Optimization of network device hardening in a multivendor environment
Abstract This paper presents a Python-based Nornir framework for automating network device hardening in multi-vendor environments, addressing critical gaps in scalability and interoperability. Unlike existing single-vendor solutions, our method enforces CIS benchmarks across Cisco, Juniper, and Fort...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Nature Portfolio
2025-04-01
|
| Series: | Scientific Reports |
| Subjects: | |
| Online Access: | https://doi.org/10.1038/s41598-025-97894-4 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Abstract This paper presents a Python-based Nornir framework for automating network device hardening in multi-vendor environments, addressing critical gaps in scalability and interoperability. Unlike existing single-vendor solutions, our method enforces CIS benchmarks across Cisco, Juniper, and Fortinet devices, achieving an 82.18% reduction in hardening time compared to prior automation tools and a 99.99% improvement over manual techniques. By leveraging Nornir’s multi-threading and vendor-agnostic inventory management, the framework ensures consistent security policies while eliminating configuration errors. Experimental results across 18 heterogeneous devices demonstrate its efficiency, with full hardening completed in 44 s (95% CI [43.8, 44.1]). This work provides enterprises with a scalable solution to rapidly secure complex networks against evolving threats, bridging the gap between compliance standards and real-world deployment. |
|---|---|
| ISSN: | 2045-2322 |