Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
627
Views
0
Helpful
2
Replies

Air Gapped Network?

Ketchup57
Level 1
Level 1

‎02-25-2024 11:09 AM

Hello Team,
Little bit of clarity a customer is Federal/DoD environment with limited resources to even get us to the minimum starting point of get IaC started, to even getting the time to develop secure STIG baselines of a container type environment to be deployed. At-least for the next several years. There's a small team of us (2 ) working on building out IaC for our overall "baseline" configs. We are manually developing the code to manage ACL/ACPs across all of our Equipment and from what I can tell this Kit could also be used for some of this process of maintaining things.

Been doing research to try and find solutions to solve the time to troubleshoot issues with our Equipment. This kit seems like it could be a great spot for specifically our T-4 Engineering support and help us not have to go through 5 different interfaces of different monitoring solutions we seem to have deployed or testing for the future.

My question is can this be used for our internal support of tracking issues or potential issues on an Air gaped Network?
by the looks of it it appears that way. The only question is for authentication requirements of 2FA via on prem tokens as we are not tied to any type of cloud environments.

Hopefully this all makes sense.
We are small team with limited resources, and finally getting progress for our Internal Automation Tools. But like all automation tools or path ways that would be us manually reinventing the wheel, or can't use specific tools/systems for deployments due to limited resources, security related approval of open source tools and then the monitoring of such items as well. 

 

Labels:
0 Helpful
2 Replies 2

Ketchup57
Level 1
Level 1

‎02-25-2024 11:18 AM

Also if it can be based on any requirements of RADKit itself. I would suggest having information for this as well.

The big reason why I like the way this Kit is going based on information provided. IS that we try to look / research online every possible issue before opening a case with TAC. This could help us present everything to TAC if came down to that.

 

0 Helpful

Rana Khalil
Cisco Employee
Cisco Employee

‎04-15-2024 04:44 AM

Dear @Ketchup57 ,

Thanks for reaching out to us! 

This is Rana with RADKit support.

You might need to check in our documentation the direct_login method. It offers direct cloudless login (when connecting straight to the service's webserver, without going through the cloud). 
An example of running the service would be:
+ ``radkit-service --no-cloud run``

Keep in mind that the use of a RADKit Service admin account is required to authenticate a direct connection.

 
For the 2FA, TACACS+ support is in progress, we would like to hear more about your use case to know if it is on the roadmap, already established, or not yet.
 
https://radkit.cisco.com/docs/pages/client_guide.html#initial-scope
 
I will be waiting to hear more from you.
 
Regards,
Rana
0 Helpful
Customers Also Viewed These Support Documents