Bring value to the mission faster with Red Hat

As the Department of Defense (DoD) seeks to innovate with agility, standardize interoperability across all branches and agencies, and maintain a high security posture, it has a pressing need to move faster while still managing risk. With a comprehensive hybrid cloud approach, Red Hat is the premier open source company to deliver modernization efforts while providing support throughout the transformation process, leveraging a rich partner ecosystem for mission success.

Accelerate STIG compliance with Red Hat OpenShift’s built-in security features: From 40 CAT I items to 7 (Part 1)

October 11, 2023 - Mike Radecker

On Sep 8, 2023 the Defense Information Systems Agency (DISA) published the Red Hat OpenShift Container Platform 4.12 Security Technical Implementation Guide (OpenShift STIG). This three-part blog series begins with an overview of the OpenShift STIG, some of the built-in security features that come with OpenShift, and compares OpenShift with a general Kubernetes implementation…read more

DISA STIG for Red Hat Enterprise Linux 9 is now available

October 11, 2023 - Red Hat

We are pleased to announce that the Defense Information Security Agency (DISA) has released a Security Technical Implementation Guide (STIG) for RHEL 9. It is available for download at the Department of Defense (DoD) Cyber Exchange. This builds on the recently released DISA STIG for Red Hat OpenShift, showing Red Hat’s continued drive to build a greater security posture for U.S. public sector IT across the hybrid cloud…read more

Transforming Defense operations: The impact of Red Hat Ansible Automation Platform within the DoD

October 6, 2023 - Benny Fields III, Holden Fenner

In the rapidly evolving landscape of technology, security and infrastructure management, the Department of Defense (DoD) faces unprecedented challenges. The demands for efficiency, scalability and security are escalating, requiring innovative solutions that can meet these needs without adding complexity to existing systems. Red Hat Ansible Automation Platform can help…read more

Beyond the STIG: Enhancing Kubernetes security with Red Hat Advanced Cluster Security and the Compliance Operator for Red Hat OpenShift

October 5, 2023 - Christopher Grimm

In the dynamic world of container orchestration, Kubernetes has emerged as the de facto standard for managing containerized applications. However, as organizations increasingly rely on Kubernetes to power their applications, the need for robust security solutions becomes paramount. We recognize this necessity and offer a powerful toolset to enhance Kubernetes security: Red Hat Advanced Cluster Security for Kubernetes (RHACS)...read more

DISA STIG for Red Hat OpenShift is now available

September 11, 2023 - Red Hat

To help government agencies and regulated industries embrace cloud-native innovation at scale while enhancing their security posture, we are pleased to announce the publication of the Security Technical Implementation Guide (STIG) from the Defense Information Systems Agency (DISA) for Red Hat OpenShift 4…read more

Modernizing defense software factories

September 7, 2023 - Red Hat

The Department of Defense (DoD) software modernization strategy is a department-wide plan to reduce software delivery time from years to just minutes through comprehensive changes to processes, policies, workforce, and technology. It was approved on March 30, 2023, by DoD Chief Information Officer (CIO), John Sherman…read more

Better securing the frontlines: Leveraging Ansible Automation Platform and AIDE for DoD file integrity

August 17, 2023 - Jonathon Wells

A lot of system administrators within the Department of Defense already use the Advanced Intrusion Detection Environment (AIDE). This is mainly because of a Security Technical Implementation Guide (STIG) that states that a file integrity checker must be configured to verify extended file attributes. There are a lot of features to AIDE, and the combination of using AIDE with Red Hat Ansible Automation Platform gives you the ability to automate important corrections to your system configuration…read more

Policy-based security in JWCC: Putting the Sec in DevSecOps

August 1, 2023 - Tim Ryan

There’s a movement going on in the world of Department of Defense (DoD) applications. The momentum surrounding application modernization efforts means containerized applications show growth in the DoD. That, combined with task orders coming out using the Joint Warfighting Cloud Capability (JWCC) contract, leads to the question, “How do we increase the security of containerized applications in this new landscape?”...read more

DISA releases the first Ansible STIG

April 11, 2023 - Red Hat

Red Hat achieves a wide range of cybersecurity validations for our products in global markets and by providing actionable information for organizations to improve their system security footprint. With this in mind, the first Security Technical Implementation Guide (STIG) for the automation controller in Red Hat Ansible Automation Platform is now published and available for download at the Department of Defense (DoD) Cyber Exchange…read more

Taking patch management to the next level with automation

January 19, 2023 - Will Tome

The term “patching” dates back to the days of punch cards when a programmer would literally patch a hole in a punch card to correct a bug. This allowed the programmer to correct mistakes without re-punching the entire card. What a painfully manual process that would have been to scale!...read more

How government might benefit from edge computing

April 23, 2021 - Adrian Keward

Edge computing has the potential to enable more efficient, more insightful, and more cost-effective management of a range of public services. But adoption of edge computing technologies by government organizations has been a long time coming. Now, having seen the value it delivers in other sectors, is a good time for government departments to consider the advantages of edge computing for themselves…read more

Enhancing application container security and compliance with Podman

September 16, 2022 - Trevor Bryant, Samuel Walker

As organizations adopt container-based ecosystems, the approach to continuous IT security and compliance must shift from traditional system security assessments to new methodologies that account for how cloud-based technologies operate. Containers enable agnosticism amongst cloud computing operating environments by packaging applications, or workloads, within a virtualized environment…read more

A Guide to using Routes, Ingress and Gateway APIs in Kubernetes without vendor lock-in

February 14, 2022 - Matthew Bach and James Harmison

Customers selecting a Kubernetes distribution today (such as Red Hat OpenShift Container Platform), have a lot to consider. One priority we have heard customers considering is a desire to avoid vendor lock-in when choosing how your Kubernetes cluster handles inbound traffic…read more

Build and manage Red Hat Device Edge images with Ansible

May 9, 2023 - Ricardo Noriega De Soto, James Harmison

Red Hat Device Edge is a new solution that delivers a lightweight enterprise-ready Kubernetes distribution called MicroShift combined with an edge-optimized operating system built from Red Hat Enterprise Linux (RHEL). This article will guide you through the process of building your own customized Red Hat Device Edge images, from setting up the necessary building infrastructure to deploying the image on a device or virtual machine…read more

Microsoft Azure Red Hat OpenShift has now attained DoD IL4 in Microsoft Azure Government

July 12, 2023 - Jerome Boutaud and Courtney Grosch

We are excited to announce that in collaboration with Microsoft, Azure Red Hat OpenShift for Microsoft Azure Government has now attained Department of Defense (DoD) Impact Level 4 (IL4) certification. DoD IL4 is designed to store, process, and transmit controlled unclassified information (CUI) related to military or contingency operations…read more

OCP hosted encrypted communications for protected environments

3 ways to encrypt communications in protected environments with Red Hat OpenShift

February 1, 2023 - Cheslav Versky

Use TLS termination to serve certificates to clients using edge, reencryption, and pass-through secured routes in situations where using wildcard characters is unsafe…read more

Establish secure routes and TLS termination with wildcard certificates

February 6, 2023 - Cheslav Versky

An EV Multi-Domain cert secures multiple domains under a single certificate to protect multiple subdomains. Learn more in the second article in this series…read more

Use service mesh and mTLS to establish secure routes and TLS termination

February 7, 2023 - Cheslav Versky

Configure Istio-based Red Hat OpenShift Service Mesh to encrypt TLS communication…read more

Use Keycloak SSO and TLS to build secure routes

February 8, 2023 - Cheslav Versky

Keycloak, Red Hat SSO's upstream, allows single sign-on with identity and access management based on popular standards. Learn more in the fourth article in this series…read more

Ask an OpenShift Admin (Ep 48): Disconnected Deep Dive

OpenShift Coffee Break: OpenShift Disconnected on AWS