PLUG - Phoenix Linux User Group

Join the Penguins of the Desert as we welcome Steven Kaplan, MSC,
BSEE, CISSP for a quick tour through FreeIPA.

Phoenix Linux User Group PLUG also builds systems for The Foundation
for the Blind Children during fests.
This month we will be setting up Fedora 11 and Knoppix 6.0 systems for
the students at the school.

Bring your media, USB keys, as we will have a burning/build station so
you can make a pendrive toolkit or LiveCD/DVD:

BackTrack4
Knoppix 6.0
Ubuntu 9.4
DVL
Samari

http://plug.phoenix.az.us/node/658

1224 E. Northern, Phoenix, AZ - enter through the North doors from
Noon until around 3PM.

The Foundation for Blind Children http://www.seeitourway.org

Please enter the Foundation for Blind Children via north entrance at 1224 E. Northern, Phoenix Arizona. Follow the signs!

Map: http://www.mapquest.com/maps/map.adp?country=US&address=1224%20E%20North...

NOTE: HackFests schedule is changing in August to the 2nd Saturday of
every month from 10:00 - 1:00PM.

http://www.obnosis.com/motivatebytruth/plug-hackfest.jpeg

Steven Kaplan covering FreeIPA.

BIO: Steven D Kaplan, MSCS, BSEE, CISSP
Waxman Associates, LLC
Mr. Kaplan has extensive experience in all areas of computer and network security, from instructor to practitioner. His combined problem solving, insights, innovations, programming and integration techniques have saved companies (in some cases) millions of dollars in fines avoided and achieved huge optimizations in their processes – gains not strictly limited to computer security. He holds relevant industry certifications, like the CISSP and IBM certifications for Ethical Hacker and Security Consultant. Mr. Kaplan has done significant amounts of software development to optimize his security consulting effectiveness. This includes process automation, especially related to collecting network security vulnerabilities, user ID revalidation, and SOX compliance Some tools and programs are currently in patent review.

Activities over the last 20 years cover both Federal Government (NSA) INFOSEC experience and private sector work from all areas and industries. Technological experience includes evaluation of Role Based Access Control (RBAC) systems, Java software review (for vulnerabilities), ethical hacking (EH) as well as design, evaluation, certification and accreditation (C&A) of security architectures and infrastructures. Evaluated systems and networks of varied architectures, including service-oriented architecture (SOA) for security vulnerabilities and legislative requirements compliance.

Audit experience includes review for compliance to Sarbanes-Oxley and HIPAA regulations, and the development of specialized software tools and scripts to expedite compliance.

FreeIPA Discussion Abstract
Over the years, as a security practitioner, I have had to support the forward progress and integration of user identity management systems. Usually this goes in fits and starts, as companies try to migrate to their best guess as to the where their technology should be so that they can be compliant with legislative and fiduciary requirements.

While I have had to work with proprietary solustions, I have been on the look for an open source program that would meet or exceed what (expensive) solutions I had to deal with. FreeIPA, while in its infancy, threatens to become the 800 pound gorilla in this area, being the vehicle to which most modern identity manange systems can integrates.

FreeIPA is an integrated security information management solution combining Linux (Fedora), Fedora Directory Server, MIT Kerberos, NTP, DNS. It consists of a web interface and command-line administration tools. Currently it supports identity management with plans to support policy and auditing management. http://freeipa.org

Discussion Overview:

· Motivations, historical, experiential and legislative

· Basic principles, CIA, IAAA, and Identity Management

· What are features should a current IDM have? Does FreeIPA meet them?

· Current release information, demonstration, install issues

Contact lisakachold@obnosis.com for specific information or questions.