For public sector organizations, network modernization can potentially carry significant risk. While public sector network and infrastructure teams have as much reason to want to automate and accelerate as anyone else, they also have to contend with stringent security rules and regulations, lengthy approvals processes, and major consequences for any security incidents.
This reality has left many public sector organizations with a high number of older, legacy network devices, out-of-date configurations, and legacy tools when compared to private enterprise. This is further exacerbated as networks grow — teams need to be able to ensure device configurations are always up to date to avoid security breaches.
Recently, when a federal agency found themselves in exactly this situation, they partnered with Leidos, who identified the Itential Platform as an ideal solution. The agency’s network team needed a way to rapidly automate configuration compliance at scale to ensure all their devices were up to date from a software perspective, and they had a future goal of automating new device provisioning and accelerating the delivery of all network services. Itential’s track record in the public sector, ability to integrate with all of their security solutions, powerful configuration compliance capabilities, and vendor-agnostic orchestration capabilities across all network domains made our platform the perfect solution for their needs.
Adopting Itential for Rapid & Secure Network Modernization
At this agency, the fairly small network team found themselves with a growing backlog of device backups, configuration updates, and remediation activities across multiple network domains. The team had limited experience with automation (some team members had written simple scripts for executing routine activities), but they knew they had to do a lot more — and fast. With demand for network services growing and their infrastructure environment constantly expanding, they had to be able to scale their configuration management capabilities.
They started by identifying three high-priority use cases to start with:
- Verification and reporting for IP network baseline configuration compliance.
- Verification, remediation, and reporting for network interface description configuration compliance.
- Reads for L3 VPN Provisioning (with writes identified as a near-future goal).
They also identified larger-scale priorities in a modernization roadmap, including automated management for a variety of brownfield services. But they knew that these initial use cases — while simple on their face — would prove increasingly important to maintaining compliance and network security across their expanding infrastructure.
Itential’s solution checked all the boxes. We’ve worked with federal customers before, and the team had confidence in our platform’s ability to obtain Authority to Operate (ATO) for the project in question. In terms of capabilities, our platform provided a way to manage configuration compliance for legacy devices, newer devices, and API-enabled services all in one place — no matter the vendor. Itential’s Golden Configuration capabilities give teams the flexibility they need to quickly enforce and edit policies at scale across complex, dynamic network infrastructure environments.
It allowed the team to onboard the scripts they’d already written and build workflows out of them, turning time-consuming software upgrades into rapid, scalable processes. And it provided a framework that could support their future use cases as they evolve — while at first, compliance and software upgrades were the key priorities due to security needs, their roadmap includes other automation and orchestration activities that Itential can support as well.
“Building remediation workflows in Itential was really easy to pick up and seeing what we’ve done with our first few use cases, I can already tell the team will be able to do a lot more as we keep building workflows.”
– Senior Network Engineer
Roadmap for the Future
Sometimes, network teams in the public sector feel limited compared to their private sector counterparts. They can’t utilize public cloud as easily due to air-gap requirements for certain data. They can’t adopt new, innovative tools right away until they’ve been approved. And yet, they still have all the same needs and priorities — growing device counts, complex environments, a backlog of configuration and software upgrade activities that poses significant security risk but can’t be completed quickly enough when relying on manual efforts.
That’s why the versatility of Itential’s platform is especially important for teams in the public sector. At this agency, now that they’re able to utilize Itential in their network management activities, they can accelerate and start to catch up to private sector network automation. It started with configuration compliance tasks (verification, reporting, remediation) along with reads for the provisioning of L3 VPNs. In the future, though, the team plans to build Itential workflows to manage multiple brownfield services, manage cloud migration to GMS, expand into the optical transport network and optical layer, and integrate key processes with other GMS systems including ticket management and event streaming.
This agency adopted Itential to give themselves the flexibility, security, and speed required for efficient network automation and orchestration in the public sector. Does your organization need to securely modernize your network infrastructure? Take a look at this page to learn how Itential supports our many public sector customers to solve their biggest problems and achieve their most critical goals.