• Matthew Davidson

Automating Cyber Operations with Ansible

Since 2012, Ansible has risen quickly to stardom, forming out of a compelling need by systems administrators and software developers to quickly, efficiently, deploy and configure complex systems with simple logic and sub-routines. Ansible began early on to fulfill gaps in the architecture and practices behind Puppet, Chef, Cobbler, and previous efforts to automate deployment of code, applications, or tasks within Red Hat and Fedora. Puppet and Cobbler are good tools for managing the configuration of systems, during builds, and maintenance, but it doesn’t fully enable the user to break-apart tasks, create sub-tasks, re-run on values, etc.

Ansible, as a tool in the Cyber arsenal, offers Cyber Warriors a way to rapidly deploy automated tasks through the use of “playbooks”, whereby Users can automate tasks to repeat, repeat on result, run; do something else, then continue, etc. Where this technology really picks up speed is when applied to Cyber Operations, Offensive or Defensive, this tool can be used to quickly deploy “tasks”. This can be to mitigate threats, or even use selected user-built or purposed “tools” to automate tasks that could be very manual, labor-intensive, or that risk exposure due to “on-net” presence or system activities.

Ansible also offers developers and Cyber engineers the ability to test new software with ease. Engineers, developers, testers, can use the power of Ansible to trial new software, fix errors, and manage infrastructure or applications, because the power is in the scripting. Using ansible, engineers can repeatedly test new software for bugs, issues, and preserve functionality prior to operational roll-out. Ansible playbooks are fully customizable, affording all manner of users access to tools which can be tweaked, modified, adapted, and used in a chain, to test multiple dimensions of functionality, or even setup/restore/preserve security, settings, etc.

In addition to a tool that is highly configurable, customizable, and relatively easy-to-use, Ansible also allows the sharing of ideas, whereby users can contribute to others’ playbooks, and adopt simple or complex routines, while adjusting their use for their own specific needs. In terms of art and craft, this one aspect stands out to many, because training proficiency and Cyber Operations skills are in CRITICAL demand right now, EVERYWHERE! You do not necessarily have to know how to build from scratch in Ansible, you just must know how to configure it, run it, and understand what the playbook is doing for you. Simple. The up-front cost of creating configuration management or automated tasks can be significantly decreased and made available to thousands with one publish to GitHub, or other repo. Again, this methodology affords massive benefits for many users, and only one individual needs to be savvy enough to write-out the whole equation! Ansible is powerful indeed, but with great power, comes great responsibility. Users still need to understand that they hold the power of weapons-grade plutonium in their hand when it comes to Ansible scripts and playbooks. The Authority aspect and respect for the automated tools, must be scrutinized heavily, when Users implicitly trust the playbook, they have sourced.

Ansible’s power is further magnified when coupled with powerful Cyber mission tools like the newly fielded Joint Common Access Platform (JCAP). JCAP enables federated collaboration where multiple capabilities from across the Department of Defense can come together in a cohesive way. Offensive and Defensive Cyber operations can be coordinated in time, space, and virtually, leveraging common Ansible playbooks for multiple activities. Ansible is not the solution per se, yet it is an answer to repeatable results on the Cyber battlefield. Ansible lowers barriers for entry, even as novice practitioners, to gain access to sophisticated and powerful tools.

Grab your playbooks, and come join Innoplex Engineers & Developers, as we pioneer practices, innovative solutions, and develop bleeding-edge technology and applications for tomorrow’s Cyber Warfighter!

16 views0 comments

Recent Posts

See All