This past August, Red Hat announced the availability of Red Hat Virtualization 4.0, the latest virtualization release that aims to help IT organizations modernize their infrastructure, enhance their virtualization management and automation, and deploy advanced networking functionality. As a Software Engineer, I know that releases are exciting and early adopter customers eagerly await for the opportunity to deploy the latest features. However, the the upgrade process has not always been seamless. Through my work with the Customer Support Team, we have been exploring tools to streamline and simplify the upgrade process.
Continue reading “Upgrade Your Red Hat Virtualization Environment with a Simple Tool”
What if I told you that you can have your Red Hat Enterprise Linux (RHEL) based Cloud infrastructure, with Red Hat Virtualization, OpenStack, OpenShift and CloudForms all setup before you have to stop for lunch?
Would you be surprised?
Could you do that today?
In most cases I am betting your answer would be not possible, not even on your best day. Not to worry, the solution is here and it’s called the QuickStart Cloud Installer (QCI).
Welcome to another post dedicated to the use of Identity Management (IdM) and related technologies in addressing the Payment Card Industry Data Security Standard (PCI DSS). This specific post is related to requirement three (i.e. the requirement to protect stored cardholder data). In case you’re new to the series – the outline and mapping of individual articles to the requirements can be found in the overarching post that started the series.
Section three of the PCI DSS standard talks about storing cardholder data in a secure way. One of the technologies that can be used for secure storage of cardholder data is
We often compare the security of containers to virtual machines and ask ourselves “…which is more secure?” I have argued for a while now that comparing containers to virtual machines is really a false premise – we should instead be comparing containers to
Continue reading “Container Tidbits: The Tenancy Scale”
This article is third in a series dedicated to the use of Identity Management (IdM) and related technologies to address the Payment Card Industry Data Security Standard (PCI DSS). This specific post covers the PCI DSS requirement related to not using vendor-supplied defaults for system passwords and other security parameters. The outline and mapping of individual articles to the requirements can be found in the overarching post that started the series.
The second section of the PCI-DSS standard applies to defaults – especially passwords and other security parameters. The standard calls for the reset of passwords (etc.) for any new system before placing it on the network. IdM can help here. Leveraging IdM for centralized accounts and policy information allows for a simple automated provisioning of new systems with
Continue reading “PCI Series: Requirement 2 – Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters”
In our third and final installment (see: part one & part two), let’s take a look at some high-level use cases for Linux containers as well as finally (finally) defending what I like to call “pet” containers. From a general perspective, we see three repeated high-level use cases for containerizing applications:
The fully orchestrated, multi-container application as you would create in OpenShift via the Red Hat Container Development Kit;
Loosely orchestrated containers that don’t use advanced features like application templates and Kubernetes; and
Continue reading “In Defense of the Pet Container, Part 3: Puppies, Kittens and… Containers”
This article is one of the blog posts dedicated to use of Identity Management (IdM) and related technologies to address the Payment Card Industry Data Security Standard (PCI DSS). This specific post is related to requirement one – install and maintain a firewall configuration to protect cardholder data. The outline and mapping of individual articles to the requirements can be found in the overarching post that started the series.
The first requirement of the PCI standard talks about the firewalls and networking. While Red Hat’s Identity Management solution is not directly related to setting up networks and firewall rules, there are several aspects of IdM that
Continue reading “PCI Series: Requirement 1 – Install and Maintain a Firewall Configuration to Protect Cardholder Data”
In my previous two blogs, I discussed how businesses focus on deployable IoT solutions versus PoCs (proof of concepts) and the value of bringing intelligence to the edge. This time, I would like to look at the importance of combining existing enterprise data with an IoT data stream.
Most enterprises have multiple constituencies of infrastructure, applications, employees, customers, suppliers, processes and policies that are needed to run the business. Any new systems, including those dealing with IoT, need to be architected to fit within this context. The real value of IoT lies in
Continue reading “Making IoT Deployments Work Effectively with Existing Systems”
The Payment Card Industry Data Security Standard (PCI DSS) is not new. It has existed for several years and provides security guidelines and best practices for the storage and processing of personal cardholder data. This article takes a look at PCI DSS 3.2 (published in April of 2016) and shows how Identity Management in Red Hat Enterprise Linux (IdM) and related technologies can help customers to address PCI DSS requirements to achieve and stay compliant with the standard. If you need a copy of the PCI DSS document it can be acquired from the document library at the following site: www.pcisecuritystandards.org
In October of 2015 Red Hat published a paper that gives an overview of the PCI DSS standard and shows how Red Hat Satellite and other parts of the Red Hat portfolio can help customers to address their PCI compliance challenges. In this post I would like to expand on this paper and drill down into more detail about
Continue reading “Identity Management and Related Technologies and their Applicability to PCI DSS”