"ELK" is the acronym for three opensource projects: Elasticsearch, Logstash, and Kibana. Elasticsearch is a search and analytics engine. Logstash is a server side data processing pipeline that ingests data from multiple sources simultaneously, transforms it, and then sends it to a "stash" like Elasticsearch. Kibana lets users visualize data with charts and graphs in Elasticsearch.
Elasticsearch is a distributed, free and open search and analytics engine for all types of data, including textual, numerical, geospatial, structured, and unstructured. Elasticsearch is built on Apache Lucene
Kibana is an free and open frontend application that sits on top of the Elastic Stack, providing search and data visualization capabilities for data indexed in Elasticsearch.
Using this open source tool (ELK) and Rsyslog we can make power full and secure centralized logging system
First launched in 1999, Nagios has grown to include thousands of projects developed by the worldwide Nagios community. Nagios is officially sponsored by Nagios Enterprises, which supports the community in a number of different ways through sales of its commercial products and services.
Nagios monitors your entire IT infrastructure to ensure systems, applications, services, and business processes are functioning properly. In the event of a failure, Nagios can alert technical staff of the problem, allowing them to begin remediation processes before outages affect business processes, end-users, or customers. With Nagios you’ll never be left having to explain why an unseen infrastructure outage hurt your organization’s bottom line.
Windows Monitoring, Linux Monitoring, Server Monitoring, Application Monitoring, SNMP Monitoring, Log Monitoring and many other service.
Nagios XI provides monitoring of all mission-critical infrastructure components including applications, services, operating systems, network protocols, systems metrics, and network infrastructure. Hundreds of third-party addons provide for monitoring of virtually all in-house and external applications, services, and systems.
Nagios Log Server greatly simplifies the process of searching your log data. Set up alerts to notify you when potential threats arise, or simply query your log data to quickly audit any system. With Nagios Log Server, you get all of your log data in one location, with high availability and fail-over built right in. Did we mention no data limits?
Nagios Fusion offers your network a high degree of visibility and scalability, helping solve problems that come with multiple networks and geographical separation. By allowing you to visualize multiple Nagios XI and Core servers in one location, network management becomes simplified by centralization.
The main benefit of using GitLab is that it allows all the team members to collaborate in every phase of the project. GitLab offers tracking from planning to creation to help developers automate the entire DevOps lifecycle and achieve the best possible results. More and more developers have started to use GitLab because of its wide assortment of features and brick blocks of code availability.
A private Git repository on GitLab can be accessed using either SSH or HTTPS. The preferred method is to always use SSH and a SSH key pair. Only use HTTPS if you have no choice.
The first step to using a private Git repository on GitLab using a repository SSH key is to generate the SSH key pair to be used with that repository. It is recommended to use a distinct SSH key pair for this purpose. Do not use your primary identity SSH key as you will need to upload the private key file of the SSH key pair to OpenShift.
Implemented private GitLab so project code is not accessible by internet.
Google Credential Provider for Windows® (GCPW) lets users sign in to Windows® devices with the Google Account that they use for work. GCPW provides users with a Single Sign-On experience to Google services and all the security features available with their Google Account.
Before you install Google Credential Provider for Windows (GCPW) on devices, you need to decide how passwords are synchronized between Google and Windows, give your support team access to devices, and determine how you want to handle existing Windows profiles
Enterprise Resource Planning (ERP) is software used by organizations to integrate multiple business functions into one system. It includes various activities, such as accounting, human resources, project management, sales, inventory and order management, and compliance.
Salesforce provides customer relationship management software. Salesforce offers various business solutions, which can be integrated to enhance and support ERP but it does not provide an ERP product.
Salesforce offers Revenue Cloud, designed to complement ERPs. Part of the Salesforce Customer 360 Platform, Revenue Cloud brings together Configure, Price, Quote (CPQ) and Billing, Partner Relationship Management and B2B Commerce capabilities. Revenue Cloud is not an ERP and works best when integrated with an ERP.
Salesforce’s MuleSoft also makes it easy to integrate CRM, ERP, and other applications.
The MuleSoft Anypoint Platform helps businesses integrate data and connect experiences from any system. With MuleSoft, you can bring data from any third-party system such as SAP, Oracle, Workday into Salesforce.
Running enterprise resource planning software on the Salesforce Cloud Platform saves you time and money by providing a unified, integrated platform that supports your entire business.
Provide digital experience to customer using Salesforce-Platform where we can manage sales and purchase orders, create packages and shipments, and send delivery updates through a single order management system. It automates order fulfilment, payment capture and invoices with supply chain workflows.
User will be able to
User will be able to
Here, we can achieve the above functionality using salesforce platform.
The following licenses are used for external users as per requirement: Customer Community, Customer Community Plus, Partner Community, External Identity and Channel Account.
Intrusion detection is the process of monitoring the events occurring in your network and analyzing them for signs of possible incidents, violations, or imminent threats to your security policies. Intrusion prevention is the process of performing intrusion detection and then stopping the detected incidents. These security measures are available as intrusion detection systems (IDS) and intrusion prevention systems (IPS), which become part of your network to detect and stop potential incidents.
Fail2ban is an Intrusion Detection/Prevention System (IDS/IPS), a great tool that helps you keep “unwanted” guests at bay. It’s mainly used to stop, prevent or slow down bruteforce attacks, but can be used to limit the number of requests per unit of time (backend, API,..). It scans/monitor log files and bans IPs that show malicious signs, like too many password failures, probing, bruteforcing attempts, etc. You can specify which service and log to monitor, how many attempts per unit of time (second/hour…), define regex (regular expression) patterns, etc. Out of the box it comes with filters for various services: Apache, ssh, nginx, asterisk, proftp, mysql… Here we’ll quickly go through Fail2ban setup.
Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).
Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services.
DevOps is both a new way of thinking and a new way of working. It is reshaping how organizations innovate and quickly deliver positive business outcomes. DevOps describes a culture and set of processes that bring development and operations teams together to complete software development.
CI/CD allows organizations to ship software quickly and efficiently. CI/CD facilitates an effective process for getting products to market faster than ever before, continuously delivering code into production, and ensuring an ongoing flow of new features and bug fixes via the most efficient delivery method.
Continuous integration refers to the build/integration stage of the software release process. It’s a stage where developers consistently merge their changes into the main repository of a version control system (like Git).
Continuous delivery (CD) is the automated delivery of completed code to environments like testing and development. CD provides an automated and consistent way for code to be delivered to these environments.
Continuous deployment is the next step of continuous delivery. Every change that passes the automated tests is automatically placed in production, resulting in many production deployments.
DevOps automation can provide consistency across repetitive tasks through configuring an automation tool, and removing the threat of human error. It can increase the speed of the team from code integration to application deployment. It also creates a much more reliable and stable system due to the improved collaboration. This also sees a reduction in errors from miscommunication.
With many different services that exist in the cloud, security is a top priority of any organization. Therefore, protecting data with accidental delete also should be included in the top list of operations. In AWS S3 you can optionally add another layer of security by configuring buckets to enable MFA Delete, which can help to prevent accidental bucket deletions and it’s content.
MFA-delete protect your bucket and object from accidental deletion.
When you try to enable MFA-Delete on s3 bucket you must login with root account not by IAM user Account.