Application for centrally managing RHEL security

Latest response

Could someone recommend third party tools/applications for managing Linux security?
If there is something similar to Microsoft Group Policy. Which is the management tool that allows to apply security settings to all members of the domain.

DL
Log in to join the conversation

Responses

David Powles's picture Red Hat 25369 points
23 January 2014 9:49 AM

Dennis, are you familiar with SELinux? There's a range of resources for this tool available on the Portal, like the tutorial series that starts here: https://access.redhat.com/site/articles/217213

DL Community Member 20 points
23 January 2014 7:35 PM

Hi David
I am familiar with SELinux. It is great security tool, no doubt.
But what I am looking for is the central view and management tool.
I looked at few solutions and found puppet enterprise as best fit for our needs.

james.radtke@siriusxm.com's picture Guru 6863 points
26 January 2014 10:38 PM

Hi Dennis, I'm afraid to answer your question would be extremely difficult as there are so many different aspects of security and the products associated. Active versus Passive, Current versus Historical, etc..

Here are a few different tools I have looked in to:
File Integrity Monitor (TripWire)
Port Scanner/Vulnerability Scanner (Nessus)
Active Protection (SElinux (setools), IPtables (dome9))
and Intrusion Detection (Snort)

I found the following while I have been researching SCAP recently:
http://nvd.nist.gov/scapproducts.cfm

At this point, I believe openSCAP is going to provide the most bang-for-the-buck for my environment. It is (mostly) integrated with our current RHEL stack, has a HUGE and trusted group diligently developing the standard and improving it and it evaluates a TON of different items.

I also have started to look here:
http://www.linuxsecurity.com/

DL Community Member 20 points
27 January 2014 8:12 PM

Hi James
Thanks a lot for your answer. You are right, there are different aspects to look for.
I would describe ours as - Active, Harden

openSCAO looks very interesting. We actually use one of those validated products Qualys for compliance and vulnerability scans.

The product I am looking for would allow us to eliminate changes in defined configuration settings.

james.radtke@siriusxm.com's picture Guru 6863 points
27 January 2014 8:30 PM

For active config management and RBAC, I wonder if something like PowerBroker would help you out. I believe it can lock down the box to prevent people from making changes (even though they have OS-level privs to do so).

Stephen Sadowski's picture Active Contributor 135 points
27 January 2014 1:56 PM

Dennis:

Keep in mind too that Red Hat's Identity Management bundle does thing like allow you to centrally manage authentication, selinux policies, group policies, accounts, etc - and in a current tech preview can even set up an Active Directory trust.

It's based off of FreeIPA - so you can get the information in the RHEL6 IdM document OR from FreeIPA.org

DL Community Member 20 points
27 January 2014 8:18 PM

Hi Stephen,
Thank you for your recommendation. It may be not exactly what I was looking for here. However this IdM looks like great tool for authentication management.
The more I read about it, I think it may work.

james.radtke@siriusxm.com's picture Guru 6863 points
27 January 2014 8:30 PM

In fairness I think Red Hat missed the mark with naming that product IdM, based on what most people consider Identity Management to entail.

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.