Tutorial: Advancing security in federated clouds

Europe/Helsinki
Room 7 (Helsinki University, Main Building)

Room 7

Helsinki University, Main Building

Daniel Kouril (CESNET), David Groep (FOM), Dennis van Dok (FOM), Sven Gabriel (FOM)
Description

This tutorial is part of the EGI Community Forum 2014 (Helsinki, 19-23 May)

Overview
Abstract of the tutorial.
In the cloud world many of the system administration tasks have moved away from experts managing the infrastructure to other entities, which are then responsible to provide securely configured and patched services (Cloud-VMs).

This training will provide VM-Endorsers/Operators/Users and VO security responsible with hands-on exercises to set-up and configure Cloud resources with basic security features.

In the first part we're kicking off with an introduction to ssh, and immediately get hands-on with logging into the prepared training systems and hardening the security setup.
The participants will learn some useful tricks that will make day-to-day use of ssh safer and more pleasant, as well as the best practices with setting up a firewall with iptables and fail2ban.

The second part focuses on security monitoring and logging.
After an introduction to the patch-status monitoring tool PAKITI (http://pakiti.sourceforge.net/ ) and a central syslog service, the participants will set-up and configure these services in a training environment.
 

Who should attend?
This tutorial is particular interesting for:
- VM Endorsers
- Cloud Users
- VO Security Officers
- Cloud service provides

Prerequisites (what should I know beforehand?)
generate a ssh key (if needed)
copy your *ssh public key* in the "Address Field" of the registration form

What do I need to bring?
Laptop

Slides
Participants
  • Boris Parak
  • Bozidar Proevski
  • Dennis van Dok
  • Eric Yen
  • Goncalo Borges
  • Johan Guldmyr
  • Johan Guldmyr
  • Kouril Daniel
  • Kouril Daniel
  • Luis Alves
  • Mischa Salle
  • Nicolas Clementin
  • Sven Gabriel
  • Tibor Kurca
  • Vanessa Hamar
  • Zdenek Sustr
The agenda of this meeting is empty