Get Puppet Enterprise
Puppet for Government
U.S. Government agencies rely on Puppet to stay compliant
One federal agency in the energy sector leveraged Puppet to take their Linux servers from 30% to 98% STIG compliance while saving a considerable amount on fines paid for noncompliance and gaining complete visibility over their infrastructure.
The National Security Agency (NSA) used Puppet as the underlying foundation for its Systems Integrity Management Platform (SIMP) to enable compliance with any major security standard.
Puppet announces GSA listing, Carahsoft partnership
How Puppet Enterprise supports Australian security and compliance standards
Puppet Enterprise helps achieve security compliance with the Essential Eight
Australia plans to be one of the top three digital governments by 2025. The Australian Cyber Security Centre (ACSC) maps out the government’s approach to cyber security. A key tenet of the ACSC’s recommendations are the Essential Eight, a checklist of the eight crucial mitigation techniques to which non-corporate government entities must adhere in order to meet federal security compliance standards.
With Puppet Enterprise, you can deliver the controls and methods required to support compliance with six and a half of the Essential Eight.
| Application control | √ |
| Patch applications | √ |
| Configuration management | √ |
| User application hardening | √ |
| Restrict administrative privileges | √ |
| Patch operating systems | √ |
| Regular backups | 1/2 √ |
| Multi-factor authentication |
To learn more about how Puppet Enterprise supports the Essential Eight, read the blog post and download the special Puppet Enterprise for Australian Government packet.
Get the special Puppet Enterprise for Australian Government packet
Download the Puppet Enterprise for Australian Government packet to learn why Puppet is the proven leader of infrastructure automation for government agencies around the world, and get access to:
- Why Government Agencies Rely on Puppet Enterprise
- Puppet Enterprise for Government (Australia)
- How Puppet Helps Achieve Security Compliance with Australia’s Essential Eight
- Intelligence Compliance for Government (Australia)
- Self-Healing, Policy-Based, Continuous Compliance for Federal Agencies
Continuous security and intelligent compliance
Effortlessly achieve and maintain intelligent, continuous compliance with a wide variety of government platform and security standards.
- Continually enforce compliance state; correct drift every 30 minutes.
- Ensure correct action when combining two or more rule catalogs.
- Dynamically discover, filter, prioritize, and remediate vulnerabilities—at scale.
- Reduce workforce costs associated with compliance audits.
- Leverage enterprise-grade features like dashboards, reports, audits, and role-based access control (RBAC).
Digital transformation assurance
Reduce transformation program costs by automating deployment and management, ensuring configuration changes don’t wreak havoc on mission-critical systems.
- Create once, deploy, and be assured the application will stay stable.
- Easily orchestrate complex tasks and plans to deploy applications.
- Automate repetitive tasks, continually enforce the desired state, and manage drift.
- Harden and configure operating systems and applications according to agency standards.
- Quickly see the potential effect of proposed changes with Impact Analysis.
- Integrate with all types of well-known cloud platforms, operating systems, and network resources, enabling automation and control over today’s common hybrid government infrastructure.
Fast-track modernization
Increase mission success and effectiveness by adopting a modern automation fabric that scales across thousands of cloud and legacy applications.
- Remove bottlenecks from dependencies on manual administrative tasks.
- Effortlessly lift and shift applications and assets to modern cloud architectures.
- Proactively assess infrastructure compliance against standards, quickly identify failures, remediate at scale, and enforce ongoing compliance.
- Empower program teams to own and manage their infrastructure automation without having to manage the tooling.
- Automate rollouts and desired state management with full transparency and insight.
- Replace rogue automation actions with built-in guardrails.
- Enable teams to codify and share automation expertise in a self-service way.
Automate compliance and configuration with best-in-class capabilities
Puppet Enterprise helps agencies enforce security policies, define the desired state, and automatically monitor changes against that baseline—every 30 minutes.
Puppet automatically remediates systems back to their compliant state when a change is detected. This serves as an important security control for Risk Management Framework (RMF) programs.
Reduce costs and reporting headaches and gain more control over infrastructure
STIG and other compliance activities are reduced from weeks or days down to minutes.
With Puppet Comply, you can assess your infrastructure against CIS and STIG Benchmarks, two sets of guidelines for secure system configuration from the Center for Internet Security (CIS) and the Defense Information Systems Agency respectively, and use Puppet Enterprise to enforce and bring sprawling IT infrastructures into compliance.
Simulate any target environment for app deployment
Keep deployment surprises to a minimum and make sure new apps are secure and operate as expected.
Agency DevSecOps teams can model any security-compliant IT environment—on-premises or in the cloud—then run apps in that simulated environment in an automated fashion.