homeuse casesgovernment

Puppet for Government

Puppet: Modern automation that speeds transformation and delivers continuous security and compliance.
With Puppet, government agencies around the world can fast-track modernization initiatives, reduce security and compliance headaches, and gain the transparency they need across complex and hybrid environments. Puppet is the proven leader of infrastructure automation for government agencies. Learn how we’ve helped agencies spend more time focused on the mission, and less time needing to administer and secure their IT.
Group of employees smiling, lock and checklist icons

U.S. Government agencies rely on Puppet to stay compliant

One federal agency in the energy sector leveraged Puppet to take their Linux servers from 30% to 98% STIG compliance while saving a considerable amount on fines paid for noncompliance and gaining complete visibility over their infrastructure.

The National Security Agency (NSA) used Puppet as the underlying foundation for its Systems Integrity Management Platform (SIMP) to enable compliance with any major security standard.

Puppet announces GSA listing, Carahsoft partnership

How Puppet Enterprise supports Australian security and compliance standards

Puppet Enterprise helps achieve security compliance with the Essential Eight

Australia plans to be one of the top three digital governments by 2025. The Australian Cyber Security Centre (ACSC) maps out the government’s approach to cyber security. A key tenet of the ACSC’s recommendations are the Essential Eight, a checklist of the eight crucial mitigation techniques to which non-corporate government entities must adhere in order to meet federal security compliance standards.

With Puppet Enterprise, you can deliver the controls and methods required to support compliance with six and a half of the Essential Eight.

Application control
Patch applications
Configuration management
User application hardening
Restrict administrative privileges
Patch operating systems
Regular backups 1/2 √
Multi-factor authentication  

To learn more about how Puppet Enterprise supports the Essential Eight, read the blog post and download the special Puppet Enterprise for Australian Government packet.

Get the special Puppet Enterprise for Australian Government packet

Download the Puppet Enterprise for Australian Government packet to learn why Puppet is the proven leader of infrastructure automation for government agencies around the world, and get access to:

  • Why Government Agencies Rely on Puppet Enterprise
  • Puppet Enterprise for Government (Australia)
  • How Puppet Helps Achieve Security Compliance with Australia’s Essential Eight
  • Intelligence Compliance for Government (Australia)
  • Self-Healing, Policy-Based, Continuous Compliance for Federal Agencies
Various developers smiling

Continuous security and intelligent compliance

Effortlessly achieve and maintain intelligent, continuous compliance with a wide variety of government platform and security standards.

  • Continually enforce compliance state; correct drift every 30 minutes.
  • Ensure correct action when combining two or more rule catalogs.
  • Dynamically discover, filter, prioritize, and remediate vulnerabilities—at scale.
  • Reduce workforce costs associated with compliance audits.
  • Leverage enterprise-grade features like dashboards, reports, audits, and role-based access control (RBAC).
post
Automating Government Compliance and Securityread the blog post
Various developers smiling
solution web secrets automation

Digital transformation assurance

Reduce transformation program costs by automating deployment and management, ensuring configuration changes don’t wreak havoc on mission-critical systems.

  • Create once, deploy, and be assured the application will stay stable.
  • Easily orchestrate complex tasks and plans to deploy applications.
  • Automate repetitive tasks, continually enforce the desired state, and manage drift.
  • Harden and configure operating systems and applications according to agency standards.
  • Quickly see the potential effect of proposed changes with Impact Analysis.
  • Integrate with all types of well-known cloud platforms, operating systems, and network resources, enabling automation and control over today’s common hybrid government infrastructure.
post
Modernizing without compromising mission-critical systemsread the blog post
solution web secrets automation
Two guys on laptops

Fast-track modernization

Increase mission success and effectiveness by adopting a modern automation fabric that scales across thousands of cloud and legacy applications.

  • Remove bottlenecks from dependencies on manual administrative tasks.
  • Effortlessly lift and shift applications and assets to modern cloud architectures.
  • Proactively assess infrastructure compliance against standards, quickly identify failures, remediate at scale, and enforce ongoing compliance.
  • Empower program teams to own and manage their infrastructure automation without having to manage the tooling.
  • Automate rollouts and desired state management with full transparency and insight.
  • Replace rogue automation actions with built-in guardrails.
  • Enable teams to codify and share automation expertise in a self-service way.
web enforce
Automate compliance and configuration with best-in-class capabilities

Puppet Enterprise helps agencies enforce security policies, define the desired state, and automatically monitor changes against that baseline—every 30 minutes.

Puppet automatically remediates systems back to their compliant state when a change is detected. This serves as an important security control for Risk Management Framework (RMF) programs.

web Faster IT
Reduce costs and reporting headaches and gain more control over infrastructure

STIG and other compliance activities are reduced from weeks or days down to minutes.

With Puppet Comply, you can assess your infrastructure against CIS and STIG Benchmarks, two sets of guidelines for secure system configuration from the Center for Internet Security (CIS) and the Defense Information Systems Agency respectively, and use Puppet Enterprise to enforce and bring sprawling IT infrastructures into compliance.

web search
Simulate any target environment for app deployment

Keep deployment surprises to a minimum and make sure new apps are secure and operate as expected.

Agency DevSecOps teams can model any security-compliant IT environment—on-premises or in the cloud—then run apps in that simulated environment in an automated fashion.