Tag Archives: best practices

Posted on

Assimilation Release 1.1.2 “Happy 2016” is out!

Download Assimilation Release 1.1.2 - the Happy 2016 release

On January 2nd we put out version 1.1.2 of the Assimilation System Management Suite – the Happy 2016 release. This release adds enhancements related to best practice analyses and adds support for openSUSE, Scientific, and ScientificFermi Linux – along with a few bug fixes. We also have some surveys that we’d love for people to take – to help direct us in our future work.
As we have in the past, we offer supported free trials of the Linux version of our system management suite – just follow the download link and the instructions you’ll find there.

Posted on

Bufferbloat: A Network Best Practice You’re Probably Doing Wrong

bufferbloat illustration via a fat overflowing beer mug

You may have heard of bufferbloat, but even many good network admins have not. If you haven’t changed settings to avoid it, then you aren’t doing it right. But what is it, why should you care, and what should you do about it? If you see your network access stutter occasionally for no apparent reason, then read on – it may be that bufferbloat is at fault. The good news is that if you’re running on a recent Linux system, it’s easy to set up correctly.

Posted on

Assimilation Monitoring Rules – Keys to Automated Monitoring

ruler with level - Assimilation Monitoring Rules - pun intended. No apologies ;-)

The Assimilation System Management Suite monitors servers and services automatically – which is way cool! This article explains how to create Assimilation monitoring rules which teach the Assimilation software when and how to use monitoring agents. These rules are the keys to fully automated monitoring. When your monitoring is fully automated, complexity goes down, and availability goes up.

Posted on

The 2015 Open Source Monitoring Conference

2015 Open Source Monitoring Conference (OSMC 2015)

I just got an email from Bernd Erk, saying that the 2015 Open Source Monitoring Conference is filling up. From my perspective, that’s a good thing, because we have a great talk and demo to give there and are excited to be speaking there again. From your perspective, this may be a good thing only if you hurry up and register – since this is the only conference we’ve spoken at outside the US this year.

Posted on

Even good security rules need to grow

security rules help keep hackers out

Although Linux systems are by-and-large more secure than many other systems, they still need to be administered intelligently. Stupid configurations often lead to unfortunate results. According to Akamai: “As the number of Linux environments has grown, the potential opportunity and rewards for criminals has also grown”. As part of the IT best practices project, I’ve recently added a rule which disallows password authentication over ssh. This blog post explains this, and why people who manage Linux systems should care.

Posted on

Ohio LinuxFest Assimilation Presentations

Ohio LinuxFest logo

Last weekend, I had the honor of giving the opening keynote on Friday at the 2015 Ohio LinuxFest and a session presentation on the Assimilation project the next day. Both talks were very well-received, but the reception the Assimilation project talk received from the standing-room audience was extraordinary. So it seems good to give a summary of the talk and why I think they resonated so strongly to it.

Posted on

Security: Automate or Die!

Automate or die!

Today’s blog post is about the imperative, absolute necessity for automation in cybersecurity. Those of you who read this blog regularly will note that this has been the theme for a while – with three recent articles about automation and one on the IT best practices project (which is all about automation). In this article we talk about why to automate cybersecurity, what to automate and how to automate cybersecurity.

Posted on

Cybersecurity Roadmap for The Assimilation System Management Suite

Past Present And Future Signpost Showing Assimilation Cybersecurity Evolution (Roadmap) 2016 Security Roadmap

The Assimilation System Management Suite (ASMS) provides integrated capabilities in monitoring, general system management, network management, and cybersecurity. The next few releases will concentrate on strengthening our cybersecurity portfolio of low-noise automated security tools. The new capabilities include security best practice analyses, checksum integrity analyses, and patch tracking and management and integration with a few SIEM products. This post talks about our plans for those releases in more detail.

Posted on

Security compliance: No more drama!

No security compliance drama illustration

Getting into security compliance is a big effort. Worse yet, Verizon says 80% of those who get in compliance have trouble staying there. When you discover you’re out of security compliance, there’s typically high drama if an auditor notices, or even higher drama if your security team discovers you’ve let an intruder in. Too much drama and too much elapsed time reduces security and impairs organizational learning.

What’s needed is a way to find these problems right after they’re created – while the people involved still remember what they did and why they did it. This changes the whole dynamic and creates teachable moments instead of high stress drama – before an intruder or auditor finds the weakness.