Capgemini Oracle Blog

Capgemini Oracle Blog

Opinions expressed on this blog reflect the writer’s views and not the position of the Capgemini Group

Automate Oracle Linux security hardening

Category : Security

Security becomes more and more a topic that receives the level of attention it deserves. For long security has been a topic that has commonly been seen something that, the other department for sure is handling. More and more security is becoming engraned in every level of IT departments and business organizations. 

Companies start to realize that security is a subject that should be the foundation of the enterprise architecture and not something you add on top at a later stage and you do just a bit. Architects, developers and administrators as well as business and IT management becomes aware that ensuring the right level of security is vital for surviving and crucial to ensure day to day operations are not hindered in any way or form.

One part of security, and a very important one for that matter, is the security of your operating system. When deploying new Oracle Linux instances it is important that you ensure that your linux installation is secure and a best practice is that you ensure that your Oracle Linux installation is compliant with the CIS benchmark for Oracle Linux.

When deploying new systems in an automated and self-service manner it is important that you ensue that security is an integrated part of the deloyment model and part of the automated steps.

In the above diagram the following steps are undertaken as part of an automated deployment model.
 

  1. The user requests a new system via a self service portal
  2. A standard golden machine image is used to build an Oracle Linux instance. 
  3. The resulting virtual machine is hardened by default and includes all standard hardening rules and settings as defined in the golden machine image.
  4. The new virtual machine registers itself with Puppet and Puppet will implement all additional security measures needed for a deployment to make it truly safe
  5. The new virtual machine registers itself with Oracle Enterprise Manager. Oracle Enterprise Manager will use the compliancy framework options to monitor and report on the level of compliancy against the security baseline defined. 
  6. The automation layer reports back to the user that the machine is ready for use. 

A more detailed view on how to ensure that you include security as part of your automated deployment strategy can be found at this page.

For more information on this subject you can contact Johan Louwers directly via johan.louwers@capgemini.com

About the author

Johan Louwers

Leave a comment

Your email address will not be published. Required fields are marked *.