Showing results for 
Search instead for 
Did you mean: 
Create Post

Managing Network Compliance

Level 13

Understanding Compliance

If data in your network relates to employee or customer medical records, or to your company’s finances—either in terms of revenue or reporting—then most likely you must comply with federal law (HIPAA, Sarbanes-Oxley). Similarly, for all federal agencies and organizations, the National Standards and Technology (NIST) group dictates minimum standards for handling data in the government’s IT systems. Compliance requirements are strictest of all for handling data in US defense-related organizations.

The penalties for non-compliance are severe: federal prosecution (for corporate officers), demotion or discharge (for civil servants).

From an IT perspective, complying with such requirements involves implementing practices for maintaining the integrity and security of data, which often includes creating a repository of network device configurations. While only legal and technical experts with specific knowledge of your business or agency can determine how and to what extent your IT systems must comply with federal laws and regulations, the practices and tools themselves for managing compliance have predictable features.

Compliance Management Features

Most compliance management systems for IT are policy-based. Each policy is built from specific rules and then applied to specific network devices. Running a report that is itself built from specific policies allows an IT manager to audit devices across the network, quickly discovering which devices are running compliant configurations and flagging configuration statements that need to be remediated on devices that are currently out of compliance.

Compliance Management Products

The most useful tools come with packaged reports covering the laws and regulations that commonly impact IT systems. For example, this video showcases a compliance management system that is ready to audit compliance for SOX, HIPAA, DISA Stig, and CISP:

Level 15

THe compliance part of NCM is an excellent tool.

Level 12

I think the biggest hurdle for non-cisco devices such as Juniper, is configuring the reports. However once you get going it is very easy to automate and monitor compliance with all your configurations.

About the Author
If I were a HAL 9000 series computing machine I might be in an operational state on a space vessel somewhere in our little solar system, closer to Jupiter than Earth, with some probability of lethal malfunction; and to understate the obvious, I would not be helping anyone here on But I do or try to help people on watch their bits better. Therefore, I am probably not a HAL 9000 series computing machine. I alternate between feeling ambiguously clear (state='0' if you like) and clearly ambiguous (state='1' as it were). I enjoy verbing nouns.