Optimization of network device hardening in a multivendor environment
Abstract This paper presents a Python-based Nornir framework for automating network device hardening in multi-vendor environments, addressing critical gaps in scalability and interoperability. Unlike existing single-vendor solutions, our method enforces CIS benchmarks across Cisco, Juniper, and Fort...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Nature Portfolio
2025-04-01
|
| Series: | Scientific Reports |
| Subjects: | |
| Online Access: | https://doi.org/10.1038/s41598-025-97894-4 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849314723452944384 |
|---|---|
| author | Ali Bello Imoukhuede Tarek Rahil Sheltami Asharf Hasan Mahmoud Abdulaziz Yagoub Barnawi |
| author_facet | Ali Bello Imoukhuede Tarek Rahil Sheltami Asharf Hasan Mahmoud Abdulaziz Yagoub Barnawi |
| author_sort | Ali Bello Imoukhuede |
| collection | DOAJ |
| description | Abstract This paper presents a Python-based Nornir framework for automating network device hardening in multi-vendor environments, addressing critical gaps in scalability and interoperability. Unlike existing single-vendor solutions, our method enforces CIS benchmarks across Cisco, Juniper, and Fortinet devices, achieving an 82.18% reduction in hardening time compared to prior automation tools and a 99.99% improvement over manual techniques. By leveraging Nornir’s multi-threading and vendor-agnostic inventory management, the framework ensures consistent security policies while eliminating configuration errors. Experimental results across 18 heterogeneous devices demonstrate its efficiency, with full hardening completed in 44 s (95% CI [43.8, 44.1]). This work provides enterprises with a scalable solution to rapidly secure complex networks against evolving threats, bridging the gap between compliance standards and real-world deployment. |
| format | Article |
| id | doaj-art-b8bbf9f6ca0443f0aa9f37e13449bebf |
| institution | Kabale University |
| issn | 2045-2322 |
| language | English |
| publishDate | 2025-04-01 |
| publisher | Nature Portfolio |
| record_format | Article |
| series | Scientific Reports |
| spelling | doaj-art-b8bbf9f6ca0443f0aa9f37e13449bebf2025-08-20T03:52:23ZengNature PortfolioScientific Reports2045-23222025-04-0115112010.1038/s41598-025-97894-4Optimization of network device hardening in a multivendor environmentAli Bello Imoukhuede0Tarek Rahil Sheltami1Asharf Hasan Mahmoud2Abdulaziz Yagoub Barnawi3Computer Engineering Department, Interdisciplinary Research Center of Smart Mobility and Logistics, King Fahd University of Petroleum and MineralsComputer Engineering Department, Interdisciplinary Research Center of Smart Mobility and Logistics, King Fahd University of Petroleum and MineralsComputer Engineering Department, Interdisciplinary Research Center of Smart Mobility and Logistics, King Fahd University of Petroleum and MineralsComputer Engineering Department, Interdisciplinary Research Center for Intelligent Secure Systems, King Fahd University of Petroleum and MineralsAbstract This paper presents a Python-based Nornir framework for automating network device hardening in multi-vendor environments, addressing critical gaps in scalability and interoperability. Unlike existing single-vendor solutions, our method enforces CIS benchmarks across Cisco, Juniper, and Fortinet devices, achieving an 82.18% reduction in hardening time compared to prior automation tools and a 99.99% improvement over manual techniques. By leveraging Nornir’s multi-threading and vendor-agnostic inventory management, the framework ensures consistent security policies while eliminating configuration errors. Experimental results across 18 heterogeneous devices demonstrate its efficiency, with full hardening completed in 44 s (95% CI [43.8, 44.1]). This work provides enterprises with a scalable solution to rapidly secure complex networks against evolving threats, bridging the gap between compliance standards and real-world deployment.https://doi.org/10.1038/s41598-025-97894-4Network securityAutomationDevice hardeningOptimizationPerformance |
| spellingShingle | Ali Bello Imoukhuede Tarek Rahil Sheltami Asharf Hasan Mahmoud Abdulaziz Yagoub Barnawi Optimization of network device hardening in a multivendor environment Scientific Reports Network security Automation Device hardening Optimization Performance |
| title | Optimization of network device hardening in a multivendor environment |
| title_full | Optimization of network device hardening in a multivendor environment |
| title_fullStr | Optimization of network device hardening in a multivendor environment |
| title_full_unstemmed | Optimization of network device hardening in a multivendor environment |
| title_short | Optimization of network device hardening in a multivendor environment |
| title_sort | optimization of network device hardening in a multivendor environment |
| topic | Network security Automation Device hardening Optimization Performance |
| url | https://doi.org/10.1038/s41598-025-97894-4 |
| work_keys_str_mv | AT alibelloimoukhuede optimizationofnetworkdevicehardeninginamultivendorenvironment AT tarekrahilsheltami optimizationofnetworkdevicehardeninginamultivendorenvironment AT asharfhasanmahmoud optimizationofnetworkdevicehardeninginamultivendorenvironment AT abdulazizyagoubbarnawi optimizationofnetworkdevicehardeninginamultivendorenvironment |