SlideShare a Scribd company logo
Puppets in the
Government
Authors:
Kathy Lee, Software Developer
kathy.w.lee@gmail.com
Glenn Bailey, Linux Server
Administrator
glennbai@gmail.com
DISA and STIGs
•  DISA: Defense Information Systems Agency
•  STIG: Security Technical Implementation Guide
•  DISA publishes STIGS
•  STIGs for everything!
2
Problems we hoped Puppet would fix
•  Inconsistent configuration of Linux servers
•  Failure in STIG compliance – at time of Puppet acquisition, we were
hovering around 30% compliance
3
Real costs
STIG penalty + soft costs + hard costs = TOO MUCH
4
Post-Puppet compliance
•  Oracle Enterprise Linux 5: 98% STIG compliance
•  Oracle Enterprise Linux 6: 95% STIG compliance
5
Looking at a STIG
•  Walkthrough
6
Using Puppet to comply with a STIG
•  Walkthrough
7
Result:
# Puppet::sysctl: DISA STIG GEN007860
net.ipv6.conf.default.accept_redirects = 0
8
Up next: Windows
•  Same problems we wanted to fix on Linux
•  Inconsistent configuration
•  STIG compliance
•  Release Management
9
Puppet + PowerShell DSC
•  Walkthrough
10
Questions?
Authors:
Kathy Lee, Software Developer
kathy.w.lee@gmail.com
Glenn Bailey, Linux Server
Administrator
glennbai@gmail.com
PuppetConf 2016: Case Study: Puppets in the Government – Kathy Lee (co-author: Glenn Bailey)

More Related Content

PDF
Reactive microservices
Eduardo Spinelli de Lima
 
PDF
Enforce compliance policy with model-driven automation
Puppet
 
ODP
Monitoring via Datadog
Knoldus Inc.
 
PPT
Sri monthly presentation 2016
Akash Rajguru
 
PPTX
Holistic IT Solutions
stevebrock
 
PDF
GITPro World Apr 2015 - Continuous Innovation with Rapid Software Delivery
Sangeeta Narayanan
 
PDF
The DevOps Playbook: How to Start, Scale, and Succeed
Puppet
 
PDF
Dynatrace Integration Adapter - Datasheet
Kovair
 
Reactive microservices
Eduardo Spinelli de Lima
 
Enforce compliance policy with model-driven automation
Puppet
 
Monitoring via Datadog
Knoldus Inc.
 
Sri monthly presentation 2016
Akash Rajguru
 
Holistic IT Solutions
stevebrock
 
GITPro World Apr 2015 - Continuous Innovation with Rapid Software Delivery
Sangeeta Narayanan
 
The DevOps Playbook: How to Start, Scale, and Succeed
Puppet
 
Dynatrace Integration Adapter - Datasheet
Kovair
 

Viewers also liked (12)

PDF
PuppetConf 2016: Site Launch Automation: From Days to Minutes – Kristen Crawf...
Puppet
 
PPT
Nantes M1 Meraud
Julie Meraud
 
PPTX
High availability for puppet - 2016
Zack Smith
 
PDF
PuppetConf 2016: Enjoying the Journey from Puppet 3.x to 4.x – Rob Nelson, AT&T
Puppet
 
PDF
PuppetConf 2016: Deconfiguration Management: Making Puppet Clean Up Its Own M...
Puppet
 
PDF
PuppetConf 2016: Debugging Diversity – Anjuan Simmons, Assemble Systems
Puppet
 
PDF
PuppetConf. 2016: External Data in Puppet 4 – R.I. Pienaar
Puppet
 
PDF
PuppetConf 2016: Puppet Troubleshooting – Thomas Uphill, Wells Fargo
Puppet
 
PDF
PuppetConf 2016: High Availability for Puppet – Russ Mull & Zack Smith, Puppet
Puppet
 
PDF
PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet
Puppet
 
PDF
PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...
Puppet
 
PPT
Using JIRA & Greenhopper for Agile Development
Jeff Leyser
 
PuppetConf 2016: Site Launch Automation: From Days to Minutes – Kristen Crawf...
Puppet
 
Nantes M1 Meraud
Julie Meraud
 
High availability for puppet - 2016
Zack Smith
 
PuppetConf 2016: Enjoying the Journey from Puppet 3.x to 4.x – Rob Nelson, AT&T
Puppet
 
PuppetConf 2016: Deconfiguration Management: Making Puppet Clean Up Its Own M...
Puppet
 
PuppetConf 2016: Debugging Diversity – Anjuan Simmons, Assemble Systems
Puppet
 
PuppetConf. 2016: External Data in Puppet 4 – R.I. Pienaar
Puppet
 
PuppetConf 2016: Puppet Troubleshooting – Thomas Uphill, Wells Fargo
Puppet
 
PuppetConf 2016: High Availability for Puppet – Russ Mull & Zack Smith, Puppet
Puppet
 
PuppetConf. 2016: Puppet Best Practices: Roles & Profiles – Gary Larizza, Puppet
Puppet
 
PuppetConf 2016: Successful Puppet Implementation in Large Organizations – Ja...
Puppet
 
Using JIRA & Greenhopper for Agile Development
Jeff Leyser
 
Ad

Similar to PuppetConf 2016: Case Study: Puppets in the Government – Kathy Lee (co-author: Glenn Bailey) (20)

PDF
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Weaveworks
 
PPTX
Gimel at Teradata Analytics Universe 2018
Romit Mehta
 
PPTX
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
Puppet
 
PDF
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...
Puppet
 
PDF
Life as an enterprise security geek from underground. (What enterprises want ...
LINE Corporation
 
PPTX
PHP Unconference Continuous Integration
Nils Hofmeister
 
PPTX
In (database) automation we trust
DBmaestro - Database DevOps
 
PPT
Gdco12 kartik ayyar
Kartik Ayyar
 
PDF
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weaveworks
 
PPTX
Mediawiki to Confluence migration
Nils Hofmeister
 
PPTX
GitOps - Modern best practices for high velocity app dev using cloud native t...
Weaveworks
 
PPTX
Are your DevOps and Security teams friends or foes?
Reuven Harrison
 
ODP
Continuous Delivery of Puppet Manifests
Kris Buytaert
 
PPTX
A better faster pipeline for software delivery, even in the government
Gene Gotimer
 
PPTX
BrainQuest-DevOps
Eric Phan
 
PPTX
ABB Summer Co-op 2015
Rudy Libertini
 
PDF
The Science of Compliance
judy (fink) johnson
 
PDF
Detecting secrets in code committed to gitlab (in real time)
Chandrapal Badshah
 
PPTX
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
ScriptLogic
 
PPTX
DBmaestro's State of the Database Continuous Delivery Survey- Findings Revealed
DBmaestro - Database DevOps
 
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Weaveworks
 
Gimel at Teradata Analytics Universe 2018
Romit Mehta
 
The Business Value of Modernizing your Windows Infrastructure and Bringing Li...
Puppet
 
PuppetConf 2016: A Tale of Two Hierarchies: Group Policy & Puppet – Matt Ston...
Puppet
 
Life as an enterprise security geek from underground. (What enterprises want ...
LINE Corporation
 
PHP Unconference Continuous Integration
Nils Hofmeister
 
In (database) automation we trust
DBmaestro - Database DevOps
 
Gdco12 kartik ayyar
Kartik Ayyar
 
Weave GitOps 2022.09 Release: A Fast & Reliable Path to Production with Progr...
Weaveworks
 
Mediawiki to Confluence migration
Nils Hofmeister
 
GitOps - Modern best practices for high velocity app dev using cloud native t...
Weaveworks
 
Are your DevOps and Security teams friends or foes?
Reuven Harrison
 
Continuous Delivery of Puppet Manifests
Kris Buytaert
 
A better faster pipeline for software delivery, even in the government
Gene Gotimer
 
BrainQuest-DevOps
Eric Phan
 
ABB Summer Co-op 2015
Rudy Libertini
 
The Science of Compliance
judy (fink) johnson
 
Detecting secrets in code committed to gitlab (in real time)
Chandrapal Badshah
 
Solving 4 of Active Directory Management’s Biggest Problems with Simple Solut...
ScriptLogic
 
DBmaestro's State of the Database Continuous Delivery Survey- Findings Revealed
DBmaestro - Database DevOps
 
Ad

More from Puppet (20)

PPTX
Puppet Community Day: Planning the Future Together
Puppet
 
PPTX
The Evolution of Puppet: Key Changes and Modernization Tips
Puppet
 
PPTX
Can You Help Me Upgrade to Puppet 8? Tips, Tools & Best Practices for Your Up...
Puppet
 
PPTX
Bolt Dynamic Inventory: Making Puppet Easier
Puppet
 
PPTX
Customizing Reporting with the Puppet Report Processor
Puppet
 
PPTX
Puppet at ConfigMgmtCamp 2025 Sponsor Deck
Puppet
 
PPTX
The State of Puppet in 2025: A Presentation from Developer Relations Lead Dav...
Puppet
 
PPTX
Let Red be Red and Green be Green: The Automated Workflow Restarter in GitHub...
Puppet
 
PDF
Puppet camp2021 testing modules and controlrepo
Puppet
 
PPTX
Puppetcamp r10kyaml
Puppet
 
PDF
2021 04-15 operational verification (with notes)
Puppet
 
PPTX
Puppet camp vscode
Puppet
 
PDF
Modules of the twenties
Puppet
 
PDF
Applying Roles and Profiles method to compliance code
Puppet
 
PPTX
KGI compliance as-code approach
Puppet
 
PDF
Keynote: Puppet camp compliance
Puppet
 
PPTX
Automating it management with Puppet + ServiceNow
Puppet
 
PPTX
Puppet: The best way to harden Windows
Puppet
 
PPTX
Simplified Patch Management with Puppet - Oct. 2020
Puppet
 
PPTX
Accelerating azure adoption with puppet
Puppet
 
Puppet Community Day: Planning the Future Together
Puppet
 
The Evolution of Puppet: Key Changes and Modernization Tips
Puppet
 
Can You Help Me Upgrade to Puppet 8? Tips, Tools & Best Practices for Your Up...
Puppet
 
Bolt Dynamic Inventory: Making Puppet Easier
Puppet
 
Customizing Reporting with the Puppet Report Processor
Puppet
 
Puppet at ConfigMgmtCamp 2025 Sponsor Deck
Puppet
 
The State of Puppet in 2025: A Presentation from Developer Relations Lead Dav...
Puppet
 
Let Red be Red and Green be Green: The Automated Workflow Restarter in GitHub...
Puppet
 
Puppet camp2021 testing modules and controlrepo
Puppet
 
Puppetcamp r10kyaml
Puppet
 
2021 04-15 operational verification (with notes)
Puppet
 
Puppet camp vscode
Puppet
 
Modules of the twenties
Puppet
 
Applying Roles and Profiles method to compliance code
Puppet
 
KGI compliance as-code approach
Puppet
 
Keynote: Puppet camp compliance
Puppet
 
Automating it management with Puppet + ServiceNow
Puppet
 
Puppet: The best way to harden Windows
Puppet
 
Simplified Patch Management with Puppet - Oct. 2020
Puppet
 
Accelerating azure adoption with puppet
Puppet
 

Recently uploaded (20)

PDF
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
PDF
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
PDF
Doc9.....................................
SofiaCollazos
 
PDF
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
PDF
Software Development Methodologies in 2025
KodekX
 
PDF
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
PDF
Cloud-Migration-Best-Practices-A-Practical-Guide-to-AWS-Azure-and-Google-Clou...
Artjoker Software Development Company
 
PPTX
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
PDF
BLW VOCATIONAL TRAINING SUMMER INTERNSHIP REPORT
codernjn73
 
PDF
REPORT: Heating appliances market in Poland 2024
SPIUG
 
PDF
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
PPTX
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
PDF
Architecture of the Future (09152021)
EdwardMeyman
 
PPTX
ChatGPT's Deck on The Enduring Legacy of Fax Machines
Greg Swan
 
PPTX
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
PDF
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
PPTX
Comunidade Salesforce São Paulo - Desmistificando o Omnistudio (Vlocity)
Francisco Vieira Júnior
 
PDF
A Day in the Life of Location Data - Turning Where into How.pdf
Precisely
 
PDF
The Evolution of KM Roles (Presented at Knowledge Summit Dublin 2025)
Enterprise Knowledge
 
PPTX
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 
CIFDAQ's Market Wrap : Bears Back in Control?
CIFDAQ
 
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
Doc9.....................................
SofiaCollazos
 
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
Software Development Methodologies in 2025
KodekX
 
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
Cloud-Migration-Best-Practices-A-Practical-Guide-to-AWS-Azure-and-Google-Clou...
Artjoker Software Development Company
 
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
BLW VOCATIONAL TRAINING SUMMER INTERNSHIP REPORT
codernjn73
 
REPORT: Heating appliances market in Poland 2024
SPIUG
 
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
Architecture of the Future (09152021)
EdwardMeyman
 
ChatGPT's Deck on The Enduring Legacy of Fax Machines
Greg Swan
 
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
Comunidade Salesforce São Paulo - Desmistificando o Omnistudio (Vlocity)
Francisco Vieira Júnior
 
A Day in the Life of Location Data - Turning Where into How.pdf
Precisely
 
The Evolution of KM Roles (Presented at Knowledge Summit Dublin 2025)
Enterprise Knowledge
 
OA presentation.pptx OA presentation.pptx
pateldhruv002338
 

PuppetConf 2016: Case Study: Puppets in the Government – Kathy Lee (co-author: Glenn Bailey)