Three IAM security misconfiguration scenarios are rather common: allowing the creation of a new policy version, the modification of a role trust policy, and the creation of EC2 instances with role passing. We look at ways to avoid and detect IAM security holes.
Firewalls and network address translation often stand in the way of access to remote systems, but the free RPort software works around these obstacles and supports remote maintenance through a tunnel locally, in the cloud, and from your home office.
The Domain Name System is repeatedly the target of or is leveraged for attacks on corporate infrastructures; however, it also lets you protect corporate networks against attacks and malware. The Blocky DNS server sets up quickly to secure DNS queries and DNS filtering for corporate networks.
Automation in the cloud does not require expensive new acquisitions when tools such as Ansible, Salt, Puppet, or Chef are already in use locally and can contribute to the automatic management and orchestration of cloud workloads.
When Kubernetes needs to scale applications, it searches for free nodes that meet a container's CPU and main memory requirements; however, when the existing hardware is at full capacity, the Kubernetes Cluster Federation project (KubeFed) takes the pain out of adding clusters.
Specialized Linux distributions are available for small and midsize businesses that promise economical and easy management of server applications and entire IT infrastructures. We looked at four of the best known candidates: ClearOS, NethServer, Zentyal, and Univention Corporate Server.
