We will present a series of architectures, best practices and technologies that when applied with well-reasoned deployment decisions result in significantly hardened OpenStack deployments.
We will guide the audience through the trade-off’s that must be considered when building a secure infrastructure, identifying those enhancements that provide the biggest leaps forward in security and the best return on investment.
A small sample of the topics we’ll cover:
- Secure Provisioning Methods
- Multi-Level Hypervisor Hardening Approaches
- Containerization and Nested Virtualization for Security Enhancement
- Multi-Tenant Aware IDS approaches
- Encryption everywhere with Ephemeral PKI
- Tenant separation at every level of the stack
The discussion will culminate with an overview of the security gaps that require more research and development, a call to arms for all those developers, enterprises and adopters who have strong security assurance requirements and who are willing to dedicate effort to enhancing OpenStack security.