“ ANSIBLE CASE STUDY : FORTINET ”
🔰 What is ansible ?
The Ansible project is an open source community sponsored by Red Hat. It’s also a simple automation language that perfectly describes IT application environments in Ansible Playbooks. Ansible Engine is a supported product built from the Ansible community project. Ansible Tower is an enterprise framework for controlling, securing, managing and extending Ansible automation (community or engine) with a UI and RESTful API.
🔰 Key Features of ansible engine :
🔅SIMPLE
- Human readable automation
- No special coding skills needed
- Tasks executed in order
- Usable by every team
- Get productive quickly
🔅 POWERFUL
- App deployment
- Configuration management
- Workflow orchestration
- Network automation
- Orchestrate the app lifecycle
🔅 AGENTLESS
- Agentless architecture
- Uses OpenSSH & WinRM
- No agents to exploit or update
- Get started immediately
- More efficient & more secure
🔰 FORTINET :
Fortinet (NASDAQ: FTNT) secures the largest enterprise, service provider, and government organizations around the world. Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network — today and into the future. Only the Fortinet Security Fabric architecture can deliver security without compromise to address the most critical security challenges, whether in networked, application, cloud, or mobile environments. Fortinet ranks number one in the most security appliances shipped worldwide and more than 450,000 customers trust Fortinet to protect their businesses.
🔰 Five Priorities taken into account while automating with ansible :
🔅 One big priority : focused on the need for deep firewall integration with its chosen automation platform, Red Hat Ansible. The new firewalls also needed to support specific elements of the automation project, including provisioning, upgrades, and clusters of upgrades — without downtime.
🔅A second priority was scalability : The company operates one of the biggest centralized networks in the world, and some technology solutions simply do not work well at that scale — even those designed with large enterprises in mind. With that in mind, the firm’s POCs(proofs of concepts) are designed to simulate the massive scale of its infrastructure and to test for strains in the system.
🔅 A third priority was performance : another problem the company was starting to experience with its incumbent firewalls.
🔅 A fourth priority : was the firm’s confidence in the executive leadership and engineering strength of each vendor — their ability to deliver on future needs that might not be on anyone’s radar today
🔅 A fifth priority was management : where FortiManager proved to be a significant upgrade over the legacy vendor’s management tool. Specifically, the firm was experiencing extraordinarily long update windows that were spilling into production hours when common, often small updates were applied to the environment.
In contrast, FortiManager reduced update times from 48 hours to less than one hour, which enabled the firm to avoid downtime or performance degradation during production hours as well improved operational productivity
🔰 Big Benefits achieved by fortinet :
the company’s finance team made detailed calculations on each potential solution. Their conclusion was that the firm would realize $100 million in cost savings and productivity gains over five years with the Fortinet solution. On the cost side, the team found that the Fortinet architecture was significantly less expensive while delivering superior performance. On the operational side, the team identified numerous savings including:
🔅 Reduced time to market : Automated server provisioning and updates, which can be done without downtime with FortiGate NGFWs(next-generation firewalls), will speed the time from PO to production when new resources are deployed
🔅 Reduced server provisioning costs: Automated provisioning means that the firm will no longer have to pay for a service provider to “stage” provisioned hardware in various regions so that it can be deployed relatively quickly.
🔅Improved employee productivity: The ability to architect the firewalls in three- or four-node clusters rather than two-node clusters will improve operational efficiency and reduce risk. And while this will significantly increase the number of NGFWs, the firm will not need to add more staff to manage the solution due to the ease of use of the FortiGate NGFWs.
🔰 Conclusion :
We can conclude that ansible provides excellent automated infrastructure configuration capabilities & it has minimal requirement, so that the developer need not to write big scripts but the playbooks scripts only. Once playbook is written there won’t be further manual work is required. As ansible comes under strong RedHat Community, it guarantees the sustainability of the project.
