Article written by Nimish Shelat (Product Marketing) and Derek Kruger (Technical Marketing)
Data security threats and breaches are on the rise, and as a result IT compliance is gaining significance. IT Ops teams are responsible for ensuring infrastructure compliance with benchmark standards—depending on the regulations that apply to their industry. However, this can be a daunting task as many IT departments face enormous challenges to meet their compliance objectives—from the proliferation of infrastructure resources and platforms to intensifying regulatory compliance demands and a shortage of time.
The lack of compliance visibility across the data center, splintered audit reporting, and lengthy, manual remediation processes makes IT compliance a difficult endeavor. Furthermore, with shadow IT and cloud adoption by business units on the rise, being compliant across the entire IT estate is getting more dynamic and increasingly challenging. Micro Focus Data Center Automation Suite (DCA) addresses all of these compliance challenges. DCA automates compliance at scale and accelerates compliant infrastructure service delivery.
Let’s take a closer look at what Data Center Automation offers for IT compliance:
- One platform to manage compliance of operating systems, databases, and middleware across multi-vendor environments
- Single-view compliance dashboard for a comprehensive view of the infrastructure compliance state
- Out-of-the-box compliance content for CIS, PCI DSS, FISMA, HIPAA, SOX, NERC, ISO to meet benchmark requirements
- Closed-loop remediation with service level objective (SLO) enforcement to remediate and restore compliance levels automatically against business objectives and within a defined period of time
- Container-based architecture that’s easy to deploy and scale effortlessly to meet higher workloads by running multiple stateless container services and upgrade.
Keeping Puppet-managed servers compliant using DCA
IT departments within lines of businesses (LOB) may use open-source software configuration management tools, such as Puppet, for infrastructure provisioning activities. While open-source tools offer autonomy and flexibility to business units, central IT must manage the risks associated with data breaches and failed audits due to potential IT noncompliance.
DCA can perform compliance audit and closed-loop remediation of resources (operating systems, databases, and middleware) deployed by Puppet along with directly managed infrastructure resources. Here is what DCA offers for Puppet-managed environments.
- Discover and import Puppet-managed servers along with databases and middleware deployed in the environment
- Use compliance benchmark content to perform policy-based compliance audits of the resources in the Puppet-managed environment to ensure enterprise SLOs
- Execute compliance scans on Puppet-managed resources within the scheduled maintenance windows
- Remediate the resources to fix potential exposures and make them secure and compliant
- Examine compliance status, score, and scan summary of the resources in a single-view compliance dashboard and drill-down reports
- Leverage enterprise class features like Role Based Access Control to simplify security administration and ensure only authorized users have access to data center resources, and integrated exception management
What our cutomers are saying
Bringing it all together
The inovations in DCA now allows IT to deploy a manager-of-managers configuration and establish IT compliance across the entire organization. Integrating Puppet-managed resources into DCA allows central IT to develop and automate consistent security policies across the entire IT landscape—including the business units. Central IT can now leverage DCA to establish corporate and regulatory standards and regain control of IT compliance and governance while business units can adopt configuration management tools of their choice to meet their DevOps needs.
Clearly, DCA is the authoritative, single-point solution to uphold IT compliance across the enterprise. Learn more here.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.