Automating Security Policies, from deployment to auditing using Rudder

A session at LSM / RMLL 2013

Wednesday 10th July, 2013

2:00pm to 2:40pm (WET)

Designing, applying and keeping track of security-oriented rules for your IT infrastructure can be a time-consuming, costly and approximate job. Whether you’re in charge of defining the policy, implementing it or checking for discrepencies, you’ll be aware that all of this takes time, often out-of-hours time, that there is a lot of room for error and usually a considerable gap between ideals and reality - just how big a gap may or may not be shared with everyone involved.

The underlying topics covered will include deploying identical settings everywhere, saving time for multiple changes, near real-time auditing of actual settings, gaining global overview to help analyze vulnerability impacts, and improved reactivity.

This talk will present my experience easing and improving on several of these issues. I will include real-life examples and feedback from several companies where this has been put into action, including benefits (of course) and shortcomings (because there are always some). Last but not least, I will show how Rudder, an open source stack for automating configuration and auditing, can be used to acheive these goals.

The aim of this session is to discuss methods and the approach of automation applied to this field, while demonstrating and giving feedback on some of the possibilities offered by Rudder. I hope to avoid being side-tracked into talking about detailed security recommendations, sticking to simple best practices for the sake of examples, thus focusing on the approach.

About the speaker

This person is speaking at this event.
Jonathan Clarke

Co-founder @Normation, lead @RudderProject, open source mission-critical IT automation #FLOSS. Organiser @devopsREX in Paris. {drinks,brews} real ale.

Coverage of this session

Sign in to add slides, notes or videos to this session

Tell your friends!


Time 2:00pm2:40pm WET

Date Wed 10th July 2013

Short URL


View the schedule



See something wrong?

Report an issue with this session