When it comes to managing security risks, enterprises face an increasing number of challenges. One of these challenges is managing the security health of the IT infrastructure and this is a critical, ongoing, constantly evolving need. As an enterprise, managing the security risks on your infrastructure without any disruption to the business has become a critical exercise.
The security of your infrastructure is no longer a concern only for the security roles in your organization. Security topics are repeatedly brought up in the C-suite and in board discussions. When the stakes are high and the health or your business depends on it, you need to have a game plan to stay ahead of these risks while keeping the operational costs in check.
The key challenges:
Although there are many different types of challenges organizations face, three key challenges that seem to be industry-agnostic are:
Infrastructure has grown across a hybrid cloud environment with deployments in both on-premise and multi-cloud environments. The ability to efficiently manage security across these complex deployments while keeping operations costs in check is essential.
Fewer resources are available to manage the environment as many organizations face cost pressures. This issue becomes a double-whammy as the infrastructure grows and the resources to manage it shrink.
An evolving threat landscape challenges you because it is both relentless and seemingly one-step ahead. Your data and intellectual property are valuable, not just to you -- it's valuable to attackers as well.
How can Red Hat Insights help enterprises address these challenges?
Red Hat Insights is an operational efficiency and security risk management solution that provides continuous, in-depth analysis of registered Red Hat Enterprise Linux systems and is included in your Red Hat Enterprise Linux subscription. Some users have referred to Insights as "like having an extra pair of eyes" to help you identify and manage risks for security, compliance, and operations across your evolving environments.
Red Hat Insights can directly help with the challenges cited above:
Red Hat Insights provides a single pane of glass for your infrastructure, including systems deployed on-premise and across multiple clouds. Once your systems are registered with Red Hat Insights, the ability to manage them through a single dashboard makes it considerably easier as your organization grows it’s footprint.
Red Hat Insights is integrated with Red Hat Ansible to find the risks and implement the remediations at scale using automation. The ease with which users are able to create Ansible playbooks and deploy patches helps to remove the resources challenges often encountered.
What about the security challenges?
Red Hat Insights has two services to help users manage the security challenges they may need to assess and monitor: vulnerability and compliance.
The Vulnerability service enables users to assess & monitor, remediate, and report on the CVEs that impact the Red Hat Enterprise Linux infrastructure.
Assess and monitor: Users have an easy way to triage and prioritize CVEs while keeping track of those that pose the greatest risk with user-defined fields. They also have the ability to identify and keep track of where a given CVE may be in the organization’s vulnerability management process, enabling them to keep relevant information in one place.
Ansible remediation allows users to easily add to existing playbooks or create new ones as needed to remediate the issues with automation, which reduces operational overhead.
Finally, users have the ability to download reports in PDF, JSON, and CSV format to keep stakeholders informed and up to date. WYSIWYG reporting is available today in JSON and CSV format and an Executive Report is available in PDF format. (See Figures 1 and 2.)
Figure 1. CVE view within the vulnerability service
Figure 2. Executive report generated by the vulnerability service
The Compliance service enables users to configure, monitor, remediate, and report on regulatory compliance policies that are pertinent to their organization via OpenSCAP.
Create and monitor: Users have the ability to configure and tailor compliance policies supported with Red Hat Enterprise Linux with the click of a few buttons and directly from within the compliance service. The compliance service then takes care of the rest and works behind the scenes with OpenSCAP to assess systems defined within the policy and providing reporting that enables customers to understand where gaps may exist.
Ansible remediation allows users to easily address any gaps identified in the previous step so that compliance gaps can be filled expeditiously so as to avoid penalties, disruption to business, or perhaps worst of all a security incident.
Users have access to in-app reporting that enables them to communicate compliance levels per policy or drill deep and understand which configuration rules are failing down to an individual system level. JSON and CSV reports are also available currently. (See Figure 3.)
Figure 3. Detailed view of a ASSC report for a RHEL system
The functionality that’s defined within the vulnerability and compliance services of Insights continues to evolve with feature rich developments underway. Reporting, usability improvements, and integration to third party ticketing systems to further automate and make the workflows within your organization more seamless are on the roadmap.
Customers with a subscription to Red Hat Smart Management will also have access to push-button functionality available with the “Cloud Connector” within Red Hat Insights. The Cloud Connector provides easy to use integration across the recommendations in Red Hat Insights to remediate at scale across on-premise and cloud instances for RHEL. (See Figure 4)
Figure 4. Cloud Connector via Red Hat Insights
Want more information?
We held a Red Hat Insights webinar about managing security and compliance risk recently that included a short demonstration of the Vulnerability and Compliance services as part of Red Hat Insights. You can watch its recording on-demand here. I encourage you to also check out the Red Hat Insights Ask Me Anything Webinar Library which includes a link to this replay, access to webinars on other aspects of Insights, and a schedule of upcoming events.
If you are not using Red Hat Insights, it is included as part of your RHEL subscription - find more information and get started today by visiting Red Hat Insights.