Using Ansible to Mitigate Network Vulnerabilities
Even Networks Aren’t Immune
Just like with Windows and Linux servers, networking devices can be exploited by vulnerabilities found in their operating systems. Many IT organizations do not have a comprehensive strategy for mitigating security vulnerabilities that span multiple teams (networking, servers, storage, etc.). Since the majority of network operations is still manual, the need to mitigate quickly and reliably across multiple platforms consisting of hundreds of network devices becomes extremely important.
In Cisco’s March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication, 22 vulnerabilities were detailed. While Red Hat does not report or keep track of individual networking vendors CVEs, Red Hat Ansible Engine can be used to quickly automate mitigation of CVEs based on instructions from networking vendors.
In this blog post we are going to walk through CVE-2018-0171 which is titled “Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability.” This CVE is labeled as critical by Cisco, with the following headline summary:
“...a vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a Continue reading
The company is looking to support unmodified big data software in containers so data scientists can spend their time analyzing data rather than fighting hardware and drivers.
A U.K. government agency is also recommending that telcos not purchase equipment from ZTE.
An IBM security report found a 424-percent jump in breaches related to misconfigured cloud infrastructure in 2017, largely due to human error.
Making that digital transition will not be simple. Take advantage of the resources available on the Verizon Enterprise Solutions channel and learn how to drive positive results while maintaining the security of your network