- Products
- Infrastructure Assurance
Proactively find and fix security and outage risks
Use automation to identify, troubleshoot, and remediate the root causes of issues before they disrupt your network.
Solve issues before they impact service delivery
Proactively identify health issues so you can fix them before they result in downtime.
Optimize performance of security infrastructure
Streamline IT operations with automation so teams can focus on optimizing security services elsewhere.
Reduce mean time to resolution
Accelerate troubleshooting by conducting automated root cause analysis without human intervention.
Stay on top of best practices
Automatically assess devices for alignment with changing configuration recommendations from vendors and the knowledge of a community of network practitioners.
Automate maintenance
Reduce errors and save time when you automate routine tasks like configuration backups and checking for license expiration.
Automate verification of change requests
Ensure that upgrades and changes are implemented without issues, minimizing costly disruptions.
Avoid network disruption with deep visibility and automation
Network teams are overwhelmed, and multiple sources of complexity are converging to make networks harder to safeguard 100% of the time. It’s virtually impossible to guarantee the security, performance, and uptime of critical network infrastructure using current tools.
More complexity
Troubleshooting complexity rises in proportion with a multi-vendor tech stack (across DDI, firewalls, load balancers, web-proxies, and more).
More work
Reactive, SNMP-based monitoring prioritizes historical insight instead of preventive action and creates too much manual work.
More criticality
Downtime, outages, risk, and non-compliance carry ever-greater costs for always-on organizations.
What is Infrastructure Assurance?
Infrastructure Assurance avoids network disruption with automation. It is a proactive observability, troubleshooting, and remediation solution for network and security infrastructure like DDI, firewalls, and load balancers. It provides deep visibility and automation to prevent network disruption.
Infrastructure Assurance continuously scans your network and security infrastructure for the signals of risk, performance, and availability issues, and automatically serves up proven solutions that engineers would otherwise have to find and implement manually.
Infrastructure Assurance happens in three stages:
1
Continuous measurement
of security, performance, configuration metrics, and infrastructure versioning, cross-referenced with benchmark data and snapshots defined by internal change request policies and external standards.
2
Auto-triage and root-level diagnosis
of issues—like errors, misconfigurations, vulnerabilities, and downtime—as soon as they occur, with contextual awareness of related issues.
3
Automatic remediation recommendations
and certified, production-ready automation elements, based on a knowledge base curated by a global community of experts.
Ready for automated security, reliability, and availability across your network and security infrastructure?
How does Infrastructure Assurance work?
Infrastructure Assurance uses SSH, REST API, and SNMP protocols to connect and run collection scripts on management servers and network devices using CLI commands, SNMP data polling, or vendor-specific APIs.
Management servers
- Palo Alto Networks Panorama
- Check Point management servers
- BlueCat Address Manager
Network devices
- BlueCat DNS and DHCP Servers
- Firewalls, including Check Point, Cisco, Fortinet, Juniper, and Palo Alto Networks
- Load balancers, including F5
Network Security Vendors
Use cases
Infrastructure Assurance for firewalls
Critical service connectivity
Ensure communication with critical external services (like syslog services; NTP, DNS, and identity servers; and threat prevention policies) is available at all times.
Auto-detect security risks and ensure compliance
Use hundreds of automation elements and security control validations to find security risks and compliance violations.
Automate maintenance tasks
Maintenance tasks seldom feel like the most urgent item on the ever-growing to-do list. But they’re critical to maintaining high availability. Automate tasks like certificate renewal and device configuration backup to maintain firewall health and performance.
Automated troubleshooting
Automatically apply proven, device-specific domain knowledge to analyze the root causes of issues as they occur.
Stateful health checking
Compare expected device configurations against current status to find common issues like:
- Debug mode enabled
- Next hop inaccessibility
- Policy-based forwarding errors
Misconfigurations
Verify configurations against gold standard frameworks to identify and resolve configuration drift issues like:
- Unavailable routes (or changes to) static routing tables
- Time zone configuration doesn’t match requirements
- Misconfigured authentication profiles
High availability readiness
Find cross-device inconsistencies that jeopardize high availability, such as:
- Unsynchronized cluster configurations
- Preemption enabled on clusters
- High availability interface not receiving traffic
Infrastructure Assurance for firewalls
Infrastructure Assurance for DDI
Stateful health checking
Continuously assess the health of your BlueCat Address Manager and BlueCat DNS and DHCP Servers to preemptively find and address issues like:
- DNS lookup failure
- High rate of failed DNS query
- Failed change propagations across secondary servers
Connectivity issues
Firewall policy changes can break connections between DNS services. Get proactive alerts ahead of connectivity issues, such as:
- Broken connection between DHCP failover servers
- Communication breakdown between Address Manager and DNS and DHCP Servers
- Communication breakdown between primary and secondary DNS servers
High availability readiness
Find cross-device inconsistencies that jeopardize crossover high availability (xHA), such as:
- xHA server, cluster, or cluster member is down
- xHA configuration is not synchronized
- DHCP failover state has changed or failover servers are down
Misconfigurations
Verify configurations against gold standard frameworks to identify and resolve configuration drift issues like:
- DNS server configuration doesn’t match Address Manager
- NTP, DNS, or syslog server configured doesn’t match requirement
- Manual override enabled
Infrastructure Assurance for DDI
See Infrastructure Assurance for yourself
Enough marketing already. Book a live demo of Infrastructure Assurance and get your technical questions answered.
Related content
BlueCat Infrastructure Assurance for Palo Alto Next-Generation Firewalls
Infrastructure Assurance proactively alerts Palo Alto Networks Next-Generation Firewall users to issues and provides remediation steps to resolve them.
BlueCat Infrastructure Assurance for Fortinet Fortigate
Infrastructure Assurance proactively alerts Fortinet FortiGate users to issues and provides remediation steps to resolve them before they cause harm.
Deepen your security insight with Infrastructure Assurance 8.3
BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.
BlueCat Infrastructure Assurance
BlueCat Infrastructure Assurance provides automated DDI issue detection and insight into remediation to help proactively reduce network downtime.