systems, network & storage engineering
UNIX / Linux | Distributed Storage | Cloud & Virtualization | Public Key Infrastructure
Fine-tune ciphers, parameters and get an A+ on SSL Labs
Either using internal DNS view with public certificates –or– using a private Certification Authority with a managed workstation fleet:
Setup Samba4 for AD-capable products and Windows workstations.
What is missing in the CIA acronym (Confidentiality, Integrity, Availability)? How to prevent Meet in the Middle attacks? Authentication – Trusted Platform Module (TPM) powered SSL client certificates – and eventually spare the pain of setting up an SSO.
IDM: NIS LDAP OpenLDAP “389 Directory Server” RHDS “Apache Directory” Samba3+LDAP Samba4 FreeIPA Keycloak OAuth2 Yubikey SIM “Smart card” TPM
PKI: X509 PKIX SSL TLS LibreSSL MITM DPI “SSL interception” “SSL termination” “SSL offloading”
HA & LBS: NGINX HAProxy WS WSS websocket Varnish Keepalived Linux-HA Heartbeat RHCS MC/SC MC/ServiceGuard Cloudflare “AWS CloudFront”
Contact us for a quote!
+33 970 466 833 (French number)