Whitepaper

Orchestrating
Scripting your Network
Operations and Security
with Ansible and AppViewX

| Simplify application delivery

| Boost network performance
| Improve security posture www.appviewx.com
Abstract
Automation is becoming increasingly crucial for businesses to stay competitive. When
choosing the right automation tool, there are a lot of factors to consider, such as the
existing business process, desired level of automation, cost, and scalability. It is
important to choose carefully, as the wrong tool could create more costs and cause
other problems down the line.

Ansible is a good tool for enterprises because it is agentless and has flexible
automation capabilities. However, it is essential to understand that Ansible has its
limitations. Using it for purposes beyond what it is meant for can cause adverse
complications.

This whitepaper explores how AppViewX can help extend Ansible capabilities to
perform enterprise-wide DevSecOps orchestration.

2
© 2022 AppViewX, Inc. All Rights Reserved.
What’s Inside?

What’s Inside? 3

Introduction 4

Networks and NetOps 6

Networks and DevSecOps 8

Network Orchestration 10

Capabilities of an Effective Network Orchestration Solution 11

Role of AppViewX and Ansible in Network Orchestration 12

Connecting Ansible with AppViewX 13

Representative Use Cases

Use Case 1 18

Application provisioning across F5 BIG-IP LTM, AFM, DigiCert 18

Use Case 2 19

Instantiate a new server on AWS using AppViewX and Ansible 19

Use Case 3 20

Trigger Ansible playbook in AppViewX to create DNS records 20

Conclusion 21

3
© 2022 AppViewX, Inc. All Rights Reserved.
Introduction
Enterprise networks today are extremely complex systems that require the expertise of
different teams to keep them running smoothly. Although each team has different
goals, they all work together to achieve common business objectives, such as providing
uninterrupted services, driving digital transformation, and generating revenue.

Some characteristics of a modern enterprise

network include

Large-scale - running across several geographies

Complex - made up of many physical and virtual devices, protocols,

and policies

Critical - even one failing device can impact the entire network

As technology continues to advance, NetOps, DevOps, and SecOps orchestration is

revolutionizing the way IT professionals manage their networks. By automating and
orchestrating key tasks, they can save time and resources while ensuring that their
networks are streamlined for speed and scalability. This allows them to focus on other
important tasks, such as developing new applications and services. But make no
mistake, the orchestration process is complex. It can be daunting, even for the most
experienced Ops teams. The key to success lies in automating the configuration of
runtime environments and multi-vendor tools that work in harmony with changing
environments.

4
© 2022 AppViewX, Inc. All Rights Reserved.
AppViewX and Ansible are a dynamic duo when
it comes to automation and orchestration.

Ansible is a bit like a Magic 8 Ball for your IT infrastructure. It is used by enterprises
worldwide for simplifying ITOps and automating workflows across DevOps and
NetOps. As a configuration management and IT automation tool, Ansible is very
powerful; the elemental CLI scripting can be used for configuring almost any IT
component. Its agentless nature and versatility make it an appealing tool for large
enterprise organizations.

AppViewX offers a game-changing application delivery and security orchestration

solution that provides NetOps, DevOps, and SecOps teams with a centralized control
plane to join forces to supercharge and automate the testing, deployment, and
monitoring of applications while still maintaining security and compliance.

This whitepaper explores the AppViewX and Ansible relationship in

depth, uncovering key use cases for this technology combination.
You will learn how AppViewX integration with Ansible provides a
powerful solution for enhancing automation tasks and simplifying
orchestration to continuously optimize network performance and
secure application delivery.

5
© 2022 AppViewX, Inc. All Rights Reserved.
Networks and NetOps
When the network goes down, everything grinds to a halt.

The day-to-day operations of an enterprise rely heavily on networks being up and

running continuously. Even a short downtime event can be disastrous for a business,
and attempting to manually detect and correct network issues can often worsen the
situation. Owing to their expanse and depth, zeroing in on the issue could take hours, if
not days, and fixing it could take equally long. Not having an automatic failover
mechanism further exacerbates the situation - manually rerouting traffic takes time,
and business-critical applications remain unavailable for that duration.

To avoid these issues, it is essential to have a comprehensive network orchestration

solution in place that can automatically detect and correct any issues that arise.
Automating networks is about more than just configuring switches and implementing
firewall policies. NetOps needs to make sure the tool(s) they use offer end-to-end
orchestration, with context-aware troubleshooting and auto-remediation mechanisms
built in. Network performance has a direct impact on business continuity. Any issue
that crops up in devices or pathways needs to be swiftly detected, diagnosed, and
resolved. Failing to do so will result in downtime and losses in revenue.

Security-
Aligned

NetOps

Analytics- Automation-
Driven Friendly

6
© 2022 AppViewX, Inc. All Rights Reserved.
Network downtime is
the most detrimental
of all IT service
outages.

7
© 2022 AppViewX, Inc. All Rights Reserved.
Networks and DevSecOps
There are many layers to IT security.

IT security is a complex issue with many layers of protection from the perimeter to the
application layer. The outermost layer is the most visible and obvious, but the inner
layers are just as important as that is where the business-critical applications and data
reside. Each layer of security must be strong in order to protect the ones underneath it.

The first layer is physical security. This includes things like login passwords and access
alerts.

The second layer is technological security, including firewalls and encryption.

The third layer is organizational security, which includes policies and procedures.

The fourth layer is human security, which includes training and awareness.

Each of these layers is important in its own right, but they all work together to create a
strong security posture. When one layer is weak, it can jeopardize the others. That is
why it is important to have a holistic security approach that considers all of these
layers.

DevSecOps is a term used to describe the practice of integrating security into the
software development and IT operations processes. By continuously automating
security testing and validation, DevSecOps can help organizations deliver quality
software faster while maintaining high-security levels.

Organizations that are embracing DevSecOps become more agile and are seeing
significant benefits. They are releasing new features and updates more quickly while
reducing the risk of security vulnerabilities. Automating security policies can also
identify and fix problems more quickly and efficiently.

8
© 2022 AppViewX, Inc. All Rights Reserved.
 Development IT Operations

Security Application
Delivery

DevSecOps is not just

a methodology.

9
© 2022 AppViewX, Inc. All Rights Reserved.
Network Orchestration
A single application can require hundreds of servers, virtual machines, and containers
to make it available to internal and external users and customers. This makes
managing applications very complex, which has created a need for improved
visualization of the network.

Network Orchestration provides a more visual way of understanding automation

workflows and how devices in your network connect to each other. For example, you
can visually see which devices are being affected by congestion on the network and
which devices are affected by other devices on the network. This enables teams to
optimize automation to address issues more effectively to ensure applications are
continuously available.

Orchestration Automation

Automating many tasks as a Setting up one task to run on

process or workflow its own

10
© 2022 AppViewX, Inc. All Rights Reserved.
Capabilities of an Effective Network
Orchestration Solution
Here are the top six capabilities every network
orchestration solution should possess:

Automation and Orchestration: NetOps, SecOps, and DevOps

Seamless and flexible deployment Friendly: Should be easy to deploy and
model that goes wide (across provide a truly flexible deployment
heterogeneous environments and model - to create, manage, monitor, and
vendors) and deep (device-level). It optimize network resources. Owners
should provide a comprehensive should be able to self-service those
automation and orchestration solution network operations pertaining to their
that works across different network applications and ensure airtight security
layers, vendors, and environments along every layer - from the physical up
(on-premise, private, and hybrid cloud). to the application layer.

Centralized Visibility: Holistic view of Cross-team collaboration: Should

all network components and facilitate cross-team collaboration while
automation workflows that makes it ensuring network security, availability,
easier to predict errors and detect and integrity.
failures.

Integration with third-party tools:

Intuitive: It should provide config-, Additionally, it should integrate with
state-, and context-aware almost all industry-standard IT
troubleshooting and auto-remediation automation tools, such as Ansible and
to eliminate downtime and minimize others.
human intervention and errors.

11
© 2022 AppViewX, Inc. All Rights Reserved.
Role of AppViewX and Ansible in
Network Orchestration

Ansible

Ansible can be used to automate specific tasks in the network, like configuring switches
ad-hoc and opening firewall ports. Ansible’s CLI-based automation has the capability to
drill deep into the network and, since it is agentless, can be used on any device from
any vendor.

One of the favorite automation tools for DevOps, Ansible has also established itself as
an automation tool for networks. Ansible uses code templates called playbooks, written
in YAML, to perform automation tasks. Ansible is chiefly used for Day 0/Day 1
provisioning, configuration management, and task automation.

AppViewX

AppVIewX delivers an end-to-end low-code network orchestration and application

security solution. It handles high-level network operations like real-time monitoring and
reporting, key/certificate provisioning and management, context-aware
troubleshooting and auto-remediation, and self-servicing capabilities. While Ansible
(Core) is CLI-based, AppViewX is GUI-based. It uses REST API to connect with third-party
tools and cloud platforms.

12
© 2022 AppViewX, Inc. All Rights Reserved.
Connecting Ansible with AppViewX
Digital transformation demands NetOps, SecOps, and DevOps to align to a holistic
automation approach. With common business goals, NetOps, SecOps, and DevOps
teams need to work together to drive a successful digital business. The highest level of
automation maturity involves interconnecting multiple automation and orchestration
tools.

The AppViewX solution can run on the same control node where Ansible is installed.
You can import Ansible playbooks into AppViewX and call the appropriate ones to
construct workflows in the Visual Workflow builder (explained below) based on the
orchestration instance. You can also view and edit the playbook contents from inside
AppViewX.

14
13
© 2022 AppViewX, Inc. All Rights Reserved.
“AppViewX as a platform can function
as both Northbound and Southbound
for Ansible”

With AppViewX and Ansible integration, there are two ways NetOps, SecOps, and
DevOps teams can automate complex requests.

1. AppViewX as the automation controller; Ansible as Southbound.

2. AppViewX as the orchestration controller; Ansible as Northbound.

Implementation via Ansible Implementation via AppViewX

Leveraging a vast library of pre-built tasks, low-code elements, and workflows, the
AppViewX platform enables Ops teams to quickly and easily translate business
requirements into automation workflows that improve agility, enforce compliance,
eliminate errors, and reduce cost.

14
© 2022 AppViewX, Inc. All Rights Reserved.
While creating automation workflows, you can drag and drop the Ansible component
(playbooks) onto the design canvas. Ansible playbooks are discovered, and the
AppViewX platform will invoke the right playbook to deploy and configure applications
requested in the workflow. AppViewX can be utilized as an orchestrator tool with ITSM
and DDI integration, allowing Ansible to deploy any application instance and implement
load balancer configuration or any network device.

Figure: Drag and drop feature to add Ansible playbooks onto the AppViewX design canvas

The AppViewX and Ansible integration opens wide use cases providing continuous
automation of application delivery requests. It enables provisioning on any
infrastructure components and provides centralized control from the AppViewX
platform.

15
© 2022 AppViewX, Inc. All Rights Reserved.
Advantages of using AppViewX
with Ansible
1. Highly Scalable and Adaptive: 3. Deploy Anywhere: Every workflow that
AppViewX is an infinitely scalable and you create on theAppViewX platform can
adaptive orchestration solution that be used and reused any number of times
integrates with Ansible to manage the for orchestrating any process.
expansion of services with new
devices. This guarantees that when the 4. DevSecOps-Friendly: AppViewX was
network expands and new devices are designed to be self-serviceable for
introduced to support additional automating network tasks related to
services, all components will operate applications. You can create workflows
together effortlessly. and selectively share them with other
teams to use as they require. This
2. Zero Learning Curve: All you need to enables different teams involved in
get started with AppViewX is a good DevOps and SecOps to share
understanding of networking. responsibilities based on their area of
AppViewX is a low-code automation expertise and helps deliver
and orchestration platform, meaning higher-quality, more secure results
that you can configure workflows faster.
without writing any code. The Visual
Workflow provides a library of over 5. Application-Centric Visibility:
300 ready-to-use network components AppViewX helps you monitor your
that have been abstracted so that you network infrastructure in real-time, so
do not need to write any code. you can spot problems before they cause
your applications to go offline. With
Dashboards and InfraMaps, you can see
exactly where issues are occurring, so
you can quickly resolve them.

16
© 2022 AppViewX, Inc. All Rights Reserved.
6. Context-Aware Troubleshooting and 8. Comprehensive Network and
Auto-Remediation: The Application Security Management:
context-aware capability also lets you With AppViewX, you can integrate with all
validate the state and status of the major CAs and SSH vendors to provide a
network before and after executing an safe and encrypted environment for your
orchestration workflow to ensure that applications. Additionally, you can
the change does not negatively affect automate web application firewall
infrastructure and application delivery. provisioning and rule configuration to
keep applications secure.
7. Centralized Management and
Extensive Integrations: AppViewX has
integrations with all the major players,
like Ansible, F5, AWS, Infoblox, Digicert
CA, ServiceNow, etc. These integrations
enable AppViewX to provide a central
control plane for all network
operations.

17
© 2022 AppViewX, Inc. All Rights Reserved.
Representative Use Cases
Use Case 1
Application provisioning across F5 BIG-IP LTM,
AFM, DigiCert

AppViewX can manage an infinite number of physical and virtual devices

simultaneously, irrespective of the ecosystem. Such a solution alongside Ansible
ensures that when the network scales up with time and new devices are incorporated
to support new services, all the components work in sync, and disjointed processes are
streamlined.

AppViewX as
Southbound
for DNS, Cert,
Virtual Server

Ansible for { ----------- FW

User ---------
Firewall ------
YAML }
Provisioning

Figure: Process diagram for application provisioning using AppViewX for

centralized orchestration and Ansible task automation

18
© 2022 AppViewX, Inc. All Rights Reserved.
Use Case 2
Instantiate a new server on AWS using AppViewX
and Ansible

In this example, you can view the performance of an application and its underlying
infrastructure with InfraMaps. By analyzing the traffic metrics, you can decide whether
the application requires a new server to be added to the infrastructure. If it does,
simply drag and drop the server instantiation component from the AppViewX service
catalog with Visual Workflow. An AppViewX self-service form is then created and
customized to collect inputs which will automatically be relayed as variables to the
Ansible playbook chosen to execute this task.

Pre-validation and post-validation checks help ensure that your server and network are
running smoothly. Adding your server as a pool member to an existing virtual server
helps improve the server's performance and allows you to monitor it more easily from
the InfraMap.

Figure: AppViewX Workflow to instantiate a new server on AWS using

AppViewX automation and orchestration

19
© 2022 AppViewX, Inc. All Rights Reserved.
 Create pool member and associate to
an existing virtual server

Configure server using playbooks AWS

Inventory Ubuntu Server

Figure: Process diagram to instantiate a new server on AWS using AppViewX

automation and orchestration

Use Case 3
Trigger Ansible playbook in AppViewX to create
DNS records
In this example with AppViewX, you can trigger Ansible playbooks to create DNS
records – making it easier to implement service requests across multiple vendors. By
defining roles, DevOps and NetOps can work together more seamlessly and deliver
applications faster through a centralized automation and orchestration solution.

{
-----------
---------
User ------
YAML }

Figure: Process diagram to trigger Ansible playbooks in AppViewX to create

DNS records

20
© 2022 AppViewX, Inc. All Rights Reserved.
Conclusion

Digital transformation is at the heart of how networks are evolving, and organizations
need to follow suit by modernizing their infrastructure. Software-defined networking
permits scale-on-demand, agile change, and advanced analytics. There are various
ways to achieve an agile infrastructure for your organization, such as automation and
orchestration.

AppViewX offers a platform that can help your organization be more agile, including
role-based access control, out-of-the-box automation workflows, self-servicing,
multi-vendor support, certificate lifecycle management, context awareness, and
orchestration. By integrating with Ansible, AppViewX can enhance automation and
orchestrate processes to help you rapidly deploy new applications while maintaining
control over your infrastructure. AppViewX can help your company succeed in the
digital era with faster time-to-value and greater agility by accelerating secure
application delivery.

If you're looking for a way to streamline your NetOps and DevSecOps tasks, consider
using AppViewX in tandem with Ansible. AppViewX provides a central control plane that
makes it easy to manage and orchestrate all your automated tasks through Ansible.
This toolset can help improve efficiency, optimize workflows, and ultimately help you
get more done.

Talk to an Expert

21
© 2022 AppViewX, Inc. All Rights Reserved.
 About AppViewX

AppViewX is revolutionizing how NetOps and SecOps teams deliver services to Enterprise IT. The

AppViewX Platform is a modular, low-code software application that enables the automation and

orchestration of network infrastructure using an intuitive, context-aware visual workflow. It quickly

and easily translates business requirements into automation workflows that improve agility,

enforce compliance, eliminates errors, and reduce cost. AppViewX is headquartered in Seattle with

offices in the U.S., U.K., and India.

To know more, visit www.appviewx.com

AppViewX Inc.,

City Hall, 222 Broadway [email protected] +1 (206) 207-7541

New York, NY 10038 www.appviewx.com +44 (0) 203-514-2226

22
© 2022 AppViewX, Inc. All Rights Reserved.