Network Compliance Release 2
Network Compliance News 2 min read

New Release: Network Compliance release 2 offers automatic check for redundant nodes

Picture of Heleen Heijnis

Heleen Heijnis on September 2, 2020

Network Compliance is highly beneficial for Network Engineering and Architects who want to ensure network compliance and design consistency. But also for Security Officers who want to prevent network threats as quickly as possible. With the new functionality in release 2, complex networks and configurations can be checked faster and easier than before.

Network compliance can mean various things to various stakeholders. Traditionally compliance means adhering to 'regulatory requirements' and is still a major use-case for compliance tooling. However, the same mechanisms are equally important for important goals like 'conformity of design', 'assurance of security', or 'advanced status monitoring'.

Eric Yspeert (CTO NetYCE): “Our aim with this release was to help operation teams to monitor the network more proactively. We also managed to include the feedback from our early adopters and added a lot of new functionality, including two unique compliance functions that do not exist today: multi-node comparison and support for variables. This will save our customers a lot of time and gives them enhanced flexibility when performing their compliance checks.”

These are the 4 new features that will help you make Network Compliance easy:

1. Supreme security and availability with multi-node comparison

The ability to automatically determine if firewall rules or ACL's are identical within a group is a major requirement for many network owners. Especially in situations where nodes operate in tandem or small groups with redundancy or failover capabilities. With the multi-node comparison, you can compare configuration sections between different nodes or groups of nodes and determine compliance on found differences. This is very beneficial for both security and operations teams.

2. Flexibility with variables

Network Compliance checks if your device configurations conform to the policies defined for it. These compliance policies consist of a number of rules which in turn use conditions. In the previous release, these conditions tested against predefined values, and we learned that our customers wanted to have more flexibility. Using centrally stored variables allows for conditions that check against values from a devices' context like the '<loopback>' ip-address of a node or its '<hostname>'. This means you will benefit from the 'single source of truth' that NetYCE can be.

3. Schedule checks on demand

At the moment, Network Compliance rules are triggered when a configuration is changed in the network. However, if you want to compare groups of nodes, this no longer suffices since network changes within a group will never be done simultaneously. For as one node in a group receives a change, it will immediately follow that it is out-of-sync with the others. In the new release, policies can be scheduled to execute periodically using various types of intervals.

4. Dynamic compliance checks

Previously, the rules tested against the full configuration or against the logical blocks it consists of. In the new release we implemented multiple ways of selecting what part of the config they will validate for compliance.
Also, to add even more flexibility, policies now support a new rule type, 'command rules'. These rules do not check configuration blocks but the responses to CLI commands. This rule-type allows policies to use state information in their compliance requirements, enabling dynamic compliance checks.

Peace of mind

NetYCE brings peace of mind: it runs fully automated in the background enabling you to remain compliant and pass audits easily with proactive policy validation and dynamic reports. Network Compliance is highly beneficial for everyone who wants to ensure network compliance, design consistency, and compliance with regulatory entities.

 

  

Picture of Heleen Heijnis

Heleen Heijnis

Heleen has worked in the IT industry for 30 years, gaining experience in Direct Marketing, CRM, and storytelling. As a seasoned writer, she is passionate about bringing the NetYCE story to the world. Outside of the office, Heleen enjoys sailing, fitness, and film.