As a user of IBM Spectrum Scale, we need to be aware of the security on our Spectrum Scale cluster. That’s where security posture steps in. It gives us a graphical representation of IBM Spectrum Scale cluster’s security aspects in Kibana. This enables IBM Spectrum Scale administrators to quickly identify the loose ends concerning security and make necessary changes to the cluster.
Setting up security posture is very easy and using security posture is very convenient rather than using disparate commands from different components on CLI and trying to figure the security settings. To set up the Spectrum Scale security posture, we just need to go to https://github.com/IBM/IBM-Spectrum-Scale-Security-Posture clone this repository and after following few simple steps mentioned in the README.md, our Kibana dashboard is ready to use.
Note: The assumption of using this project is that you already have an IBM Spectrum Scale cluster and are making use of different security features provided by it.
While setting up, we need to edit two files available in the cloned repo “scale-clusters.conf” and “security-posture.conf”. In “scale-clusters.conf”, we need to provide the IP address of scale cluster and in “security-posture.conf”, we need to provide information about elastic search and Kibana. We also need to Install and Configure TLS on Elastic Search and Kibana, which can be done using the information provided in the configuration part on Github repo README.md.
After this we add “kibana_dashboard.ndjson” in Kibana GUI by following the steps provided in the Step#7 in README.md file of clone repo.
Followed by this, we execute “python cronjob.py –config-file security-posture.conf –scale-clusters-config-file scale-clusters.conf ” command and upon successful execution, open the dashboard of the Kibana GUI where we can see the pictorial.
Now we can see the information in graphical representation on Kibana dashboard. Through this dashboard, one can easily view the secure administration status with Spectrum Scale CLI and GUI based administration. If security features like
1) File Audit Logging Enabled Status
2) Filesystem Encryption status per filesystem
3) ACLs type selection for filesystem
4) Encryption status for SMB and NFS exports, etc
In short, we get all the security posture related information in a single pane of glass. And since this is all open source the beauty of it is that you can add the specific security related parameter of your interest if it is not already covered.
This security posture view enables administrators to be more aware of the security of scale cluster and avoid security-related configuration mishaps caused due to negligence of the user. Attached below is what I recorded from my cluster for your easy reference.
Youtube video link: https://youtu.be/6kcH8WvFguo
Overall, it is a good initiative by IBMers who created it, to provide a user-centric product that will make the everyday work life of users more productive. On a personal opinion, I think the project followed the design thinking principles of IBM i.e.
1. A focus on user outcomes – this security posture focuses on making security administrators and auditors work easier.
2. Restless reinvention – thinking and building such a user-centric pluggable open source module itself shows the reinvention capability.
Finally, I would say it is a must-use security posture for its ease of use and ability to show relevant data. Very useful for enterprises and especially ones that need to also comply with regulatory compliance.
– By Vrushal Chaudhari