Technologie Stack

LinuxOracleTomcatCFenginePulpVMware vSphere

The Challenge

NNIP was running an aging RHEL Linux platform that needed a full version upgrade. The existing infrastructure lacked consistent configuration management, making it difficult to maintain compliance and ensure repeatable deployments across environments.

Our Solution

We designed and implemented a production-grade security hardened Linux platform featuring:

  • Full CIS, and SOX compliancy
  • GitOps managed configuration management system
  • 0 findings after an extensive external audit
  • Automated patch and update management
  • Centralized Log collection platform
  • Customized and hardened Tomcat RPM with fully automated build process
  • Scripted deployments of VM’s which previously where deployed manualy

Results

  • Reduced server provisioning time from 2 weeks to a few hours
  • Increased auditabillity through implementation of AuditD and remote syslog collection
  • Reduced audit findings to nearly zero by implementing industry standard hardening methods
  • Reduced configuration drift by implementing CFengine Enterprise configuration management system
  • Reduced patch and update windows due to the implementation of a fully automated process