ONES security solutions enhance SONiC deployments for enterprise safety.

ONES enhances the security of SONiC deployments by employing a multi-layered approach that encompasses security scans, integration of Certificate Authority (CA), Role-Based Access Control (RBAC), LDAP authentication, and Mutual Transport Layer Security (TLS). This strategy aims to facilitate secure communications, user access management, and real-time vulnerability monitoring, which are essential for compliance with regulations.

Security Features

ONES incorporates Mutual TLS to ensure verified communication between clients and servers by mandating mutual identity verification through digital certificates. This process is crucial for protecting sensitive data during exchanges across diverse systems and services.

By embedding security scans into Continuous Integration (CI) and Continuous Deployment (CD) pipelines, ONES utilizes tools like Synk and SonarQube to identify vulnerabilities early in the development process. This method allows for continuous patching while minimizing downtime, thus preserving application functionality.

User Management

With LDAP integration, ONES facilitates centralized user authentication, which enhances management efficiency across the network. This connection with platforms like Active Directory simplifies access control, reduces administrative efforts, and strengthens security.

ONES collects real-time telemetry data on software versions and security vulnerabilities, supporting compliance through customizable alerts and monitoring dashboards. This functionality assists enterprises in maintaining software health and identifying anomalies rapidly.

API Security

The security of ONES's Application Programming Interface (API) endpoints is ensured through mechanisms such as API tokens and JWT. An API gateway is employed to regulate traffic and enforce access controls, thereby protecting crucial operations from unauthorized users.

Continuous Monitoring

ONES utilises advanced analytics powered by Machine Learning (ML) to scrutinize network behavior continuously. This functionality aids in the early detection of irregularities, enabling proactive threat mitigation measures that lower the chances of security incidents.

Account Security

The platform emphasizes account security through policies like Multifactor Authentication (MFA) and monitoring of user activities. Individual user accounts are mandated, with a designated ‘super admin’ account available for management tasks to ensure operational consistency.

ONES tracks software versions and patch statuses, coupled with policy-driven alerts and visual compliance dashboards. This feature supports enterprises in fulfilling regulatory and governance standards without needing manual intervention.