Monthly Archives: November 2014

Security Checklists and the US National Checklist Program

The last article introduced the need to automate security. If you are going to perform a security audit you need a checklist. Let’s spend a minute on this. If you want a predictable outcome, you need a standard process – … Continue reading

Posted in Security | Leave a comment

Availability of OpenLMI in Various Linux Distributions

A quick update on the availability of OpenLMI: I have tested Fedora, RHEL, CentOS, and OEL servers using the LMI CLI running on a Fedora system – the cross platform access works. Fedora Fedora is the primary development platform for … Continue reading

Posted in System Management | 2 Comments

LISA’14 – Are We Making Linux Too Easy?

LISA’14, the Large Installation System Administration conference, was held in Seattle last week. I had the opportunity to give a talk on Server Management – if you are interested, the slides are available here. One of the questions caught me … Continue reading

Posted in System Management | 8 Comments

Automation – a Security Imperative

The last post concluded with the cry “there has to be a better way!”. So far we have established: Security Guides are a good idea and exist in almost all organizations. Security audits are good and widely used. Security guides … Continue reading

Posted in Security | Leave a comment

System Audits – There Has to be a Better Way!

The last post laid out guidelines for a security guide. We’re now at the point where we can discuss a system audit. We have defined what an audit is, what security requirements are, and what a security guide is. At … Continue reading

Posted in Security | Leave a comment

High Level Requirements for a Security Guide

The previous post explored the kinds of information that might be in a security guide. Let’s lay out some basic requirements for a security guide: The security guide must exist. It must be available, updated, and maintained. The security guide … Continue reading

Posted in Security | Leave a comment

What is a Security Guide?

The last article introduced the concept of a security guide – but what is it? In many cases a security guide is a binder full of often vague, occasionally overly specific and sometimes conflicting requirements. It has usually grown and … Continue reading

Posted in Security | 2 Comments