Tutorial: Advancing security in federated clouds
Room 7
Helsinki University, Main Building
This tutorial is part of the EGI Community Forum 2014 (Helsinki, 19-23 May)
Overview
Abstract of the tutorial.
In the cloud world many of the system administration tasks have moved away from experts managing the infrastructure to other entities, which are then responsible to provide securely configured and patched services (Cloud-VMs).
This training will provide VM-Endorsers/Operators/Users and VO security responsible with hands-on exercises to set-up and configure Cloud resources with basic security features.
In the first part we're kicking off with an introduction to ssh, and immediately get hands-on with logging into the prepared training systems and hardening the security setup.
The participants will learn some useful tricks that will make day-to-day use of ssh safer and more pleasant, as well as the best practices with setting up a firewall with iptables and fail2ban.
The second part focuses on security monitoring and logging.
After an introduction to the patch-status monitoring tool PAKITI (http://pakiti.sourceforge.net/ ) and a central syslog service, the participants will set-up and configure these services in a training environment.
Who should attend?
This tutorial is particular interesting for:
- VM Endorsers
- Cloud Users
- VO Security Officers
- Cloud service provides
Prerequisites (what should I know beforehand?)
generate a ssh key (if needed)
copy your *ssh public key* in the "Address Field" of the registration form
What do I need to bring?
Laptop
