- This topic has 2 replies, 2 voices, and was last updated 1 year, 6 months ago by
.
-
Topic
-
Looking for the impacts of using Cisco Secure Workload on a Cloverleaf Server. We are using Redhat Linux and Cloverleaf 19.1.1. Any issues derived from this? Recommendations? I did not find anything on the Concierge site in either direction on this product. It is essentially a host based firewall. I expect if I don’t have control access that I will need to seek another group for every ip and port change while trying to get the job done. Also, will probably require more troubleshooting unless we have the visibility. Anyone have any insight before I go down this path?
-
Replies
-
-
Zero trust sucks when building interfaces for sure. We just finished implemented this just two weeks ago. They have two modes. Catch and allow, then catch and deny. We kept it in catch and allow till we discovered all ports we used, then they switched to catch and deny. We are running on Azure RedHat and cloverleaf 20.1.
You are right, you will need to request every new port to be allowed when building new interfaces. This will also affect major releases of cloverleaf. I’m in the process of looking at 2209 release on my dev systems and it is a pain since it’s a new workflow for our lan team.
Good luck
John Mercogliano
Sentara Healthcare
Hampton Roads, VA -
-
- You must be logged in to reply to this topic.
