Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

PuppetConf 2016: Case Study: Puppets in the Government – Kathy Lee (co-author: Glenn Bailey)

144 views

Published on

Here are the slides from Kathy Lee's PuppetConf 2016 presentation called Case Study: Puppets in the Government. Watch the videos at https://www.youtube.com/playlist?list=PLV86BgbREluVjwwt-9UL8u2Uy8xnzpIqa

Published in: Technology
  • Be the first to comment

  • Be the first to like this

PuppetConf 2016: Case Study: Puppets in the Government – Kathy Lee (co-author: Glenn Bailey)

  1. 1. Puppets in the Government Authors: Kathy Lee, Software Developer kathy.w.lee@gmail.com Glenn Bailey, Linux Server Administrator glennbai@gmail.com
  2. 2. DISA and STIGs •  DISA: Defense Information Systems Agency •  STIG: Security Technical Implementation Guide •  DISA publishes STIGS •  STIGs for everything! 2
  3. 3. Problems we hoped Puppet would fix •  Inconsistent configuration of Linux servers •  Failure in STIG compliance – at time of Puppet acquisition, we were hovering around 30% compliance 3
  4. 4. Real costs STIG penalty + soft costs + hard costs = TOO MUCH 4
  5. 5. Post-Puppet compliance •  Oracle Enterprise Linux 5: 98% STIG compliance •  Oracle Enterprise Linux 6: 95% STIG compliance 5
  6. 6. Looking at a STIG •  Walkthrough 6
  7. 7. Using Puppet to comply with a STIG •  Walkthrough 7
  8. 8. Result: # Puppet::sysctl: DISA STIG GEN007860 net.ipv6.conf.default.accept_redirects = 0 8
  9. 9. Up next: Windows •  Same problems we wanted to fix on Linux •  Inconsistent configuration •  STIG compliance •  Release Management 9
  10. 10. Puppet + PowerShell DSC •  Walkthrough 10
  11. 11. Questions? Authors: Kathy Lee, Software Developer kathy.w.lee@gmail.com Glenn Bailey, Linux Server Administrator glennbai@gmail.com

×