Automating security compliance for physical, virtual, cloud, and container environments

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi everyone and welcome to a replay of my 2017 red hat summit talk titled automating security compliance for physical virtual cloud and container environments using Retta cloud forms satellite in size and ansible tower my name is Lucy Connor and I'm the principal technical marketing manager for security at Red Hat and in this role and the global Technical Evangelist for security across all of edits products and work on things like go to market strategy and also work on the creation of security related technical content for Red Hat's products so let's begin so first of all why would you want to automate security compliance I was reading the 2017 Verizon data breach investigations report and I was really surprised that even in 2017 81% of hacking related breaches leveraged either stolen or weak passwords and I was actually really surprised to read that because this is something that can be easily avoided when you automate security compliance so when you manually ensure security of compliance so let's say you have thousands of checks you're doing security checks and fixes that you're doing across thousands of machines that are living in multiple different environments whether it's cm or Amazon as your and then even containers that you are starting to introduce to your environment so now you have all these security checks you have to do manually this is going to be very time consuming this is very high highly opposed to human error you know I don't care how smart you are humans will make errors that's just nature right but humans the bad actions by you know maybe several some sadness that you have in your in your company they will go undetected when use when you manually check security this is also obviously very tedious and boring not easily to do audits and definitely not repeatable or shareable instead what you want is centralized management of your entire heterogeneous infrastructure so whether it is because you can't actually control what you don't know about so whether you have a physical machine virtual machine such as you know machines at VMware hyper-v Red Hat virtualization etc or even public cloud Amazon as your Google compute and even containers you want that centralized management of this mixed environment that you have because again you can't control what you don't know about you want automation automation automation you want to make you want to try and automate as much as you can you want infrastructure and security as code because that will give you that repeatability you will be able to share your code it's more verifiable and it's easier to do compliance audits at provisioning time you want that hardened security compliant host because this is going to give you that immutable operating system the OS can't be changed by untrusted parties you want that automated monitoring fixing of that that newly provisioned security compliance but also all of the rest of systems in your environment for its entire lifecycle and you want to do proactive versus reactive security so what tools can I use to help me with all of this let's start with s cap so what exactly is s cap it stands for security content automation protocol and this is a standard s backed by the National Institute of Standards and Technology and this is a standardized way of maintaining the security of your system specifically vulnerability and configuration security baselines open s cap is a NIST certified and validated s cap scanner by Red Hat that ships free with Red Hat Enterprise Linux and with Red Hat satellite and again this is the configuration and vulnerability scanner and there are other very expensive miss validated and certified as Katz Tanner's out there and some customers are mandated to use these of during secure for security audits but you want to consider that again open s cap is free with Red Hat Enterprise Linux and Rehab satellite so the Linux admins can use open s cap to proactively scan their systems before the security teams comes to their security audits that way you don't have tons of failures right from the beginning the admins could have could take care of some of those security checks and fixes beforehand before they do those security audits this is the press release that states that open s cap that ships with Red Hat apprise Linux and satellite is net myth certified is a myth certified configuration and vulnerability scanner Aztec workbench is a GUI based tool and this serves as the actual edge cap scanner and GUI form and also allows you to do per arm tailoring for the s cap content so what I mean by that is let's say there is a profile that for the US Department of Defense there's the DISA state profile but your company doesn't need to be as you know strict with the their security checks as the US Department of Defense so you want to maybe delete some checks in there or modify it somehow so how you can do that is with s cap workbench however open as Kathryn s cap workbench only scanned a single machine but most customers they don't just have one machine they have thousands of machine living all over the place whether it's in vmware whether it's in Amazon whether it's an azure and they want to be able to scan report on and remediate all of these systems they also want a way to provide their users with the self-service portal where the users come in and press the button and provision a security compliant host but the admin still has tight control over that entire mixed infrastructure that's in there whether it's verbal or whether it's Amazon whether it's a sure when that user presses that order button the user cannot decide what machine in what environment is that they're going to provision the admin will decide all of that depending on things like utilization maybe you as the admin know you're running out of space in VMware maybe you know as the admin that this listed with this user who'll all of them let's say Lucy loves them and you know that Lucy is infamous for racking up the Amazon bills so you decide that depending on certain criteria such as who logs in or utilization of the environment or you know things like you know on in May I want you know I want to provision in Amazon but in June I'll decide to provision in agile or whatever your criteria may be you as the admin will abstract away the infrastructure and have that type control over that infrastructure unless the and you decide where that that machine will be provision to and how it will get proven how lockdown you want that machine depending on the person who decides to provision that so this is what I mean by that tight control over that entire infrastructure now once that in bar that a machine is provision you want to do that automated ongoing security compliance for its entire lifecycle for that machine and the rest of that machines in your in your mixed environment so you want to do that automated ongoing security compliance or maybe remediation for the entire lifecycle of your all the machines in your environment now that you're introducing maybe some of you are introducing some new technology in your environment such as containers and now you have to you know ensure that all your thousands and thousands of container images and environment are free of vulnerabilities and you don't want to have admins do this manually you have more containers than you ever had of the virtual machines and there is no way that an admin can look inside each one of them and ensure that they're vulnerable or vulnerability free without missing one by mistake so you want to make sure that you want to do this in an automated fashion so how do you do that and this is what we're going to spend our time talking about on how you can solve some of these issues so the secret to solving these issues is using a combination of not only open s cap but a combination of our Red Hat management products so Red Hat cloud forms and school tower Red Hat insights and Red Hat satellite so Red Hat cloud forms we're going to be talking about all of these products a little in a little bit and how it's going to help you within these issues and specifically what we're going to talk about is first of all how do you create that security compliant host that provisioning time once it's provisioned how are you how are you going to automate that ongoing security compliance ensure governance to control and do that proactive versus reactive security work with Red Hat insight all in your mixed heterogeneous environment whether it is physical machines virtual machines our cloud or such as pop you know Amazon or Google compute and even contain our environment so how are you going to ensure all of this so this is what we're going to spend the next the rest of the talk on how do you create that security compliant host at provisioning time with Red Hat cloud form and ansible Tower so first of all what is the Red Hat cloud forms Red Hat cloud forms provides unified management across your heterogeneous environment whether you have virtual at a virtual environment such as VMware - Red Hat virtualization of public cloud you're looking at public cloud Amazon Microsoft Azure Google cloud platform containers Bay and you want also management of your Software Defined Networking environment all of that unified management can be done by with classrooms across all of these environments so cloud forms can see this environment collect data about that environment now cloud forms is foundation is data it's the with that data i can create control policies with that data i can create automation and even integration ansible tower is an automation you can do automation with ants willtao without writing codes those automation is in human readable format and yamo gives you that's how it's simple it's also an agentless solution and it's very powerful as well and this is it this way you can actually have that common automation language across not only your windows team but what your linux team and your even networking team so all of these teams can have a same way of doing automation with ansible with cloud forms 4.5 which is this most recently released ansible is actually inside cloud forms so this becomes the default automation for cloud form so what I mean by this is we have cloud forms is delivered as a pre-configured well a Red Hat Enterprise Linux virtual machine that is running a Ruby on Rails application so in how 44.5 ansible is actually installed on top of cloud form which means that now you can do run ansible playbooks right from call forms without doing any doing much plumbing behind the scenes to get that working so it becomes that default automation for conference which means that that automation story of cloud forms becomes that much more powerful so now let's talk about the first demo what you're going to see we're going to create that security compliant host at provisioning time at the push of an order button in cloud for behind the scenes what's going to happen is you're going to class or service that has a internal state machine and it's a checklist that you do in order so what first-class forms is going to look at the checklist and it's a checklist is going to say oh you want to put it's going to put you need to provision a VM in VMware then the next item in the checklist the internal state machine is going to be registering that machine with satellite and that's going to be done with an answerable label in ansible job template insult our job template and then another Ansel job template is going to launch the ansible playbook for making that machine compliant to the Department of Defense security or guideline which is the Defense Information Systems agency security technical implementation guys so this is the DISA sticker it's going to make that machine comply into the district's all at the push of a button without writing a single line of code and with multi-tenancy so multi-tenancy being okay let's say i have two different departments and each department i want to present different order buttons maybe you want the math department to be able to provision certain type of machines in certain environments VMware or Amazon but you want the English department to only provision inside in Microsoft hyper-v for whatever reason you have you can have that I set further isolation and that further control over the infrastructure so admin has that tight control over the entire heterogeneous infrastructure and you only allow certain people to provision in certain environment whether it's Amazon VM or hyper-v as your whatever environments you have that cloud for can managing based on whatever criteria you have whether it's based on you know what tenant is that user in whether whether it's based on how much utilization is in is enviable with capacity utilization of what's in p.m. or so you know you know for a fact classrooms knows what the capacity utilization of the environment so you can make decisions on if I'm running out of space there maybe I should be provisioning there you know that kind of thing so now let's see this in action in this demo we'll be showing how to create a critical plan host a provisioning time using clouds from satellite and ansible tower so you here you can see the ansible tower playbook for the rl6 statistic and various role variables that you can overwrite to see how lockdown you want the server's a category one two three we define how lockdown you want it in other variables so when we go to the ansible tower itself can see here all the jobs templates in ansible tower including the distance job template as you see here you can see that this is how you apply the distance relative specific to the VMS and templates and they can see the actual playable kirilus it as well so when we go to cloud forms we're going to log into columns as the admin to look at our service catalog so once you log in and you go to Service Catalog you can see that these are all the service catalogs at the point of view of admin so admin can see every single service catalog in all the tenants so we can see there's various ones such as hello world you can see the custom installing custom package registering to satellite and then here is the rl6 statistic Service Catalog so here when this button is pushed it's going to provision a relic VM in VMware vCenter register that machine with satellite and it's going to run the rl6 assist against will playbook on top of that newly provision VM and then the user also has the option to overwrite the default variables on the sample chart our job template so when I press orders and magic happens behind the scenes cloud forms is going to go through the steps in its internal state machine which is the list of steps that has to be done in order so first thing it's going to do it's going to launch a provision a rl6 machine in VMware vCenter so there you can see that it's been on provision once the IP address is the most VM has an IP address the next step is going to execute which is registering that machine with satellite and that is going to be done by a ansible tower job template for registering that machine with sattell as you can see here that that machine is now registered to satellite then the next step will execute which is the second danceable tower job plate law job template which is the actual distinct playbook so this is the playbook that's going to make this machine to Cystic compliant with see all the variables that you passed it in from the platform service dialog so now i'm going to log out as the admin and log in as a child tenant user so this got Peter Gibbons is HR is a user in a child pennant in the DevOps tenants so he's going to be able to see all the service catalogs that the admin created but also catalogs that are unique to people in there the people that are part of that the DevOps pen is you can see here this is a special service catalog item that this is service specialist catalog that it was going to deploy all six machines could register satellite and run the Center for Internet Security playable so now I'm going to log out and log in as a different user in a different tenant so suzy's and huffington is part of the security tenant so you can see that you can she can see every single tile catalog that the admin created but she can't see the depth or the catalogs from the dev ops pennant and he could only see the catalogs from the the case security tenant so here you can see there's the security team the relative statistic so this is a playbook that's unique to the security team and it's a modified version of the district and only certain variables are allowed to be overwritten by this user you can also create a security compliant host in Red Hat Enterprise Linux 702 and 703 and beyond so and also you can create that security compliant host with satellite six so for example you can write in the role installer and the GUI realm star you can actually create out the legs what security profile you want this push that machine to be locked down to but of course you know most people don't install machines by the Installer so you can of course you can kick start then do all of this by kick start as well to create that security compliant host and again as I said earlier you can also use satellite six to create your security and compliant hosts as well now how do I automate the ongoing security compliance using raha coliform satellite open as cap and ansible power so for the newly provision machines but also for all the rest of my sheet with the machines in my environment so in this next demo what we're going to do is we're going to go to a particular machine and we're we want to do a security scan on a per VM basis so what will add the push of a button so what we want to do is going to go to a VM and when I go to the VM I'm going to select a chosen security profile that I as the user will choose so I'm going to say I want to PN this machine against PCI DSS I want to scan it against a custom profile that I created or I want to scan it against the Department of Defense's des statistic now I'm going to keep track of the results of the scan so when the scan passes I want to tag that machine as icecap compliant with the name of this the profile when the scan fails and we'll do a few more things because I need to keep track of things that the scans are fail I want to tag that machine as kept non-compliant with the name of the profile I want to email the owner of the VM because again columns knows information about your infrastructure including the owner of the virtual machine I want to automatically open a ticket in a ticketing system in this case I use integration with ServiceNow but I could have easily used any other ticketing product JIRA I could have also used remedy you know anything that has a web service API and then when I open up that ticket I want I am going to open it up with the nail with the name of the film yeah but all other details costumes knows about that machine which whether its IP address whether its parent cluster whether it's when it was first provision whatever and then I'm going to create a report of always kept compliant machines and non compliant machines based on the security profile so maybe I want to know hey I don't care where this machine lives whether it lives in Amazon whether it was in hyper-v whether it lives in Azure tell me every one of them that fails the PCI DSS profile tell me every one of them that is passing my custom profile that I created whether it's called top secured top top secret or whether it's called you know corvée so what I'm just checking to see if one package is installed and that's all I care about this critical package I want to make sure that its installed so I check that that's my custom profile so I want to create a report because I want to show that to my management for example and keep track of it every Monday for example now I want to push your button once I have we know what's failing what's not feeling I want to actually push a button to fix those security issues on a per VM basis once I feel comfortable that I could do that fixed across all of my XI machines in my environment at the push of a button so this is what we're going to see it in our next demo so now let's see this in action in this demo we're going to talk about how to automate the ongoing security and compliance of your heterogeneous environment using a mix of warehouse management products and open end caps I'm going to login to paws form as the admin and when I login I'll be presented with all of my VMs in my environment so I'm going to look at this particular VM which is my rel 6th virtual machine and I'm going to press the button to run an open S cat scan on it you out with this custom button that will launch my custom integration so in it when I push that button I get presented with a list of security profiles that I can choose from and tells me if I've ever scanned it scanned a machine with that post-fall and if I have not I'm going to launch this custom profile called core based OS and it's just going to check one thing it's going to check to see if a particular package is installed at this particular cases to aid package you can see that when I did the scan that this particular V of it did not does not have this package installed so I'm going to refresh the VM and when i refresh the VM I can see the tag information in the bottom we can see this is this machine is now list a guy that's kept non-compliant for that for baicao a custom profile that I created which again just check to see if those eight package is installed it is also going to create a ticket ticket number for ServiceNow which is my ticketing system and so there you can see a ticket number for inside for service now when I go to service now here you can see the actual ticket has been automatically created for me and the ticket description includes the VM name and the name of the SK policy that's expelled and also the owner of that VM also all of the information that columns knows about that VM such as IP address hostname etc are passed from cloud forms to ServiceNow as part of the ticket then the owner of the VM is also emailed upon the CN failure with information about the name of the profile the owner of the VM and also informing the user that that they need to update their machine then you can if I actually look into the role 6 vm you can see that the aid packages is confirm the not installed so I'm going to actually push the remediate button that's going to install the aid package for me at the push of a button so I'm going to go and oppress to remediate button and then pick the same as cab profile in this case it's the core base OS profile you can see that it's now said failed because last skin it failed but when I now look at rpm qhe and aid you can see that now the package has been installed for me so when I rerun the scan I can and I want to confirm that the openness kept see and the tag is going to be updated and so that just to confirm that the scan passes so I press the Scan button you can see here now that the satellite up is saying ok yes you did this this check now passes the package aid is is in fact installed and then when I go back to cloud form and I'm going to refresh to see that the tag and now has been updated to as kept compliant for the core base OS profile so now I'm going to go into satellite 6 and I'm going to do I want to do the scan using open s cap and satellite sticks I'm going to attach this rel 7th standard of 12 security policy to this raw 7 dot we're also a common security policy to this role 7 box and then I'm going to once that policies is attached and I'm going to launch the open SKF scan this time using the satellite six is open s cap saab to outside so once I launch the scan this time around the custom integration is with ansible tower and the sensible tower job template for the satellite as open s cap scan is going to get launched and then you can see that this has been launched against that my role 7 virtual machine and now it's being run on that rel 7 virtual sheet machine that I have now you can see that that ansible tower job has been successfully completed which means that there's caps can roll for the common proof for that lol so comic level is complete so when I go to host reports and satellite here I can see that all the results of that scan so you can see here are all the 20 to 29 failures and 9 passes that I have for that role 7 common security compliance policy that I just scanned on that's the push of a button so now what I'm going to do is I want to fix those failed security checks then once I thought that's going to do is launched a different ansible tower job template for the satellites as kept remediate it's going to remediate using it's going to run as kept remediate and I can see that everything you have 36 passes and two failures two failures and when I look in depth about what failed you can see that the that it's issues with the separate partitions and that it was going to fix manually everything else you can see has passed so now I can look at a report since everything's been tagged which one is s kept compliant and stay on the core base OS profile and I can see other information about the VM such as IP address or J created and any other information classrooms collects about the VM and then I can see here showed me that all the s kept mal compliant for example for the PCI DSS profile and also show me other information such as IP address and the data was created now cloud forms has a really powerful and flexible control and policy engine right inside classrooms as in it right in the GUI of cloud form so with that what we're going to do is jump into the next demo and we're going to look at this the power of flex trio of cloud from this control engine and policy engine so what we're going to see is hospitals in a check to see if your machine is vulnerable to shell shock it could be any for any vulnerability because conference is able to look deep inside the machine even either machine is turned off and used without using any agents down to the packages that are installed in it processes eaten it even down to config files so I can see versions names of packages version release number of package and what's that I can determine if this machine is vulnerable to shell shop if that machine is vulnerable to shell shock then I'm going to have cloud forms fix that machine using just by simply pressing a button that does remediate shell shock that's going to launch an able to remediate this machine against the shell shock vulnerability we're also going to see how cloud forms can check to see if any open ship container images have severely high vulnerabilities if it does think the conference is going to make an annotation in that container image and then when you try to launch that container which will contain a poner below the high severity vulnerability container image open ship is going to prevent that vulnerable image from ever running in openshift again so now let's see this in action this demo gives talking about the power and flexibility of the Red Hat coliforms control and policy engine so I'm going to log in to your main portals coliforms as the admin and I'm going to navigate to the control and policy engine of cloud forms so when I navigate there I'm going to see a policy for the shellshock vulnerability so here classrooms is going to check to see if that machine is vulnerable to shell shock by looking at the package name the version number of the package and the release number and if it finds that this machine is has that properties then it's going to mark it as non-compliant you can see that this roles of a machine has a control policy attached to it so when I navigate a little further to see what that control policy is I can see that this particular the policy is the demo for the shell shock more ability the one policy that we just will that earlier so that policy is assigned to this virtual machine so I'm going to go exit out of the control policy engine and you can see that it when I look at the some review of the VM that this VM is not compliant to that assigned shellshock vulnerability policy so when I look deeper to see why it's not compliant you can see the reason it's not compliant is because of that the failure was the shell shock vulnerability control policy I'm going to go back to my VM and when I go back I can no you and I'm going to look notice that there's all the packages in it processes and files and I can dig dig deeper by clicking on packages and I can see here's all my packages with release and version number so now I'm going to fix this vulnerability by pushing your shell shock remediation button in cloud forms as you saw that I do that's going to launch an answerable playbook for remediating that VM against shell shock so if I look at the jobs I can see that that job is being run the shell shock lob the shell shock remediation playbook is being run in inside ansible tower and I can see now it's been successful so that now that our VM is remediated against shell shock so what that playbook does is update the backup like I saw the latest bash package so I'm going to launch a scan analysis scan on this machine just to make sure that cloud forms knows about this updated bash package and then what I relaunch the check is now you can see that the machine is now compliant and then if I dig a little bit deeper you can see that the machine is now passes the compliance check for the shell shock vulnerability now we're going to talk about how to manage security of openshift from Red Hawk cloud forms I'm going to log in to Club cloud forms again and I'm going to go into the control engine so Indyk in here in the control policy and there is a control policy here for open s cap profile so this what this you notice that there are three people in trial policies assigned to this control policy profile so we're going to look at all three of them and we'll start with the first one which is they named here open s cap you can see here all does is that classrooms chests to see are there any container images that has a severity high vulnerability if it does mark it as non-compliant and you I want you to annotate that possibly going to annotate that image so that that container image is prevented from ever running in open shift again the next control policy checks to see just whenever a new container image is discovered a smart net state analysis scan is run on that container image so that coliforms knows what's inside that container image the last control policy when the container image analysis is complete automatically Crawford is going to check the host or VM compliance after the scan is complete so now what's going to I will go to contain our providers and I can see here my openshift provider so what I'm going to do is I'm look at the control policies that are attached to the openshift provider you can see that this open s cap profile with those three control pluses is attached to the open shift provider which means that all container images in this provider will have this policy profile applied this open s cap of policy profile is going to be applied so I'm going to exit out so next I'm going to go into and look at that can all contain our image so I'm going to start with the container and then go into the container itself and then from the container I can see they're attached contain the actual container image that's living in that container and so now inside the container image I can see the packages the open s kept scan results and here notice that the scan results of this container in which all you have to do is click on it to see the results so here you can see that there are several severely high failures you can see in red so which means that you can suspect that all of the things we saw earlier in the code in the control policy is going to apply so I'm going to go into open shifter now I'll directly to open shift and I'm going to try to launch a container with this container image that has all these high severity vulnerabilities you can see here that I'm in the Welcome PHP app I'm going to add to the project when deploying image or check select that of us a very high vulnerability image and we try to deploy this image with this node with all those no to very high vulnerabilities so I'm just going to say create now so now let's now try and deploy this image with with all those container with this image with all those severity - abilities salopin shiva is now trying to spin up a container with this vulnerable image and you can see that that deployment has failed so let's look a little deeper into why that deployment has failed you can see here we're going to errors it's our error creating pod forbidden this image is put this image is created by policy so notice that the reason is the point is filled is cloud from slide this horrible image when you try to so when you try to start a container with this one religio bush shift is going to prevent this by with this annotation on the policy annotation that was set by cloud forms now you can do proactive security versus reverse proactive versus reactive security and automated risk management with Red Hat insights Red Hat insight is part of the Red Hat management portfolio and this is the product that will give you customized security and other information such as performance information about your particular machines before critical issues occur and this is with the knowledge that we have from Red Hat support from our daughter tickets that we have open and also from directly from our Red Hat on product security team so this is going to allow you to do that automated risk management it's going to reduce your risk in an automated fashion or there at the end of the next demo is that proactive security with right at inside we're going to see a payload security issue specifically the payload injection issue on your machine in Red Hat insights from both satellite or of promote satellite and cloud forms you can see a red head you can access red head insights from directly from the customer portal or from your house satellite or from red a cloud form so we're going to see the payload ejection issue you're up on fixing it which you're going to stub you after you fix this issue you're going to see that this issue no longer exists so this is what you're going to see in the next demo so now let's see this in action in this demo we are we talking about the practice security and automated risk management with Red Hat insights so here I'm looking at red head and says from Red Hat satellite and I'm looking at the sub security information for the rel 7 virtual machine can see all these security problems with this machine including this particular one about the kernel the kernel being vulnerable to the man-in-the-middle attack fire payload injection you can see here steps to resolve and what you can do to fix this problem and in the current release of red head and says there's actually an - a playbooks are provided to actually fix the issues as well so you can see here I'm in my relative a machine and I've taking those steps to fix this machine against the that payload injection issue that we saw and then once I do that I can go back into redhead and spice this time I'm going into right at insights from bread egg cloud form and then what I'm going to do is I'm going to look at that relative machine again and just confirm that the machine is now fixed against that payload injection so what I'm going to do is I'm just going to look for that payload injection issue just searching and you can see I don't see it I divorce which means that that issue has been resolved so in summary we saw a way of how do you actually create that security compliant at provisioning time as the push of a button with that tight control over your environment as the admin once that machine is provisioned how do you actually automate the ongoing security and compliance for not only that machine but every other machine in your entire mixed environment how are you going to ensure governance and control in an automated fashion and how are you going to do proactive versus reactive security with red hat insight all giving you all without by with a way of giving you flexibility and choice and not forcing you to use one product versus another but it forces allowing you to use a mix and a combination of red hats products depending on your use case so obviously this is going to give you that security at the push of a button and allowing you to save time and money and while security was the same we showed as audit on the automation of what we automated today the only limits in terms of what you can automate when you use red house management products and open s cap the only limits are the limits of your imagination I want to thank you for your time today and if you have any questions I really want to hear would like to hear from you and encourage you to reach out at any time here is my contact information my email address is L Koerner at Red Hat comm and you can see my twitter handle right below it which is Lucy proudly thank you so much for your and I look forward to hearing from you thank you

Info

Channel: Red Hat Cloud

Views: 2,887

Rating: 5 out of 5

Keywords: Red Hat, container, cloud, CloudForms, Red Hat Satellite, Ansible Tower, OpenSCAP

Id: TKQ8l1yl3X4

Channel Id: undefined

Length: 42min 41sec (2561 seconds)

Published: Thu Jun 08 2017