Troubleshooting of problems, such as attacks and misconfigurations, and ensuring the resilience of networks is a significant issue for network operators. It increasingly requires the management of a distributed, potentially multidomain, monitoring and detection infrastructure that can be used to direct mitigation strategies that make run-time adjustments to network mechanisms and services. This can be a complex task. In this article we describe an integrated framework for the design, evaluation, and deployment of network resilience strategies. These strategies describe the management behavior of a number of federated, policy-controlled resilience mechanisms, such as monitoring and detection systems. The framework allows the generalization of the most effective policy configurations into reusable management patterns, which can then be rapidly deployed in the network infrastructure.