Automate IT and infrastructure, manage complex workflows, and mitigate risk at scale.
Try the full-featured Puppet Enterprise for free on 10 nodes.
Find and prevent compliance failures
Continuous Delivery for Puppet Enterprise
Build, test, and deploy infrastructure as code faster and easier
Compliance Enforcement Modules
Remediate to stay in compliance
Content & Modules
Pre-built scripts to automate common tasks
Get Puppet Enterprise
First 10 nodes are free!
Try it now
Request a demo
Find thousands of component modules built by the community and guidance on using them in your own infrastructure.
Visit Puppet Forge >>
Open Source Puppet
Perfect for individuals and small infrastructure
Automate tasks in orchestration workflows
See all open source projects >>
Contribute to open source projects >>
Zero Trust adoption is critical, specially for government agencies. Get an overview in this blog.
Table of Contents:
Zero Trust is a cybersecurity framework requiring all users to be authorized. Zero Trust is federally mandated for government agencies.
Adopting Zero Trust is an important security measure to have in place to verify all user access.
Government agencies have been working diligently to comply with the 2021 Executive Order on Improving the Nation’s Cybersecurity. The Executive Order (EO) addresses cybersecurity issues by imposing a new series of federal-wide Zero Trust mandates. Agencies were required to submit their plan development and cloud migration path reporting by July and August of 2021, with more deadlines on the horizon. Driving these compliance requirements further are DISA and NIST standards that agencies are also expected to follow.
While government agencies must ensure compliance with the Federal Zero Trust mandates, they must still keep their mission goals on track. How can agencies find and use the right resources to achieve a Zero Trust model without negatively impacting their workforce and budgets?
The Executive Order includes actions that government agencies must take to achieve a Zero Trust model. Agencies are required to:
Puppet has designed enterprise-grade infrastructure and remediation solutions that can help government agencies address these and other cybersecurity requirements, such as FIPS 140-2.
IT and business managers can easily tap into and automate rich compliance audit reports with Puppet Enterprise. Powerful Puppet report processors can collect and handle a wide variety of data points across the agency environment:
Finally, agencies are now required to comply with standard practices on how much incident data must be recorded to network logs and how it can be retained and accessed. The Puppet and Splunk integration make this easy by giving agencies deeper insights with data intake and analysis.
The data in Puppet reports can be accessed in a variety of ways:
Together, the Puppet and Splunk integration can efficiently analyze and visualize data to make intelligent operational and security decisions.
Puppet Enterprise uses role-based access control (RBAC) to grant individual users the permission to perform specific actions, such as:
Agencies can perform user control tasks in the console or use the Puppet Enterprise RBAC API, which allows agencies to effectively manage user access, roles, tokens, passwords, and LDAP connections.
The Puppet Enterprise RBAC API helps agencies to be more productive, agile, and collaborative while they manage their overall IT infrastructure. With Tasks in Puppet Enterprise, agencies can execute ad hoc actions on a target device to troubleshoot or deploy changes to systems in their infrastructure. Puppet Enterprise Plans allow agencies to combine tasks, scripts, commands, and other plans into complex workflows in order to run complex operations.
Puppet Enterprise can be employed to discover, filter, prioritize, and remediate vulnerabilities at scale.
As a part of the EO, government agencies need to follow secure cloud adoption practices and guidelines. Puppet Enterprise makes it easier, integrating cloud platforms, operating systems, and networks to address Zero Trust needs across the entire agency environment. Puppet Enterprise is also based on open source technology that can be scaled across hybrid environments for complete infrastructure coverage.
Since the order’s mandates are driven by DISA and NIST standards, government agencies must also stay up to date on these requirements. Puppet automates system configuration to comply with DISA STIGs and NIST 800-53 every 30 minutes.
Driving towards a Zero Trust security model can deplete government resources normally used to help keep mission-centric work on track. While improving Zero Trust compliance, the automation solutions from Puppet Enterprise can also help agencies conserve resources and preserve schedules—ensuring projects, programs, and missions stay the course.
The automation functionality of Puppet Enterprise can help with compliance and:
With the Zero Trust model, government agency teams can spend more of their strategic energy on the mission and less on making sure that their network and systems remain compliant.
Puppet can help government agencies address security and compliance requirements and more effectively meet the EO. Puppet Enterprise provides rich, flexible, and diverse data collection capabilities with powerful automation capabilities to streamline workflows and discover and remediate cybersecurity vulnerabilities at scale. It enables agencies to achieve Zero Trust postures while keeping their missions on track.
There are three specific solutions from Puppet that can help federal agencies meet the Zero Trust mandates. We will explore each of these tools and environments in our upcoming blogs.
Next time, we’ll talk about DevSecOps and how incorporating security processes in the development environment and operations (DevOps) systems is critical in complying with Zero Trust. But the most effective way to stay in compliance involves shifting these critical procedures and using automation.
Future blogs will address infrastructure as code. Treating your infrastructure as if it were code has allowed government agencies to adopt critical practices that software developers have been using for years. Now, it is an important tool to achieve a Zero Trust model.
And lastly, we’ll cover hybrid cloud environments.Government agencies that move to the cloud can gain many benefits but can still face infrastructure bottlenecks.
Puppet has been accelerating the journey for federal agencies in hybrid environments. Now, it’s a critical step in complying with the Cybersecurity Executive Order.
Not using Puppet Enterprise yet? Get started with a free trial today.
START MY TRIAL
Area Vice President, Public Sector, at Puppet, Puppet by Perforce