Learning Puppet Security

Secure your IT environments with the powerful security tools of Puppet

Learning Puppet Security

This ebook is included in a Mapt subscription
Jason Slagle

1 customer reviews
Secure your IT environments with the powerful security tools of Puppet
$31.99
$39.99
RRP $31.99
RRP $39.99
eBook
Print + eBook
Subscribe and access every Packt eBook & Video.
 
  • 4,000+ eBooks & Videos
  • 40+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 
Preview in Mapt

Book Details

ISBN 139781784397753
Paperback236 pages

Book Description

As application and server environments become more complex, managing security and compliance becomes a challenging situation. By utilizing Puppet and the tools associated with it, you can simplify and automate many of the more repetitive security-related tasks.

Beginning with the simplest cases, you will quickly get up and running by looking at an example Puppet manifest. Moving on, you will learn how to use Puppet to track changes to environments and how this can be used for compliance. As your knowledge increases, you will then get to explore community modules and learn how they can help simplify the deployment of your Puppet environment by using pre-written code contributed by community members. By the end of this book, you will be able to implement a complete centralized logging solution using Logstash and community modules.

Table of Contents

Chapter 1: Puppet as a Security Tool
What is Puppet?
Installing and configuring Puppet
Preparing the environment for examples
Puppet for security and compliance
Example – using Puppet to secure openssh
Summary
Chapter 2: Tracking Changes to Objects
Change tracking with Puppet
The audit meta-parameter
Using audit on files
Auditing the password file
Audit on other resource types
Auditing a package
Things to know about audit
Alternatives to auditing
Using noop
Summary
Chapter 3: Puppet for Compliance
Using manifests to document the system state
Tracking history with version control
Facts for compliance
The PCI DSS and how Puppet can help
Summary
Chapter 4: Security Reporting with Puppet
Basic Puppet reporting
PuppetDB and reporting
Reporting for compliance
Summary
Chapter 5: Securing Puppet
Puppet security related configuration
SSL and Puppet
Autosigning certificates
Summary
Chapter 6: Community Modules for Security
The Puppet Forge
The herculesteam/augeasproviders series of modules
The arildjensen/cis module
The saz/sudo module
The hiera-eyaml gem
Summary
Chapter 7: Network Security and Puppet
Introducing the firewall module
The firewall type
The firewallchain type
Creating pre and post rules
Adding firewall rules to other modules
Summary
Chapter 8: Centralized Logging
Welcome to logging happiness
Logstash and Puppet
Installing Elasticsearch
Reporting on log data
Configuring hosts to report log data
Summary
Chapter 9: Puppet and OS Security Tools
Introducing SELinux and auditd
SELinux and Puppet
Configuring SELinux with community modules
Configuring auditd with community modules
Summary

What You Will Learn

  • Use Puppet manifests to show system compliance and track changes to the operating system resources
  • Generate security reports using PuppetDB to show that the systems are up to date
  • Automate CIS compliance using community modules
  • Configure firewalls automatically based on roles
  • Demystify the Puppet SSL stack
  • Set up centralized logging with dashboard search functionality using Elasticsearch, Logstash, and Kibana
  • Configure your systems to be secure automatically using SELinux with Puppet
  • Use Puppet to assist with PCI DSS compliance

Authors

Table of Contents

Chapter 1: Puppet as a Security Tool
What is Puppet?
Installing and configuring Puppet
Preparing the environment for examples
Puppet for security and compliance
Example – using Puppet to secure openssh
Summary
Chapter 2: Tracking Changes to Objects
Change tracking with Puppet
The audit meta-parameter
Using audit on files
Auditing the password file
Audit on other resource types
Auditing a package
Things to know about audit
Alternatives to auditing
Using noop
Summary
Chapter 3: Puppet for Compliance
Using manifests to document the system state
Tracking history with version control
Facts for compliance
The PCI DSS and how Puppet can help
Summary
Chapter 4: Security Reporting with Puppet
Basic Puppet reporting
PuppetDB and reporting
Reporting for compliance
Summary
Chapter 5: Securing Puppet
Puppet security related configuration
SSL and Puppet
Autosigning certificates
Summary
Chapter 6: Community Modules for Security
The Puppet Forge
The herculesteam/augeasproviders series of modules
The arildjensen/cis module
The saz/sudo module
The hiera-eyaml gem
Summary
Chapter 7: Network Security and Puppet
Introducing the firewall module
The firewall type
The firewallchain type
Creating pre and post rules
Adding firewall rules to other modules
Summary
Chapter 8: Centralized Logging
Welcome to logging happiness
Logstash and Puppet
Installing Elasticsearch
Reporting on log data
Configuring hosts to report log data
Summary
Chapter 9: Puppet and OS Security Tools
Introducing SELinux and auditd
SELinux and Puppet
Configuring SELinux with community modules
Configuring auditd with community modules
Summary

Book Details

ISBN 139781784397753
Paperback236 pages
Read More
From 1 reviews

Read More Reviews