“Organizations today face a daunting array of challenges in their quest to track and comply with corporate and regulatory policies. This proof of concept Nautobot App, takes aim at the never-ending attestation and reporting associated with this challenge: How do you take plain English written policies (“protect customer data”), make them actionable, and automate the compliance validation? The ability to transform written security and operational guidelines into tangible configuration intent via code would allow organizations the ability to ensure compliance with verifiable enforcement and end-to-end audit trail.
Network to Code has been actively participating in the ONUG Policy as Code (PaC) working group to develop a data model for mapping policies from various entities like regulators, InfoSec, risk, and auditors. Our data model centers around the ONUG PaC framework consisting of Policies, Controls, and Control Implementations but affords extensibility to associate specific configuration attributes which are derived via the low-level enforcement systems. The aim is to create a streamlined process for generating attestation reports through the association of controls within mapped policies. The Nautobot App concept will demonstrate how organizations can optimize their compliance reporting processes showcasing how technology can be used to simplify complex tasks and improve overall efficiency.
This demo will leverage the Nautobot open-source network automation platform, the Nautobot Golden Config app, and a beta version of the Nautobot Policy as Code app. The beta would allow teams to identify device configuration non-compliance from a policy while also providing the ability to remediate for compliance.”