Assume the scenario below:
- The Cisco Product Security Incident Response Team (PSIRT) publishes an important security alert
- Releases an advisory suggesting firmware upgrage of routers
- The security issue on hand is quite serious, urgent and cannot be ignored
- Impact assessment of devices suggests firmware upgrade of more than 1500 routers to be done immediately
Network administrators working on production networks involving a large number of network devices such as switches, routers, firewalls and other devices would have often faced a situation similar to the one above.
Effectively managing risk is an important aspect of network security. But, manual process for reacting to security alerts is not only time-consuming, but also error-prone.
In the above example of rolling out firmware upgrade on 1500 devices, even a fairly big team of network administrators will require several man days to accomplish the task manually.
Automation is the key to rapidly respond to the security advisories from device vendors. DeviceExpert, the trusted Network Change and Configuration Management software from ManageEngine precisely helps achieve this.
DeviceExpert provides templates and scripts to automate tasks like deploying upgrades on devices. Once you create a template, you can use the same for all your switches and routers. The templates and scripts help you deploy upgrades in fully automated fashion without requiring manual intervention. Above all, these tasks are done within a span of minutes enabling you save time, cost and resources.
The original article/video can be found at Managing Risk: Rapidly responding to security alerts from network device vendors