Recent Red Hat Enterprise Linux releases see an expansion in support of the smart card related use cases. However customers usually have a mixed environment and standardize on a specific version of Red Hat Enterprise Linux for period of time. It is important to understand the
Continue reading “Smart Card Support in Red Hat Enterprise Linux”
The open source community and the IT industry as a whole continue to discuss how they can use different hardware architectures to solve hard computational problems and address specific workloads. Customers value choice in their technology implementations, and choice is a key benefit of open source solutions. To best meet these needs, the software ecosystem has to
Continue reading “Keeping pace with multiple architectures (Part 1)”
Increasing Interest in Identity Management
During last several months I’ve seen a rapid growth of interest in Red Hat’s Identity Management (IdM) solution. This might have been due to different reasons.
While there is a lot more than just the “Regulatory Technical Standard 25”, abbreviated to RTS 25 from now on, in the EU’s MiFID II regulations, the focus of this blog is all around RTS 25 and achieving compliance with the time synchronisation requirements this entails.
At a high level, the goal of MiFID ii is
Continue reading “MiFID ii, RTS 25 and time synchronisation in Red Hat Enterprise Linux and Red Hat Virtualization”
Questions related to DNS and service discovery regularly come up during deployments of Identity Management (IdM) in Red Hat Enterprise Linux in a trust configuration with Active Directory. This blog article will shed some light of this aspect of the integration.
We will start with a description of the environment. Let us say that the Active Directory environment consist of
Continue reading “Discovery and Affinity”
Most people don’t consider their average USB memory stick to be a security threat. In fact, in a social engineering experiment conducted in 2016 at the University of Illinois and detailed in this research paper, a group of researchers dropped 297 USB sticks outside in the parking lot, in the hallway, and classrooms. Of the 297 USB sticks dropped,
Continue reading “Built-in protection against USB security attacks with USBGuard”
In Part 1, we created a working BIND container with local data storage. We can make changes on the local system that will get picked up in the running container. In this part, we’ll explore how we can manage the service from the host with
Continue reading “Containing System Services in Red Hat Enterprise Linux – Part 2”
At the 2017 Red Hat Summit, several people asked me “We normally use full VMs to separate network services like DNS and DHCP, can we use containers instead?”. The answer is
Continue reading “Containing System Services in Red Hat Enterprise Linux – Part 1”
Last week, Intel launched the new family of Intel® Xeon® scalable processors with new features such as Intel Advanced Vector Extensions 512 (Intel AVX-512), which boost performance of computationally intensive tasks, a new Intel Mesh Architecture for reduced system latency, Intel QuickAssist Technology for hardware acceleration of cryptography and data compression operations and integrated high-speed fabric with Intel Omni-Path Architecture. According to Intel,
Continue reading “Red Hat Enterprise Linux Brings Forth Performance and Scalability Features of New Intel Xeon Processor Family”
As predicted in one of my earlier posts, more and more customers are starting to seriously evaluate and move off of third party Active Directory integration solutions. They want to use or at least consider leveraging identity management technologies available in Red Hat Enterprise Linux.
In the calls and face to face meetings as well as during customer presentations at Red Hat Customer Convergence events, Red Hat Summit, Defence in Depth and other conferences I get a lot of questions about such migration. As it is becoming a common theme, I decided to consolidate some of the thoughts, ideas, and best practices on the matter in a single blog post.
Continue reading “Migrating from third party Active Directory integration solutions”