Top 5 Considerations for Healthy Red Hat Infrastructure

SDG LinkedIn Post (2).png

Many IT managers are not getting as much out of RHEL as they could. The good news is our RHEL Accelerator can help.

If you’re an IT leader, you’ll recognize this scenario all too well. You have a seemingly endless backlog of projects designed to improve the automation and performance of your IT systems. However, many struggle to put them in place. More specifically, you encounter challenges in designing, automating, patching, post install configuration, compliance enforcement and production of the systems.

Increasingly, IT admins have been turning to Red Hat Enterprise Linux (RHEL) to improve the performance of their systems. The company has earned an outstanding reputation for itself in recent times, thanks to its suite of services including RHEL, Satellite 6, Ansible and Red Hat Insights to provide all the tools required to get the most out of their service.

However, although many admins can happily install the RHEL platform, they don’t always consider using the full suite of tools at their disposal to optimize performance. As such, they miss out on many areas in which RHEL could help them solve their biggest pain points. Here are five examples.

1.   Provisioning

Provisioning of new servers can be the single most ineffective process in the entire IT lifecycle. The server build process can be long and complicated, often frustrating end users with long wait times. In addition, administrators feel trapped in a serious of repetitive tasks that seem to be so easily automated. This is where Red Hat Enterprise Linux with Smart Management can help. This add on toolset to RHEL provides automated end to end provisioning of “golden image” based servers and frees both administrators time and reduces that agonizing wait by end users to get access to their systems.


2.   Post-Install Desired State Configuration

Provisioning and configuring the system takes time and considerable manual effort. In most existing systems IT administrators have to perform extensive checklists of manual installation of third party tools including monitoring, backup, and security agents. The process if installing each of these agents can be tedious, taking up hours of an administrator’s time that could be used on higher priority projects, but instead is sunk in executing repetitive tasks. 

The use of third party partners has risen significantly in the US as technology becomes increasingly vital to business. However, this comes with a risk. Data from Wiz Research found that 82% of companies give third parties highly privileged access. This can put data at risk and create problems if there is an issue with the third party. This is why Deloitte cited third party risk as a number one priority challenge facing businesses today.

Somewhat belatedly, IT managers are waking up to the risks. IT managers will need to spend time making sure these tools are working well and that risks have been mitigated.

Inevitably, though, these processes take time and can be liable to human error. This can have a series of knock-on effects leading to deployment errors which will create problems in the long term. Ansible from Red Hat addresses some of these problems by providing certified 3rd party vendor automation code in Ansible Automation Hub to streamline the process of installing, configuring, and managing 3rd party applications. 


3. User Account Management

Each server can have different accounts. In many businesses these are often handled separately creating a fragmented view of operations and meaning there is no accountability about who should address what account. Problems can surface, with nobody taking responsibility to put them right.

When employees leave, companies often fail to address their admin privileges. There is often uncertainty about who possesses what level of access, leading to potential backdoors. This represents a serious problem as former employees are one of the most common sources of system breaches.

In companies where resources are stretched, it can often be difficult for teams to maintain a clear oversight of protocols. Inevitably, things fall through the cracks and problems go unresolved.

With Red Hat Identity Manager, you benefit from a consolidated identity and access management platform which allows users to log into both Microsoft Windows® and RHEL servers with the same account. It provides more simplicity and transparency over access and ensures managers know which employees have what access.


4. Patching and Software Lifecycle Management

Cybercrime is booming in the US with threats growing in volume and sophistication. Patching is crucial to updating security systems and addressing vulnerabilities. However, many companies do not have adequate systems in place to search for updates. Equally, poor software control can lead to inconsistent performance across certain systems.

Red Hat Satellite 6, combined with Red Hat Insights, resolves many of those inconsistencies. It provides a complete software lifecycle management platform that ensures all RHEL systems have the correct software versions and security patches to support your applications.


5. Configuration Enforcement

Configuration and update issues can lead to problems with compliance. If a business does not have unified controls in place, they will not know when employees have modified systems. Without proper oversight, this can lead to rogue configurations which put systems out of compliance. More and more customers must maintain CIS or NIST baseline configurations on their servers for government and private sector services. Without adequate oversight, this can lead companies to inadvertently introduce security risks as serious as potential ransomware attacks.

Many IT leaders are failing to spot these problems due to poor equipment. They can’t scan, identify or remediate configuration violations to ensure compliance. With Ansible Tower, you can integrate a powerful tool set which provides scanning using OpenSCAP. This combination provides true scanning and self-healing of rogue configuration changes RHEL to improve oversight and ensure all servers remain compliant.

Conclusion

Businesses are waking up to the opportunity and importance of digital transformation and how RedHat can help them deliver. However, a lack of familiarity with the full suite of products means they may not be getting the best out of it.

At Stone Door Group, our Red Hat Health Check Accelerator℠  analyzes your Red Hat Enterprise Linux infrastructure and identifies areas of performance improvement and provides solutions to enable additional features to maximize your RHEL investment.   So, if you’re struggling with provisioning or post installation configuration, our Accelerator may help you identify the source of the problems so you can fix them. 

About the Author

Mike McDonough is a Senior Red Hat Architect with Stone Door Group and is responsible for designing and blueprinting OpenShift and Ansible architectures for Fortune 500 customers spanning a broad array of Red Hat technologies. With a 25+ year career in enterprise IT, Mike has deep experience in cloud architecture, automation, performance tuning and information security.