Ansible Tower is a management tool designed to help automate infrastructure operations. Ansible Tower features management of host inventory, Ansible playbooks, access keys and passwords, as well as detailed reporting and audit of infrastructure deployments. Ansible Tower is designed for team-based infrastructure management, and as such, facilitates user’s involvement at different levels of the infrastructure operations. It enhances basic Ansible CLI operations with a visual overview of the infrastructure states and provides management workflows across the enterprise. Using Ansible Tower, users can schedule Ansible playbook runs and monitor current and historical results, allowing for troubleshooting or identification of issues before they occur.
Continue reading “Introducing Ansible Tower Integration in CloudForms 4.1”
The recent discovery of a protocol flaw on Samba server (see CVE-2016-2118) raises once again the question of managing security and compliance of systems. How can we identify easily which systems are affected? And, how can we validate that these environments are correctly patched?
Continue reading “Are your systems affected by BADLOCK Security flaw?”
As you have probably noticed by now, the attack on OpenSSL known as DROWN – Decrypting RSA using Obsolete and Weakened eNcryption has recently been discovered. Red Hat Product Security have provided patches for OpenSSL and recommend to apply them to affected systems.
In this post, we will discuss how Red Hat CloudForms and ManageIQ can assist in identifying environments at risk of the DROWN OpenSSL cross-protocol vulnerability. In addition, CloudForms can audit your environments and validate that the patches have been applied.
How can Red Hat CloudForms help?
CloudForms provides a policy based compliance check which can be used to verify software and configuration of servers and validate security requirements. These policies are created as a combination of an event, a condition and an action, and use a scope (usually set to infrastructure or guests) to determine if the policy needs to run. Additional information on using policies can be found in the product documentation: Defining policies and profiles.
Continue reading “Managing Patching Compliance Using DROWN OpenSSL Vulnerability as an Example”