As network infrastructure becomes more complex, stretching across multiple domains, different technologies, and often multiple locations globally, traditional perimeter-based approaches to network security are fast becoming untenable. Many organizations are turning to zero trust network access (ZTNA) as the answer. In a zero trust framework, security is not dependent on the location of a device or user; instead, strict identity verification is coupled with contextual information for each device, person, or system that attempts to access network resources.
Implementing a zero trust approach to network access is a top priority for many organizations. At the same time, large organizations are faced with another priority: delivering network services to end users faster and at scale. Network teams rely on automation to achieve this, and most organizations are working towards a self-service model where end users can request network services in the same way you might request a cloud service from AWS, GCP, or Azure.
Bringing the two priorities together requires an approach that leverages comprehensive orchestration capabilities to package automated network changes with the verification steps required for ZTNA. As a real world example, we recently partnered with a global manufacturing company to orchestrate automated software deployments for new employees across different sites. The project helped the company and their network team achieve their zero trust networking targets — resulting in request fulfillment time for new software deployments shrinking from days to minutes. Here’s how it went:
How Itential’s Orchestration Capabilities Enabled Zero Trust Networking
The network team at this global manufacturing company had been using automation to deploy software for new employees for a while, building PowerShell and Python automations to keep up with the increasing volume of requests. But, as business continued to expand globally, they had to find a way to scale their approach — even with automation, they were still spending too much time manually performing verification and security steps before executing automations.
After facing over 1600 ServiceNow tickets requesting software deployments in a single year, they turned to the Itential Automation Platform’s orchestration capabilities to turn these automations into end-to-end self-service network products while maintaining their zero trust approach to network security.
orchestration capabilities to turn these automations into end-to-end self-service network products while maintaining their zero trust approach to network security.
No Need to Start Over
Despite more recent scalability challenges, the PowerShell and Python scripts the network team had been building for months were important and useful to network operations. The team was able to use Itential Automation Gateway to onboard these automations and attach APIs to them so they could be incorporated into the larger workflow-based orchestrations they aimed to build. This way, all the value of these automations was preserved and even extended, so no time or effort would be wasted.
Integration with IT Systems & Network Technologies
A crucial aspect of orchestration is the ability to integrate across different network domains, third party IT systems, and distinct network technologies. Our library of Pre-Built Integrations for key systems helped the team jump-start their efforts, providing out-of-the-box integration with ServiceNow, Infoblox, and Cisco Identity Services Engine (ISE) which the team leveraged for the software deployment use case. In addition, the ability to auto-generate integrations for additional bespoke systems using API documents enabling the team to incorporate additional systems that were more specific to their environment.
Zero Trust Networking
With the ability to quickly turn network change processes into orchestrated services, along with the ability to incorporate any required access control and security steps via integrations and using Itential’s own built-in RBAC capabilities, the Itential Automation Platform has enabled this company to automate software deployments at scale across distributed infrastructure while enforcing zero trust network access.
The team has solved their scale challenges by leveraging the orchestration capabilities that Itential provides. Now, they’re able to automate and orchestrate software deployment processes end-to-end so they can be delivered as self-service outcomes that can automatically enforce zero trust security standards.
“We would have never been able achieve zero trust networking without the help of Itential. Their platform’s robust and flexible integration capabilities are what set them apart, providing our team with the tools they need to orchestrate entire processes in our own ecosystem.”
– Senior Network Director
What They Achieved with Itential Orchestration
Software deployments for new employees served as the network team’s first major use case with Itential, and it’s proven a significant, valuable first step. Here’s what they achieved:
- Request fulfillment time for new software deployments has been reduced from days to minutes.
- Over 1600+ ServiceNow tickets requesting software deployments have been automated.
- At least 834 hours (previously spent on both manual operations and script execution) have been saved by the network engineering team, freeing up time to build more orchestrations and engage in more critical network management.
- Successfully implemented a self-service model for software deployments for new employees globally through ServiceNow integration.
- Ability to maintain and enforce ZTNA standards while delivering network services much more quickly and at greater scale.
This new approach powered by Itential has improved user experience for end users, reduced wait time between service requests and delivery, and saved a significant amount of time for the network engineering team to be able to keep up with expanding business — all while enforcing zero trust network access.
Interested in more real-world automation success stories? Take a look at this page to hear straight from our customers.