My on-going reference series for interesting technology or projects which deserve further investigation, or for technical documentation (of one media format or another) that looks to be especially good reference material.
OpenSOC – The Open Security Operations Center
The OpenSOC project is a new initiative announced and driven by Cisco to provide an open source, extensible, and scalable advanced security analytics tool. This tool would allow any organization to create incident detection tools customized for their specific infrastructure components and their own security processes. This is a Big Data service leveraging multiple existing open source components like Hadoop, Hbase, Elastic Search, and MySQL.
Let’s Encrypt is a service announced by the Internet Security Research Group (ISRG) to provide a free certificate authority for public use, and planned to officially launch in Q2 of 2015. The ultimate goal is well beyond “just” a free CA, however: they want to provide a certificate management framework that allows an administrator to run a single command to automatically generate and install a validated SSL certificate. This certificate management framework will include client software to run on any host (the current preview is written in Python), server software for the actual CA (a demo library written in node.js is currently available), and a new protocol used between client and server.
This protocol is called the Automated Certificate Management Environment (ACME), and a draft spec is available for review. The protocol is expected to be submitted to the IETF as an official, open standard.
The ISRG is a California-based public benefit corporation sponsored by organizations like Cisco, the Electronic Frontier Foundation (EFF), Mozilla, Akamai, and IdenTrust. The Board of Directors for the ISRG include members from each of the sponsors (except for IdenTrust), as well as the University of Michigan, Stanford Law School, and CoreOS.
Schprokits is a new automation framework like Puppet, Chef, Ansible, Salt and others, but specifically targeted for networking. Their tag line is “Inspired By DevOps. Built For NetOps”. The company was founded by Jeremy Schulman, formerly a Global Solutions Architect at Juniper and the person responsible for the Puppet agent implementation for Juniper switches.
The product is still currently in stealth mode, but some information is getting out. Ivan Pepelnjak had Jeremy on his podcast to discuss Schprokits, other configuration management systems, devops, and more. In addition, several posts by alpha/beta participants (posted with the apparent consent of Schprokits) are coming out. John Herbert has a couple posts, and Jason Edelman has a couple even longer and more detailed ones.
Data Center Digressions 