Red Hat blog
This year you've got a lot of decisions to make before you got to Red Hat Summit in San Francisco, CA from 8-10 May 2018.
There are breakout sessions, birds-of-a-feather sessions, mini sessions, panels, workshops, and instructor led labs that you're trying to juggle into your daily schedule. To help with these plans, let's try to provide an overview of the labs in this series.
In this article, the focus narrows to security, where you can get hands-on with everything from cloud security, security compliance automation, developing secure solutions and digging in to container security.
The following hands-on labs are on the agenda, so let's look at the details of each one.
In this hands-on lab, we'll review using OpenSCAP to perform automated security compliance for bare-metal machines, virtual machines, and containers. SCAP content customization lets you fit security policies to your use case.
- Evaluate targets using the command-line and GUI interface.
- Learn how to scale to small and large infrastructures using Red Hat Satellite 6.
- Explore new possibilities to generate Ansible Playbooks from security compliance content, then deploy at scale using Red Hat Ansible Tower.
Presenters: Martin Preisler, Red Hat, Watson Sato, Red Hat
A Practical Introduction to Container Security (3rd Ed.)
Linux containers provide convenient application packing and run time isolation in multi tenant environments. However, the security implications of running containerized applications is often taken for granted. For example, today it is very easy to pull container images from the Internet and run them in the enterprise without examining their content and authenticity.
In this lab, you'll complete a series of low-level, hands-on exercises aimed at understanding the concepts, challenges, and best practises associated with deploying containers in a secure fashion. Topics include registry configuration, SELinux, capabilities, and SECCOMP profiles, along with image inspection, scanning, and signing. This third edition may be based on CRI-O, depending on Red Hat Enterprise Linux feature release time frames.
Presenters: Bob Kozdemba, Red Hat, Daniel Walsh, Red Hat, Aaron Weitekamp, Red Hat
OpenShift + single sign-on = Happy security teams and happy users
One username and password to rule them all.
In this lab, we'll discuss and demonstrate single sign-on technologies and how to implement them using Red Hat products. We'll take you through bringing up an OpenShift cluster in a development environment, installing Red Hat single sign-on on top of it, and then integrating that with a variety of example applications.
Presenters: Dustin Minnich, Red Hat, Josh Cain, Red Hat, Jared Blashka, Red Hat, Brian Atkisson, Red Hat
Defend yourself using built-in Red Hat Enterprise Linux security technologies
In this lab, you'll learn about the built-in security technologies available to you in Red Hat Enterprise Linux.
You will use OpenSCAP to scan and remediate against vulnerabilities and configuration security baselines. You will then block possible attacks from vulnerabilities using Security-Enhanced Linux (SELinux) and use Network Bound Disk Encryption to securely decrypt your encrypted boot volumes unattended. You will also use USBGuard to implement basic white listing and black listing to define which USB devices are and are not authorized and how a USB device may interact with your system. Throughout your investigation of the security issues in your systems, you will utilize the improved audit logs and automate as many of your tasks as possible using Red Hat Ansible Automation. Finally, you will make multiple configuration changes to your systems across different versions of Red Hat Enterprise Linux running in your environment, in an automated fashion, using the Systems Roles feature.
Presenters: Lucy Kerner, Red Hat, Miroslav Grepl, Red Hat, Paul Moore, Red Hat, Martin Preisler, Red Hat, Peter Beniaris
Up and running with Red Hat identity management
Red Hat identity management (IdM) can play a central role in user authentication, authorization, and control. It can manage critical security components such as SSH keys, host-based access controls, and SELinux contexts—in a standalone environment or in a trust relationship with a Microsoft Active Directory domain controller.
In this lab, you'll learn:
- Basic installation and configuration of IdM
- Configuration of an IdM replica - Joining of clients to the IdM domain
- Basic user and host management activities
- sudo setup
- SSH key management
Attendees will leave with a lab that can be repeated in their own environments and form the basics for a rudimentary environment.
Presenters: James Wildman, Red Hat, Chuck Mattern, Red Hat
Implementing proactive security and compliance automation
In this hands-on lab, we'll show you how to automate security and compliance using a combination of Red Hat CloudForms, Red Hat Satellite, Red Hat Ansible Tower, Red Hat Insights, and OpenSCAP.
Specifically, you'll do a series of exercises to show you how to:
- Use Red Hat CloudForms to create control policies.
- Use the data provided by Red Hat Insights for proactive security and automated risk management.
- Use Red Hat Ansible Tower for automated security remediations.
- Use Red Hat CloudForms as the central place for security and compliance automation.
- Automate security scans and remediations using the OpenSCAP integration with Red Hat Satellite and Red Hat Ansible Tower.
Presenters: Lucy Kerner, Red Hat, William Nix, Red Hat, Kevin Morey, Red Hat, Patrick Rutledge, Red Hat, Nate Stephany, Red Hat
Stay tuned for more Red Hat Summit 2018 Labs and watch for more online under the tag #RHSummitLabs.