Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Learning Puppet Security
  • Table Of Contents Toc
Learning Puppet Security

Learning Puppet Security

By : Slagle
4 (3)
Buy this Book
close
close
Learning Puppet Security

Learning Puppet Security

4 (3)
By: Slagle
Buy this Book

Overview of this book

If you are a security professional whose workload is increasing, or a Puppet professional looking to increase your knowledge of security, or even an experienced systems administrator, then this book is for you. This book will take you to the next level of security automation using Puppet. The book requires no prior knowledge of Puppet to get started.
Table of Contents (12 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Convention
Icon
Reader feedback
Icon
Customer support
Lock Free Chapter
1
1. Puppet as a Security Tool
Icon
1. Puppet as a Security Tool
Icon
What is Puppet?
Icon
Installing and configuring Puppet
Icon
Preparing the environment for examples
Icon
Puppet for security and compliance
Icon
Example – using Puppet to secure openssh
Icon
Summary
2
2. Tracking Changes to Objects
Icon
2. Tracking Changes to Objects
Icon
Change tracking with Puppet
Icon
The audit meta-parameter
Icon
Using audit on files
Icon
Auditing the password file
Icon
Audit on other resource types
Icon
Auditing a package
Icon
Things to know about audit
Icon
Alternatives to auditing
Icon
Using noop
Icon
Summary
3
3. Puppet for Compliance
chevron up
Icon
3. Puppet for Compliance
Icon
Using manifests to document the system state
Icon
Tracking history with version control
Icon
Facts for compliance
Icon
The PCI DSS and how Puppet can help
Icon
Summary
4
4. Security Reporting with Puppet
Icon
4. Security Reporting with Puppet
Icon
Basic Puppet reporting
Icon
PuppetDB and reporting
Icon
Reporting for compliance
Icon
Summary
5
5. Securing Puppet
Icon
5. Securing Puppet
Icon
Puppet security related configuration
Icon
SSL and Puppet
Icon
Autosigning certificates
Icon
Summary
6
6. Community Modules for Security
Icon
6. Community Modules for Security
Icon
The Puppet Forge
Icon
The herculesteam/augeasproviders series of modules
Icon
The arildjensen/cis module
Icon
The saz/sudo module
Icon
The hiera-eyaml gem
Icon
Summary
7
7. Network Security and Puppet
Icon
7. Network Security and Puppet
Icon
Introducing the firewall module
Icon
The firewall type
Icon
The firewallchain type
Icon
Creating pre and post rules
Icon
Adding firewall rules to other modules
Icon
Summary
8
8. Centralized Logging
Icon
8. Centralized Logging
Icon
Welcome to logging happiness
Icon
Logstash and Puppet
Icon
Installing Elasticsearch
Icon
Reporting on log data
Icon
Configuring hosts to report log data
Icon
Summary
9
9. Puppet and OS Security Tools
Icon
9. Puppet and OS Security Tools
Icon
Introducing SELinux and auditd
Icon
SELinux and Puppet
Icon
Configuring SELinux with community modules
Icon
Configuring auditd with community modules
Icon
Summary
10
A. Going Forward
Icon
A. Going Forward
Icon
What we've learned
Icon
Where to go next
Icon
Final thoughts
11
Index
Icon
Index

Chapter 3. Puppet for Compliance

Whether you run one, five, or 10,000 machines; if you're in the business world, you have some level of necessary compliance. Compliance issues can be complicated. There is nothing most system administrators hate more than dealing with an auditor for several days. What if there was a way in which your systems would be self-documenting? These documents would show the system state and can be given to the auditor. With Puppet, this is possible.

In this chapter, we will explore how to do the previously mentioned points. We'll cover the following topics before we wrap it up:

  • Using manifests to document the system state
  • How version control helps show history
  • PCI DSS and Puppet
  • How we can use facts to show system information

What is the PCI DSS? The Payment Card Industry Data Security Standard (PCI DSS) is a set of standards created for the credit card industry, to address the cardholder security information. The author of this book has personal experience...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Learning Puppet Security
End of Section 3
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon