistent security policies across the entire IT landscape—including the business units. Central IT can now leverage DCA to establish corporate and regulatory standards and regain control of IT compliance and governance while business units can adopt configuration management tools of their choice to meet their DevOps needs.

Clearly, DCA is the authoritative, single-point solution to uphold IT compliance across the enterprise. Learn more here.


About the Author
Currently focused on Datacenter Automation and IT Process Automation solutions. The scope of these solutions spans across server, network, database and middleware infrastructure. The solutions are optimized for tasks like provisioning, patching, compliance, remediation and processes like Self-healing Incidence Remediation and Rapid Service Fulfilment, Change Management and Disaster Recovery.
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.