Provision OSSEC and Auditd with Fuel plugin
Currently, Fuel cannot provision OSSEC host based IDS, also doesn't enable Linux Audit Framework (auditd).
Enterprise customers would like to provide appropriate level of security for cloud control layer by implementing security tools like rkhunter, chkrootkit, auditd and OSSEC.
OSSEC and Auditd deployment scenario:
- one dedicated node for Auditd and OSSEC event collector
- all other cluster nodes with Auditd enabled and OSSEC hids deployed
In scope of plugin development is:
- preparation of appropriate Puppet modules deploying Auditd and OSSEC
- preparation of Fuel Web UI with basic configuration options
- deployment graph modification to satisfy criteria of additional node creation
References:
OSSEC Puppet modules: https:/
Auditd modules: https:/
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Adam Heczko
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by