#Playbook to deploy Hardening Guide?

Have we automated, in any way, the deployment of TR-4569, ONTAP Hardening Best Practices?

On the Dev Side i'm not aware of one, just looking through the doc it looks like most if not could be automated in a playbook.

anyone already working on this....

Not that i'm aware of.

Might try asking in 'security' or dm @midnight sail - I seem to recall something a while back that they posted on GitHub.

https://netapp.io/2020/04/03/harden-ontap-with-ansible-role/

https://github.com/NetApp/ansible/tree/master/nar_ontap_security_ucd_guide

A few years old now - might need an update

Yes that's the one for Ansible. Does need an update but most it's still relevant. However both System Manager (via Sys Mgr Insights) and AIQUM (via AIQUM Security Dashboard) have graphical ways to configure security based on the hardening guide.

It's more about having a "Hardened by Default" sort of posture as a deployment option...

Not a Day2 "run these scripts once it's done" kind of thing.

Even if we could only get a %'age of the way there

This approach would work well as a layer on top of what their ONTAP deployment process already is.