Data Security and Storage Hardening in Rook and Ceph
Offered By: All Things Open via YouTube
Course Description
Overview
Explore data security and storage hardening techniques in Rook and Ceph in this conference talk from All Things Open 2022. Delve into the security model of Rook with Ceph, examining various hardening options suitable for different threat profiles. Learn about defining threat models, implementing separate security zones to limit attack blast radius, utilizing encryption at rest and in-flight with FIPS 140-2 validated ciphers, and applying hardened builds and default configurations. Discover the benefits of containerization for security, and how Rook simplifies the process of applying hardening options through simple .yaml file modifications. Cover topics such as user access controls, key management, data retention, secure deletion, and the advantages of container-based storage systems. Gain insights into network security zones, product security incident response, encryption and key management, control plane security, identity and access management, auditing, and infrastructure hardening for robust data protection in Rook and Ceph environments.
Syllabus
Intro
CEPH IN BRIEF
ROOK IN BRIEF
THREAT MODEL
NETWORK SECURITY ZONES
CONNECTING SECURITY ZONES
Product Security Incident Response
Product Security Architect
ENCRYPTION AND KEY MANAGEMENT
ENCRYPTION IN TRANSIT
ROOK SPECIFIC
CONTROL PLANE
IDENTITY AND ACCESS
AUDITING
DATA RETENTION
INFRASTRUCTURE HARDENING
Taught by
All Things Open
Related Courses
Learn DevOps: On-Prem or Cloud Agnostic KubernetesUdemy Kubernetes - Getting Started with Rook
Linux Foundation via YouTube Using Rook and Ceph to Automate Kubernetes Storage Orchestration - Mirantis Labs Tech Talk
Mirantis via YouTube Deep Dive: Rook - Cloud-Native Storage Orchestrator for Kubernetes
Linux Foundation via YouTube Rook Deployed Scalable NFS Clusters Exporting CephFS
Linux Foundation via YouTube