Among the many challenges telco IT departments have is keeping up with the necessary security and compliance audits to safeguard their systems. And those challenges persist whether the IT environment is physical, virtual, in the cloud, uses containers, or some combination thereof. At this year’s Red Hat Summit in Boston, May 2-4, you’ll have the chance to learn how to mitigate those challenges and the security risks they pose. And you’ll get an inside look at how to establish and secure network communications with the cryptographic components of Red Hat Enterprise Linux 7.
The session, Automating security compliance for physical, virtual, cloud, and container environments with Red Hat CloudForms, Red Hat Satellite, and Ansible Tower by Red Hat, is led by Lucy Kerner, Red Hat’s principal technical product marketing manager, Security. Kerner will cover how to provision a security-compliant host and quickly detect and remediate security and compliance issues in physical, virtual, cloud, and container environments. She’ll also discuss possible compliance challenges and show attendees how a combination of Red Hat CloudForms, Red Hat Satellite, and Ansible Tower by Red Hat can help you quickly achieve compliance, automate security, and complete remediation.
During the presentation, Kerner will walk through the integration of Red Hat CloudForms with Red Hat Satellite and Ansible Tower by Red Hat, and how to use the OpenSCAP integration in Red Hat Satellite, to perform audit scans and remediations. Kerner will also discuss how these products can help automate security to ensure compliance against various profiles, such as:
- The U.S. Government Configuration Baseline (USGCB)
- The Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG)
- The Centralized Supercomputing Facility (CSCF) baseline
- The U.S. Government Commercial Cloud Services (C2S) baseline
- The Certified Cloud and Service Provider (CCSP) baseline
- Center for Internet Security (CIS) Benchmarks
- The Payment Card Industry Data Security Standard (PCI DSS) Custom policies
At this session, The security of cryptography, you’ll learn all about the cryptographic components of Red Hat Enterprise Linux 7 and capabilities to establish and secure network communications. Nikos Mavrogiannopoulos, crypto tech lead at Red Hat, will detail recent cryptographic advancements, including capabilities shipping in Red Hat Enterprise Linux 7, smart card support, hardware security module (HSM) support, CA Unified storage, and HTTP/2 crypto-related features.
He will also review modern threats to crypto—such as quantum computers and backdoor algorithms—and how new technologies—such as ChaCha20/Poly1305, Transport Layer Security (TLS) 1.3, X25519, Online Certificate Status Protocol (OSCP) stapling, and Let’s Encrypt—can address them.
Finally, Mavrogiannopoulos will go over Red Hat’s current and future Federal Information Processing Standard (FIPS) 140-2 certification roadmap, including how third parties can use Red Hat’s cryptographic capabilities to meet U.S. and international data encryption requirements, such as the Payment Card Industry Data Security Standard (PCI-DSS).
Both sessions are on Thursday, May 4. The session on automating security compliance is 10:15 a.m. – 11 a.m. in Room 157C. And the session on cryptography is 11:30 a.m. – 12:15 p.m. in room 156C. We look forward to seeing you during the Red Hat Summit at the Boston Convention and Exhibition Center!