Solved: Re: NSO for linux security compliance

ddukinfi · ‎12-13-2018

We are working with large Asian SP on a greenfield 4G rollout. We looking if any one has done any work on security compliance verification on RHEL based VMs spun out by our MANO (NSO/ESC/CVIM). This would be to verify password/logging/etc parameters/configs on the RHEL host.

So far I have not seem much linux work via NSO. Any pointers would be appreciated

vleijon · ‎12-13-2018

Hi.

This is not really what NSO does, but there are a few avenues that could be explored.

In particular some work has been done on running chef/ansible from NSO to launch that kind of more host/application-based tasks on say a VM that NSO spins up. I have not touched this part myself so I am not certain what the current state of the art is.

As an alternative, depending on what you are interested in, there is something called linuxcfg - it is a confd example that allows some limited configuration of linux based systems over netconf. If you have fairly limited needs an extension of that work could be a possible avenue.

--Viktor

View solution in original post

vleijon · ‎12-13-2018

Hi.

This is not really what NSO does, but there are a few avenues that could be explored.

In particular some work has been done on running chef/ansible from NSO to launch that kind of more host/application-based tasks on say a VM that NSO spins up. I have not touched this part myself so I am not certain what the current state of the art is.

As an alternative, depending on what you are interested in, there is something called linuxcfg - it is a confd example that allows some limited configuration of linux based systems over netconf. If you have fairly limited needs an extension of that work could be a possible avenue.

--Viktor