Continuous security audit automation with Spacewalk, Puppet, Mcollective and SCAP
|
|
- Lionel Walton
- 8 years ago
- Views:
Transcription
1 Continuous security audit automation with Spacewalk, Puppet, Mcollective and SCAP Vasileios A. Baousis (Ph.D) Network Applications Team Slide 1
2 Agenda Introduction Background - SCAP - Puppet &Mcollective - Spacewalk System setup Reports and use of the output Questions Slide 2
3 Introduction Why we should perform Continuous security audit? Why to automate this process? Manual? No way. Security should be considered and implemented for the entire lifecycle of a system. The same applies for the auditing of a system but most of the times it is neglected. Security (mis)configuration drifts, missing important package patches are identified when it is tooooooooooooooooooo late. Continuous auditing/reporting in a consistent & automated manner. Work in progress Slide 3
4 Security Content Automation Protocol (SCAP) A standardized compliance checking solution for enterprise-level Linux systems. It is a line of specifications maintained by the NIST for system security. OpenSCAP implements the SCAP specifications, and is an auditing tool that utilizes the Extensible Configuration Checklist Description Format (XCCDF). XCCDF is a standard way of expressing checklist content and defines security checklists &combines with other specifications to create a SCAP-expressed checklist that can be processed by SCAP-validated products. These are: Common Platform Enumeration (CPE), Common Configuration Enumeration(CCE), Open Vulnerability and Assessment Language (OVAL). OpenSCAP a. verifies the presence of patches by using content produced by the distro distributors b. checks system security configuration settings and c. examines systems for signs of compromise/misconfiguration by using rules based on standards and specifications. Slide 4
5 Oscap command line oscap -h oscap OpenSCAP command-line tool Usage: oscap [options] module operation [operation-options-and-arguments] oscap options: -h --help - show this help -q --quiet - quiet mode -V --version - print info about supported SCAP versions Commands: ds oval xccdf cvss cpe cve info - DataStream utilities - Open Vulnerability and Assessment Language - extensible Configuration Checklist Description Format - Common Vulnerability Scoring System - Common Platform Enumeration - Common Vulnerabilities and Exposures - info module oscap ds -h oscap -> ds DataStream utilities Usage: oscap [options] ds command Datastreams: an archive of interlinked SCAP content (XCCDF,OVAL,CPE).Source and Result DataStreams Commands: sds-split sds-compose sds-add sds-validate rds-split rds-create rds-validate - Split given SourceDataStream into separate files - Compose SourceDataStream from given XCCDF - Add a component to the existing SourceDataStream - Validate given SourceDataStream - Splits a ResultDataStream. Creating source datastream (from report-request) and report in target directory. - Create a ResultDataStream from given SourceDataStream, XCCDF results and one or more OVAL results - Validate given ResultDataStream Slide 5
6 Oscap command line oscap -> xccdf extensible Configuration Checklist Description Format Usage: oscap [options] xccdf command [command-specific-options] Commands: eval - Perform evaluation driven by XCCDF file and use OVAL as checking engine resolve - Resolve an XCCDF document validate - Validate XCCDF XML content validate-xml - Validate XCCDF XML content export-oval-variables - Export XCCDF values as OVAL external-variables document(s) generate - Convert XCCDF Benchmark to other formats remediate - Perform remediation driven by XCCDF TestResult file or ARF. oscap -> xccdf -> eval Perform evaluation driven by XCCDF file and use OVAL as checking engine Usage: oscap [options] xccdf eval [options] INPUT_FILE [oval-definitions-files] INPUT_FILE - XCCDF file or a source data stream file Options: --profile <name> - The name of Profile to be evaluated. --tailoring-file <file> - Use given XCCDF Tailoring file. --tailoring-id <component-id> - Use given DS component as XCCDF Tailoring file. --cpe <name> - Use given CPE dictionary or language (autodetected).. oscap xccdf eval --profile MAC-1_Public --cpe /usr/share/openscap/redhat_simple/u_redhat_6_v1r4_benchmark-cpe-dictionary.xml /usr/share/openscap/redhat_simple/u_redhat_6_v1r4_benchmark-xccdf.xml Slide 6
7 Oscap command line oscap oval -h oscap -> oval Open Vulnerability and Assessment Language oscap oval collect com.redhat.rhsa-all.xml Usage: oscap [options] oval command Commands: collect eval analyse validate validate-xml generate list-probes - Probe the system and create system characteristics - Probe the system and evaluate definitions from OVAL Definition file - Evaluate provided system characteristics file - Validate OVAL XML content - Validate OVAL XML content - Convert an OVAL file to other formats - List supported object types (i.e. probes) oscap -> oval -> eval Probe the system and evaluate definitions from OVAL Definition file Usage: oscap [options] oval eval [options] oval-definitions.xml Options: --id <definition-id> - ID of the definition we want to evaluate. --variables <file> - Provide external variables expected by OVAL Definitions. --directives <file> - Use OVAL Directives content to specify desired results content. --results <file> - Write OVAL Results into file. --report <file> - Create human readable (HTML) report from OVAL Results. --skip-valid - Skip validation. --datastream-id <id> - ID of the datastream in the collection to use. (only applicable for source datastreams) --oval-id <id> - ID of the OVAL component ref in the datastream to use. (only applicable for source datastreams) --probe-root <dir> - Change the root directory before scanning the system. Slide 7
8 Oscap command line oscap cvss -h oscap -> cvss Common Vulnerability Scoring System Usage: oscap [options] cvss command Commands: score describe - CVSS score from a CVSS vector - Describe a CVSS vector oscap cpe -h oscap -> cpe Common Platform Enumeration Usage: oscap [options] cpe command Commands: match check validate validate-xml - Match CPE name against provided dictionary - Check if CPE name is valid - Validate CPE Dictionary content - Validate CPE Dictionary content Slide 8
9 Puppet IT automation software that helps system administrators manage infrastructure throughout its lifecycle, from provisioning and configuration to orchestration and reporting. Easily automate repetitive tasks Quickly deploy critical applications, Proactively manage change, scaling from 10s of servers to 1000s, on-premise or in the cloud. Slide 9
10 Puppet typical workflow Puppet Interface Version Control Repository Puppet master 2. Perform checkout 1. Commit changes 3. Apply changes 4. Report back the performed changes SSL Nodes Puppet agent Slide 10
11 Puppet interface Slide 11
12 Mcollective 1/2 The Marionette Collective MCollective is a framework to build server orchestration and parallel job execution systems Uses Publish/Subscribe Middleware and real time discovery of network resources using meta-data and not hostnames. Delivering a scalable and fast parallel execution environment. Slide 12
13 Mcollective 2/2 Use a broadcast paradigm for request distribution. - All servers get all requests at the same time, requests have filters attached and only servers matching the filter will act on requests. - There is no central asset database to go out of sync, the network is the only source of truth. Supports complex naming conventions for hostnames as a means of identity. Meta data comes from Puppet, Facter or custom plugins. CLI tools to call remote agents. Ability to write custom reports about your infrastructure. Allows you to write simple RPC style agents, clients and Web UIs in an easy to understand language - Ruby. Include Authentication, Authorization and Auditing (AAA) of requests. Slide 13
14 MCO in action Slide 14
15 MCO in action Slide 15
16 MCO in action Slide 16
17 MCO in action Slide 17
18 What is Spacewalk (1/2) Open source Linux systems management software from RH (under the terms of the GNU General Public License version 2) Satellite and Novell SUSE Manager commercial products are identical. Manages software content updates for Red Hat derived distributions (Fedora, CentOS, SL and SUSE). You can: - stage software content through different environments, - managing the deployment of updates to systems and - allowing you to view at which update level any given system is at across your deployment. Provides central web interface allowing viewing of systems, their associated software update status, and initiating update actions... Slide 18
19 What is Spacewalk (2/2) Provides provisioning/monitoring capabilities, allowing: - Inventory your systems (hardware and software information) - Install and update software on your systems -Collect and distribute your custom software packages into manageable groups -Provision (kickstart) your systems -Manage and deploy configuration files to your systems -Monitor your systems -Provision virtual guests -Start/stop/configure virtual guests -Distribute content across multiple geographical sites in an efficient manner Multiple Spacewalk Proxies can connect to a central Spacewalk server and cache and distribute content from the Spacewalk Server in various geographical locations. More on spacewalk.redhat.com Slide 19
20 Spacewalk architecture Three tier architecture 1. Presentation tier : web UI, command line clients, and XML-RPC clients 2. Logic tier :Spread across the four languages: Java, Perl, python, and PL/SQL. 3. Data tier =>RDBMS :Oracle or PostgreSQL Entities Backend provides a set of APIs that the different client utilities (rhn_register, up2date, yum) can connect to. Taskomatic is a daemon whose job is to perform long running tasks that are scheduled to run asynchronously, such as clean up the sessions table, or send out notifications for new errata Slide 20
21 A Spacewalk typical configuration Slide 21
22 Cooking all together!!!! Mcollective Slide 22
23 Fetching and updating oval files Redhat com.redhat.rhsa-all.xml Puppet-Master Novel suse.linux.enterprise.server.11.xml node 'puppet-master-ent.ecmwf.int' { filefetcher::fetch { 'Security Oval': filename => 'com.redhat.rhsa-all.xml', target_dir => '/etc/puppet/environments/production/modules/ecpds/files/roothomefolder', user => 'root', rights => '644', url => ' redownload => true, } filefetcher::fetch { 'suse.linux.enterprise.server.11.xml': filename => 'suse.linux.enterprise.server.11.xml', target_dir => '/etc/puppetlabs/code/environments/production/modules/ecpds/files/roothomefolder', user => 'root', rights => '644', url => ' redownload => true, } filefetcher::fetch { 'suse.linux.enterprise.server.11-patch.xml': filename => 'suse.linux.enterprise.server.11-patch.xml', target_dir => '/etc/puppetlabs/code/environments/production/modules/ecpds/files/roothomefolder', user => 'root', rights => '644', url => ' redownload => true, } } Nodes class { openscap::xccdf::eval: name => my-daily-ssg-audit, period => daily, } class openscap::params { $period = 'weekly' $weekday = 'Sat' $content_package = ['scap-security-guide'] $xccdf_path = '/usr/share/xml/scap/ssg/fedora/ssg-fedora-ds.xml' $xccdf_profile = 'xccdf_org.ssgproject.content_profile_common' case $::osfamily { 'redhat' : { $packages = ['rubygem-openscap'] suse' : { $packages = ['openscap'] } default : { fail("the ${module_name} module is not supported on an ${::osfamily} based system.") } } } Slide 23
24 Execute audit Report results Spacewalk Puppet-master Mcollective Schedule audit Report results Execute audit Report results Nodes Slide 24
25 Reports 1/5 Slide 25
26 Reports 2/5 Slide 26
27 Reports 3/5 Slide 27
28 Reports 4/5 Slide 28
29 Reports 5/5 Slide 29
30 Results Consistent system configuration and compliance with standards. Integration of security and auditing into the entire lifecycle of a system - Configuration Management Frameworks - Security and auditing are not isolated processes. - Prevention of Configuration and/or security drifts - Early warning of missing packages/patches and potential vulnerabilities. Automation of the entire process to be scalable with considerable system number increase Can be used to different environments ranging from physical- on premise systems to virtual on the Cloud or remote systems (which may need additional protection and auditing) Slide 30
31 Resources 1. SCAP : 2. XCCDF - The Extensible Configuration Checklist Description Format : 1. CPE-Common Platform Enumeration 3. CCE -Common Configuration Enumeration 4. OVAL-Open Vulnerability and Assessment Language Puppet : 6. Spacewalk: 7. Mcollective : Slide 31
32 Continuous security audit automation with Spacewalk, Puppet, Mcollective and SCAP Vasileios A. Baousis (Ph.D) Network Applications Team Slide 32
How To Use A Policy Auditor 6.2.2 (Macafee) To Check For Security Issues
Vendor Provided Validation Details - McAfee Policy Auditor 6.2 The following text was provided by the vendor during testing to describe how the product implements the specific capabilities. Statement of
More informationBMC Client Management - SCAP Implementation Statement. Version 12.0
BMC Client Management - SCAP Implementation Statement Version 12.0 BMC Client Management - SCAP Implementation Statement TOC 3 Contents SCAP Implementation Statement... 4 4 BMC Client Management - SCAP
More informationQualys PC/SCAP Auditor
Qualys PC/SCAP Auditor Getting Started Guide August 3, 2015 COPYRIGHT 2011-2015 BY QUALYS, INC. ALL RIGHTS RESERVED. QUALYS AND THE QUALYS LOGO ARE REGISTERED TRADEMARKS OF QUALYS, INC. ALL OTHER TRADEMARKS
More informationSecurity compliance automation with Red Hat Satellite
Security compliance automation with Red Hat Satellite Matt Micene Solution Architect, DLT Solutions @cleverbeard @nzwulfin Created with http://wordle.net Compliance is a major problem About half of the
More informationSecure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities
Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Sean Barnum sbarnum@mitre.org September 2011 Overview What is SCAP? Why SCAP?
More informationSystem Management with Spacewalk
System Management with Spacewalk System Management with Spacewalk System Management with Spacewalk Introduction Requirements Virtual machine requirements Pre-requisite knowledge Connectivity Lab structure
More informationManaging your Red Hat Enterprise Linux guests with RHN Satellite
Managing your Red Hat Enterprise Linux guests with RHN Satellite Matthew Davis, Level 1 Production Support Manager, Red Hat Brad Hinson, Sr. Support Engineer Lead System z, Red Hat Mark Spencer, Sr. Solutions
More informationSecstate: Flexible Lockdown, Auditing, and Remediation
Secstate: Flexible Lockdown, Auditing, and Remediation Certifiable Linux Integration Project Tresys Technology Karl MacMillan Topics Secstate Overview Sample session illustrating
More informationFederal Desktop Core Configuration (FDCC)
Federal Desktop Core Configuration (FDCC) Presented by: Saji Ranasinghe Date: October, 2007 FDCC Federal Desktop Core Configuration (FDCC) Standardized Configuration with Hardened Security Settings to
More informationSystem management with Spacewalk
Tips for managing CentOS http://www.stankowic-development.net, @stankowic_devel CentOS Dojo Cologne, 2014 whoami $ whoami VMware, UNIX, Linux administrator Messer Information Services GmbH $ apropos Spacewalk
More informationSUSE Manager. A Comprehensive Linux Server Management the Linux Way. Name. Title Email
SUSE Manager A Comprehensive Linux Server Management the Linux Way Name Title Email Agenda 2 Product Overview Features and Functionality Management Module Provisioning Module Monitoring Roadmap Pricing
More informationSystem management with Spacewalk
Motivation Tips for managing Linux and http://www.stankowic-development.net, @stankowic_devel OpenRheinRuhr, 2014 whoami Motivation $ whoami VMware, UNIX, Linux administrator Messer Information Services
More informationFDCC & SCAP Content Challenges. Kent Landfield Director, Risk and Compliance Security Research McAfee Labs
FDCC & SCAP Content Challenges Kent Landfield Director, Risk and Compliance Security Research McAfee Labs Where we have been 1 st Security Automation Workshop nearly 20 people in a small room for the day
More informationOpen Source Datacenter Conference 2011 System Management with RHN Satellite. Dirk Herrmann, Solution Architect, Red Hat
Open Source Datacenter Conference 2011 System Management with RHN Satellite Bringing the Community, Vendors and Users Together Enterprise Users Hardware vendors Software vendors Open Source Community A
More informationTUT19344 Managing RH/CentOS with SUSE Manager
TUT19344 Managing RH/CentOS with SUSE Manager Don Vosburg Systems Engineer dvosburg@suse.com Gokhan Cetinkaya Systems Engineer gcetinkaya@suse.com Agenda SUSE Manager overview SUSE Manager and non-suse
More informationIBM Endpoint Manager Version 9.1. Patch Management for Red Hat Enterprise Linux User's Guide
IBM Endpoint Manager Version 9.1 Patch Management for Red Hat Enterprise Linux User's Guide IBM Endpoint Manager Version 9.1 Patch Management for Red Hat Enterprise Linux User's Guide Note Before using
More informationHow To Monitor Your Entire It Environment
Preparing for FISMA 2.0 and Continuous Monitoring Requirements Symantec's Continuous Monitoring Solution White Paper: Preparing for FISMA 2.0 and Continuous Monitoring Requirements Contents Introduction............................................................................................
More informationRed Hat Network Satellite (On System z) 18-JUNE CAVMEN Meeting
Red Hat Network Satellite (On System z) 18-JUNE CAVMEN Meeting Shawn D. Wells System z Platform Manager (+1) 443 534 0130 Why are we here? PROBLEM SCENARIO SysAdmin wants to automate Linux
More informationSecurity Content Automation Protocol for Governance, Risk, Compliance, and Audit
UNCLASSIFIED Security Content Automation Protocol for Governance, Risk, Compliance, and Audit presented by: Tim Grance The National Institute of Standards and Technology UNCLASSIFIED Agenda NIST s IT Security
More informationDevelop a process for applying updates to systems, including verifying properties of the update. Create File Systems
RH413 Manage Software Updates Develop a process for applying updates to systems, including verifying properties of the update. Create File Systems Allocate an advanced file system layout, and use file
More informationMcAfee Application Control / Change Control Administration Intel Security Education Services Administration Course
McAfee Application Control / Change Control Administration Intel Security Education Services Administration Course The McAfee University Application Control / Change Control Administration course enables
More information2001-2014 The Center for Internet Security. CIS Configuration Assessment Tool CIS-CAT
2001-2014 The Center for Internet Security CIS Configuration Assessment Tool CIS-CAT Users Guide v3.0.01 May 1, 2014 Table of Contents Overview... 3 System Requirements... 3 Supported Benchmarks... 3 Obtaining
More informationMeasurably reducing risk through collaboration, consensus & practical security management. 2013 CIS Security Benchmarks 1
Measurably reducing risk through collaboration, consensus & practical security management 2013 CIS Security Benchmarks 1 Background City University of New York s Rights and Benefits as a CIS Security Benchmarks
More informationRed Hat Satellite Management and automation of your Red Hat Enterprise Linux environment
Red Hat Satellite Management and automation of your Red Hat Enterprise Linux environment WHAT IS IT? Red Hat Satellite server is an easy-to-use, advanced systems management platform for your Linux infrastructure.
More informationRed Hat Network Satellite Management and automation of your Red Hat Enterprise Linux environment
Red Hat Network Satellite Management and automation of your Red Hat Enterprise Linux environment WHAT IS IT? Red Hat Network (RHN) Satellite server is an easy-to-use, advanced systems management platform
More information2001-2014 The Center for Internet Security. Center for Internet Security Configuration Assessment Tool CIS-CAT
2001-2014 The Center for Internet Security Center for Internet Security Configuration Assessment Tool CIS-CAT Users Guide v3.0.05 September 5, 2014 Table of Contents Overview... 3 System Requirements...
More informationPro Puppet. Jeffrey McCune. James TurnbuII. Apress* m in
Pro Puppet m in James TurnbuII Jeffrey McCune Apress* About the Authors About the Technical Reviewer Acknowledgments Introduction Chapter 1: Getting Started with Puppet What Is Puppet? Deployment Configuration
More informationZENworks 11 Support Pack 4 Management Zone Settings Reference. May 2016
ZENworks 11 Support Pack 4 Management Zone Settings Reference May 2016 Legal Notices For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government
More informationSCAP for VoIP Automating Configuration Compliance. 6 th Annual IT Security Automation Conference
SCAP for VoIP Automating Configuration Compliance 6 th Annual IT Security Automation Conference Presentation Overview 1. The Business Challenge 2. Securing Voice over IP Networks 3. The ISA VoIP Security
More informationNipper Studio Beginner s Guide
Nipper Studio Beginner s Guide Multiple Award Winning Security Software Version 2.1 Published March 2015 Titania Limited 2014. All Rights Reserved This document is intended to provide advice and assistance
More informationRed Hat Network Satellite in a Nutshell...
Red Hat Network Satellite in a Nutshell... Clifford Perry Development Lead, Red Hat Inc. Todd Sanders Director, Red Hat Inc. Justin Sherrill Software Engineer, Red Hat Inc. What is RHN Satellite? A systems
More informationIBM Endpoint Manager Version 9.2. Patch Management for SUSE Linux Enterprise User's Guide
IBM Endpoint Manager Version 9.2 Patch Management for SUSE Linux Enterprise User's Guide IBM Endpoint Manager Version 9.2 Patch Management for SUSE Linux Enterprise User's Guide Note Before using this
More informationSymantec Control Compliance Suite Standards Manager
Symantec Control Compliance Suite Standards Manager Automate Security Configuration Assessments. Discover Rogue Networks & Assets. Harden the Data Center. Data Sheet: Security Management Control Compliance
More informationOf Pets and Cattle and Hearts
Of Pets and Cattle and Hearts The SUSE Systems Management Story Joachim Werner Senior Product Manager, SUSE joe@suse.com Who am I? 2 SUSE and Linux Workloads in the Enterprise SUSE Studio Datacenter Private
More informationApplying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains (DRAFT)
NIST Interagency Report 7800 (Draft) Applying the Continuous Monitoring Technical Reference Model to the Asset, Configuration, and Vulnerability Management Domains (DRAFT) David Waltermire, Adam Halbardier,
More informationSecunia Vulnerability Intelligence Manager
TECHNOLOGY AUDIT Secunia Vulnerability Intelligence Manager Secunia Reference Code: OI00070-076 Publication Date: July 2011 Author: Andy Kellett SUMMARY Catalyst Secunia Vulnerability Intelligence Manager
More informationMeasurably reducing risk through collaboration, consensus & practical security management. 2015 CIS Security Benchmarks 1
Measurably reducing risk through collaboration, consensus & practical security management 2015 CIS Security Benchmarks 1 Background State of Idaho s Rights and Benefits as a CIS Security Benchmarks Member
More informationWHAT S NEW IN SAS 9.4
WHAT S NEW IN SAS 9.4 PLATFORM, HPA & SAS GRID COMPUTING MICHAEL GODDARD CHIEF ARCHITECT SAS INSTITUTE, NEW ZEALAND SAS 9.4 WHAT S NEW IN THE PLATFORM Platform update SAS Grid Computing update Hadoop support
More informationTowards security management in the cloud utilizing SECaaS
Towards security management in the cloud utilizing SECaaS JAN MÉSZÁROS University of Economics, Prague Department of Information Technologies W. Churchill Sq. 4, 130 67 Prague 3 CZECH REPUBLIC jan.meszaros@vse.cz
More informationSystem Management with RHN Satellite
System Management with RHN Satellite Calvin Smith, Solution Architect, Red Hat System Management with Red Hat Network Satellite BUSINESS DEMANDS DRIVE I.T. TRANSFORMATION Business wants agility, lower
More informationCloudPassage Halo Technical Overview
TECHNICAL BRIEF CloudPassage Halo Technical Overview The Halo cloud security platform was purpose-built to provide your organization with the critical protection, visibility and control needed to assure
More informationAcronis Backup & Recovery 10 Server for Linux. Update 5. Installation Guide
Acronis Backup & Recovery 10 Server for Linux Update 5 Installation Guide Table of contents 1 Before installation...3 1.1 Acronis Backup & Recovery 10 components... 3 1.1.1 Agent for Linux... 3 1.1.2 Management
More informationAcronis Backup & Recovery 10 Server for Linux. Installation Guide
Acronis Backup & Recovery 10 Server for Linux Installation Guide Table of contents 1 Before installation...3 1.1 Acronis Backup & Recovery 10 components... 3 1.1.1 Agent for Linux... 3 1.1.2 Management
More informationBuilding and Managing a Standard Operating Environment
Building and Managing a Standard Operating Environment Dirk Herrmann Head of Strategic Consulting Central Europe, Red Hat Todd Warner Satellite Product Manager, Red Hat Milan Zázrivec Satellite Software
More informationIntroduction to Mobile Access Gateway Installation
Introduction to Mobile Access Gateway Installation This document describes the installation process for the Mobile Access Gateway (MAG), which is an enterprise integration component that provides a secure
More informationHow To Install Storegrid Server On Linux On A Microsoft Ubuntu 7.5 (Amd64) Or Ubuntu (Amd86) (Amd77) (Orchestra) (For Ubuntu) (Permanent) (Powerpoint
StoreGrid Linux Server Installation Guide Before installing StoreGrid as Backup Server (or) Replication Server in your machine, you should install MySQL Server in your machine (or) in any other dedicated
More informationAcronis Backup & Recovery 10 Server for Linux. Installation Guide
Acronis Backup & Recovery 10 Server for Linux Installation Guide Table of Contents 1. Installation of Acronis Backup & Recovery 10... 3 1.1. Acronis Backup & Recovery 10 components... 3 1.1.1. Agent for
More informationProste zarządzanie setkami serwerów SUSE Manager 2.1 I SUSE Virtualization Enterprise Console
Proste zarządzanie setkami serwerów SUSE Manager 2.1 I SUSE Virtualization Enterprise Console Dariusz Puchalak SUSE Certified Instructor Dariusz@Puchalak.net Dariusz Puchalak since november 2014 at OSEC.pl
More informationScanless Vulnerability Assessment. A Next-Generation Approach to Vulnerability Management
Scanless Vulnerability Assessment A Next-Generation Approach to Vulnerability Management WHITEPAPER Overview Vulnerability scanning, or the process of identifying a list of known security gaps in the network
More informationTechnical. Overview. ~ a ~ irods version 4.x
Technical Overview ~ a ~ irods version 4.x The integrated Ru e-oriented DATA System irods is open-source, data management software that lets users: access, manage, and share data across any type or number
More informationSoftware Vulnerability Assessment
Software Vulnerability Assessment Setup Guide Contents: About Software Vulnerability Assessment Setting Up and Running a Vulnerability Scan Manage Ongoing Vulnerability Scans Perform Regularly Scheduled
More informationCONQUERING COMPLIANCE ISSUES WITH RHN SATELLITE AND TENABLE NESSUS SECURITY
CONQUERING COMPLIANCE ISSUES WITH RHN SATELLITE AND TENABLE NESSUS SECURITY Akash Chandrashekar - Solution Architect, Red Hat Renaud Deraison - Tenable Network Security, Inc. / Nessus.org Compliance Issues
More informationConfiguration Management Evolution at CERN. Gavin McCance gavin.mccance@cern.ch @gmccance
Configuration Management Evolution at CERN Gavin McCance gavin.mccance@cern.ch @gmccance Agile Infrastructure Why we changed the stack Current status Technology challenges People challenges Community The
More informationSeamless integration Connect our solution to your business applications thanks to our open architecture
t b Product data management Manage Product Breakdown Structure and their configurations Process and change management Track and organize changes on your parts, products and documents Seamless integration
More informationPKI Made Easy: Managing Certificates with Dogtag. Ade Lee Sr. Software Engineer Red Hat, Inc. 08.11.2013
2013 PKI Made Easy: Managing Certificates with Dogtag Ade Lee Sr. Software Engineer Red Hat, Inc. 08.11.2013 Agenda What is PKI? What is Dogtag? Installing Dogtag Interacting with Dogtag using REST Future
More informationHow To Achieve Pca Compliance With Redhat Enterprise Linux
Achieving PCI Compliance with Red Hat Enterprise Linux June 2009 CONTENTS EXECUTIVE SUMMARY...2 OVERVIEW OF PCI...3 1.1. What is PCI DSS?... 3 1.2. Who is impacted by PCI?... 3 1.3. Requirements for achieving
More informationwithout the fixed perimeters of legacy security.
TECHNICAL BRIEF The Halo cloud security platform was purpose-built to provide your organization with the critical protection, visibility and control needed to assure cloud security without the fixed perimeters
More informationCloudPassage Halo Technical Overview
TECHNICAL BRIEF CloudPassage Halo Technical Overview The Halo cloud security platform was purpose-built to provide your organization with the critical protection, visibility and control needed to assure
More informationAPPLICATION MANAGEMENT SUITE FOR ORACLE E-BUSINESS SUITE APPLICATIONS
APPLICATION MANAGEMENT SUITE FOR ORACLE E-BUSINESS SUITE APPLICATIONS Oracle Application Management Suite for Oracle E-Business Suite delivers capabilities that helps to achieve high levels of application
More informationAn Approach to Vulnerability Management, Configuration Management, and Technical Policy Compliance
An Approach to Vulnerability Management, Configuration Management, and Technical Policy Compliance Presented by: John Banghart, Booz Allen Hamilton SCAP Validation Project Lead Thoughts on Current State
More informationVirtualization Management the ovirt way
ovirt introduction FOSDEM 2013 Doron Fediuck Red Hat What is ovirt? Large scale, centralized management for server and desktop virtualization Based on leading performance, scalability and security infrastructure
More informationAn Enterprise Continuous Monitoring Technical Reference Architecture
An Enterprise Continuous Monitoring Technical Reference Architecture 12/14/2010 Presenter: Peter Mell Senior Computer Scientist National Institute of Standards and Technology http://twitter.com/petermmell
More informationNetIQ Identity Manager Setup Guide
NetIQ Identity Manager Setup Guide July 2015 www.netiq.com/documentation Legal Notice THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE
More informationSCAP Compliance Checker Version 3.1 for Windows February 12, 2012
SCAP Compliance Checker Version 3.1 for Windows February 12, 2012 Developed by: Space and Naval Warfare (SPAWAR) Systems Center Atlantic P.O. Box 190022 North Charleston, SC 29419-9022 ssc_lant-scc@navy.mil
More informationRequirements Specifications for: The Management Action Record System (MARS) for the African Development Bank
Annex 3 Requirements Specifications for: The Management Action Record System (MARS) for the African Development Bank The bidder is requested to identify and describe the levels of support (Full Support,
More informationInstalling and Administering VMware vsphere Update Manager
Installing and Administering VMware vsphere Update Manager Update 1 vsphere Update Manager 5.1 This document supports the version of each product listed and supports all subsequent versions until the document
More informationRed Hat Subscription Management All Subscription Docs Quick Registration for RHEL
Red Hat Subscription Management All Subscription Docs Quick Registration for RHEL quickly register and subscribe Red Hat Enterprise Linux systems Edition 4 John Ha Deon Ballard Red Hat Subscription Management
More informationDell UPS Local Node Manager USER'S GUIDE EXTENSION FOR MICROSOFT VIRTUAL ARCHITECTURES Dellups.com
CHAPTER: Introduction Microsoft virtual architecture: Hyper-V 6.0 Manager Hyper-V Server (R1 & R2) Hyper-V Manager Hyper-V Server R1, Dell UPS Local Node Manager R2 Main Operating System: 2008Enterprise
More informationArchiving File Data with Snap Enterprise Data Replicator (Snap EDR): Technical Overview
Archiving File Data with Snap Enterprise Data Replicator (Snap EDR): Technical Overview Contents 1. Abstract...1 2. Introduction to Snap EDR...1 2.1. Product Architecture...2 3. System Setup and Software
More informationPaaS solutions evaluation
PaaS solutions evaluation August 2014 Author: Sofia Danko Supervisors: Giacomo Tenaglia Artur Wiecek CERN openlab Summer Student Report 2014 Project Specification OpenShift Origin is an open source software
More informationSOFTWARE TESTING TRAINING COURSES CONTENTS
SOFTWARE TESTING TRAINING COURSES CONTENTS 1 Unit I Description Objectves Duration Contents Software Testing Fundamentals and Best Practices This training course will give basic understanding on software
More informationUser Guide for VMware Adapter for SAP LVM VERSION 1.2
User Guide for VMware Adapter for SAP LVM VERSION 1.2 Table of Contents Introduction to VMware Adapter for SAP LVM... 3 Product Description... 3 Executive Summary... 3 Target Audience... 3 Prerequisites...
More informationAppSentry Application and Database Security Auditing
AppSentry Application and Database Security Auditing May 2014 Stephen Kost Chief Technology Officer Integrigy Corporation About Integrigy ERP Applications Oracle E-Business Suite Databases Oracle and Microsoft
More informationMcAfee Policy Auditor 6.2.0 software
McAfee Policy Auditor 6.2.0 software COPYRIGHT Copyright 2013 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS McAfee, the McAfee logo, McAfee Active Protection, McAfee AppPrism, McAfee
More informationIntroduction to Highly Available NFS Server on scale out storage systems based on GlusterFS
Introduction to Highly Available NFS Server on scale out storage systems based on GlusterFS Soumya Koduri Red Hat Meghana Madhusudhan Red Hat AGENDA What is GlusterFS? Integration with NFS Ganesha Clustered
More informationAutomated Data Ingestion. Bernhard Disselhoff Enterprise Sales Engineer
Automated Data Ingestion Bernhard Disselhoff Enterprise Sales Engineer Agenda Pentaho Overview Templated dynamic ETL workflows Pentaho Data Integration (PDI) Use Cases Pentaho Overview Overview What we
More informationMcAfee Web Gateway Administration Intel Security Education Services Administration Course Training
McAfee Web Gateway Administration Intel Security Education Services Administration Course Training The McAfee Web Gateway Administration course from Education Services provides an in-depth introduction
More informationGFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.
GFI LANguard 9.0 ReportPack Manual By GFI Software Ltd. http://www.gfi.com E-mail: info@gfi.com Information in this document is subject to change without notice. Companies, names, and data used in examples
More informationCloud Storage Backup for Storage as a Service with AT&T
WHITE PAPER: CLOUD STORAGE BACKUP FOR STORAGE AS A SERVICE........ WITH..... AT&T........................... Cloud Storage Backup for Storage as a Service with AT&T Who should read this paper Customers,
More informationARF, ARCAT, and Summary Results. Lt Col Joseph L. Wolfkiel
ARF, ARCAT, and Summary Results Lt Col Joseph L. Wolfkiel Enterprise-Level Assessment and Reporting The Concept Assessment Results Format (ARF) Assessment Summary Results (ASR) The Assessment Results Consumer
More informationGFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.
GFI LANguard 9.0 ReportPack Manual By GFI Software Ltd. http://www.gfi.com E-mail: info@gfi.com Information in this document is subject to change without notice. Companies, names, and data used in examples
More informationEnhancing Web Publishing with Digital Asset Management - Using Open Text Artesia DAM to enhance your Open Text WCMS (Red Dot) web sites
Enhancing Web Publishing with Digital Asset Management - Using Open Text Artesia DAM to enhance your Open Text WCMS (Red Dot) web sites Lars Onasch Wolfgang Ruth Agenda A Brief Introduction Customer Examples
More informationSecurity Information and Event Management
Security Information and Event Management sponsored by: ISSA Web Conference April 26, 2011 Start Time: 9 am US Pacific, Noon US Eastern, 5 pm London Welcome Conference Moderator Phillip H. Griffin ISSA
More informationA Survey Study on Monitoring Service for Grid
A Survey Study on Monitoring Service for Grid Erkang You erkyou@indiana.edu ABSTRACT Grid is a distributed system that integrates heterogeneous systems into a single transparent computer, aiming to provide
More informationLSC @ LDAPCON. 2011. Sébastien Bahloul
LSC @ LDAPCON. 2011 Sébastien Bahloul About me Developer and software architect 10 years experience in IAM Recently hired as product manager by a French security editor, Dictao, providing : personal and
More informationIBM InfoSphere Guardium
IBM InfoSphere Guardium Enterprise-wide Database Protection and Compliance Jānis Bērziņš, DPA 08.11.2012 Data is the key target for security breaches.. and Database Servers Are The Primary Source of Breached
More informationORACLE OPS CENTER: PROVISIONING AND PATCH AUTOMATION PACK
ORACLE OPS CENTER: PROVISIONING AND PATCH AUTOMATION PACK KEY FEATURES PROVISION FROM BARE- METAL TO PRODUCTION QUICKLY AND EFFICIENTLY Controlled discovery with active control of your hardware Automatically
More informationSnapLogic Sidekick Guide
SnapLogic Sidekick Guide Document Release: October 2013 SnapLogic, Inc. 2 West 5th Avenue, Fourth Floor San Mateo, California 94402 U.S.A. www.snaplogic.com Copyright Information 2011-2013 SnapLogic, Inc.
More informationPhoronix Test Suite v5.8.0 (Belev)
(Belev) Phoromatic User Manual Phoronix Test Suite Phoromatic Phoromatic Server Introduction Phoromatic is a remote management system for the Phoronix Test Suite. Phoromatic allows the automatic (hence
More informationPAKITI Patching Status System
PAKITI Patching Status System EGI-InSPIRE A Race for Security: Identifying Vulnerabilities on 50 000 Hosts Faster then Attackers Michal Procházka 1, Daniel Kouřil 1, Romain Wartel 2, Christos Kanellopoulos
More informationMcAfee Web Gateway 7.4.1
Release Notes Revision B McAfee Web Gateway 7.4.1 Contents About this release New features and enhancements Resolved issues Installation instructions Known issues Find product documentation About this
More informationSiebel Application Deployment Manager Guide. Siebel Innovation Pack 2013 Version 8.1/8.2 September 2013
Siebel Application Deployment Manager Guide Siebel Innovation Pack 2013 Version 8.1/8.2 September 2013 Copyright 2005, 2013 Oracle and/or its affiliates. All rights reserved. This software and related
More informationJitterbit Technical Overview : Salesforce
Jitterbit allows you to easily integrate Salesforce with any cloud, mobile or on premise application. Jitterbit s intuitive Studio delivers the easiest way of designing and running modern integrations
More informationAdobe Systems Incorporated
Adobe Connect 9.2 Page 1 of 8 Adobe Systems Incorporated Adobe Connect 9.2 Hosted Solution June 20 th 2014 Adobe Connect 9.2 Page 2 of 8 Table of Contents Engagement Overview... 3 About Connect 9.2...
More informationBMC BladeLogic Client Automation Installation Guide
BMC BladeLogic Client Automation Installation Guide Supporting BMC BladeLogic Client Automation 8.2.02 January 2013 www.bmc.com Contacting BMC Software You can access the BMC Software website at http://www.bmc.com.
More informationAnsible in Depth WHITEPAPER. ansible.com +1 800-825-0212
+1 800-825-0212 WHITEPAPER Ansible in Depth Get started with ANSIBLE now: /get-started-with-ansible or contact us for more information: info@ INTRODUCTION Ansible is an open source IT configuration management,
More informationContent Distribution Management
Digitizing the Olympics was truly one of the most ambitious media projects in history, and we could not have done it without Signiant. We used Signiant CDM to automate 54 different workflows between 11
More informationCentralized Orchestration and Performance Monitoring
DATASHEET NetScaler Command Center Centralized Orchestration and Performance Monitoring Key Benefits Performance Management High Availability (HA) Support Seamless VPX management Enables Extensible architecture
More informationOracle Linux Overview. Presented by: Anuj Verma Title: Senior Pre-Sales Consultant
Oracle Linux Overview Presented by: Anuj Verma Title: Senior Pre-Sales Consultant Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information
More informationMcAfee Policy Auditor 6.0 software Product Guide for epolicy Orchestrator 4.6
McAfee Policy Auditor 6.0 software Product Guide for epolicy Orchestrator 4.6 COPYRIGHT Copyright 2011 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed,
More information