Get Puppet Enterprise
Government
One federal agency in the energy sector leveraged Puppet to take their Linux servers from 30% to 98% STIG compliance while saving a considerable amount on fines paid for noncompliance and gaining complete visibility over their infrastructure.
The National Security Agency (NSA) used Puppet as the underlying foundation for its Systems Integrity Management Platform (SIMP) to enable compliance with any major security standard.
Continuous security and intelligent compliance
Effortlessly achieve and maintain intelligent, continuous compliance with a wide variety of government platform and security standards.
- Continually enforce compliance state; correct drift every 30 minutes.
- Ensure correct action when combining two or more rule catalogs.
- Dynamically discover, filter, prioritize, and remediate vulnerabilities—at scale.
- Reduce workforce costs associated with compliance audits.
- Leverage enterprise-grade features like dashboards, reports, audits, and role-based access control (RBAC).
Digital transformation assurance
Reduce transformation program costs by automating deployment and management, ensuring configuration changes don’t wreak havoc on mission-critical systems.
- Create once, deploy, and be assured the application will stay stable.
- Easily orchestrate complex tasks and plans to deploy applications.
- Automate repetitive tasks, continually enforce the desired state, and manage drift.
- Harden and configure operating systems and applications according to agency standards.
- Quickly see the potential effect of proposed changes with Impact Analysis.
- Integrate with all types of well-known cloud platforms, operating systems, and network resources, enabling automation and control over today’s common hybrid government infrastructure.
Fast-track modernization
Increase mission success and effectiveness by adopting a modern automation fabric that scales across thousands of cloud and legacy applications.
- Remove bottlenecks from dependencies on manual administrative tasks.
- Effortlessly lift and shift applications and assets to modern cloud architectures.
- Proactively assess infrastructure compliance against standards, quickly identify failures, remediate at scale, and enforce ongoing compliance.
- Empower program teams to own and manage their infrastructure automation without having to manage the tooling.
- Automate rollouts and desired state management with full transparency and insight.
- Replace rogue automation actions with built-in guardrails.
- Enable teams to codify and share automation expertise in a self-service way.
Automate compliance and configuration with best-in-class capabilities
Puppet Enterprise helps agencies enforce security policies, define the desired state, and automatically monitor changes against that baseline—every 30 minutes.
Puppet automatically remediates systems back to their compliant state when a change is detected. This serves as an important security control for Risk Management Framework (RMF) programs.
Reduce costs and reporting headaches and gain more control over infrastructure
STIG and other compliance activities are reduced from weeks or days down to minutes.
With Puppet Comply, you can assess your infrastructure against CIS and STIG Benchmarks, two sets of guidelines for secure system configuration from the Center for Internet Security (CIS) and the Defense Information Systems Agency respectively, and use Puppet Enterprise to enforce and bring sprawling IT infrastructures into compliance.
Simulate any target environment for app deployment
Keep deployment surprises to a minimum and make sure new apps are secure and operate as expected.
Agency DevSecOps teams can model any security-compliant IT environment—on-premises or in the cloud—then run apps in that simulated environment in an automated fashion.