Securing Containers and OpenShift

  • Tuition USD $3,600
  • Reviews star_rate star_rate star_rate star_rate star_half 839 Ratings
  • Course Code DO425
  • Duration 0 hours
  • Available Formats Virtual, Classroom

Red Hat Security: Securing Containers and OpenShift (DO425) is designed to help infrastructure administrators and security professionals learn to identity and mitigate threats to OpenShift container-based infrastructure. The curriculum also covers how to implement and manage secure architecture, policies, and procedures for modern containerized applications and software-defined networking. This course is based on Red Hat® Enterprise Linux® 7.5, Red Hat® OpenShift® Container Platform 3.11, and Red Hat® Identity Manager 7.5.

Skills Gained

As a result of attending this course, you should be able to use security technologies included in Red Hat OpenShift Container Platform and Red Hat Enterprise Linux to manage security risk and help meet compliance requirements. You should be able to demonstrate these skills:

  • Use recommend practices to ensure that images for container deployment come from trusted sources, including the use of secure registries, signed images, secure access protocols, and authorized access controls.
  • Explain and implement advanced SELinux techniques to restrict access by users, processes, and virtual machines.
  • Configure security context constraints to control the actions that pods can perform and to declare what a pod has the ability to access.
  • Implement the Linux computer security (seccomp) and Linux capabilities features to control the vulnerability footprint of a containerized application.
  • Implement and configure single sign-on for web applications, including the use of JWT for token sharing.
  • Explain and implement network isolation and encryption techniques to segregate application traffic to allow only authorized access.
  • Implement and explain storage management techniques to segregate volume storage I/O to allow only authorized access.
  • Observe and explain how the build process can be extended to include automated security testing and vulnerability scanning to ensure that no exploits are introduced into the final container images to be deployed.
  • Manage container deployment policies and configuration to control application placement, resource capacity, container affinity, and application demand scaling.
  • Manage OpenShift project access and quotas to ensure private and authorized self-service access, as well as to limit exposure to rogue tokens and denial-of-service attempts.

Who Can Benefit

This course is designed for professionals responsible for designing, implementing, maintaining, and managing the security of containerized applications on Red Hat Enterprise Linux systems and in Red Hat OpenShift Container Platform installations, including these roles:

  • System administrators
  • IT security administrators
  • IT security engineers
  • DevOps engineers
  • Cloud developers
  • Cloud architects

Prerequisites

  • Become a Red Hat Certified Engineer (RHCE®), or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience
  • Become a Red Hat Certified Specialist in OpenShift Administration, or demonstrate equivalent Red Hat OpenShift Container Platform knowledge and experience

Course Details

Course Outline

Describe host security technologies Understand the core technologies that make Red Hat Enterprise Linux a robust and trusted container host. Establish trusted container images Describe the registries, services, and methods that comprise the Red Hat image ecosystem. Implement security in the build process Learn automated methods for integrating security checks into build and deployment pipelines. Manage user access control Apply methods for integrating and managing user authentication for operators and for web applications. Control the deployment environment Determine how a container platform secures the deployment process through policies and automation. Manage secure platform orchestration Study how a container platform secures the orchestration process through policies and infrastructure. Provide secure network I/O Discover the technologies and control features that enable multitenancy and project isolation. Deliver secure storage I/O Enable authorized, multitenant storage access through a firm understanding of related technologies and control features.

How do I enroll?

A comprehensive listing of ExitCertified courses can be found here. You can register directly for the required course/location when you select "register". If you have any questions or prefer to speak with an ExitCertified education consultant directly, please submit your query here. A representative will contact you shortly.

How do I pay for a class?

You can pay at the time of registration using credit card (Mastercard/Visa/American Express) cheque or PO.

What if I have training credits?

ExitCertified honors all savings programs from the partners we work with. ExitCertified also offers training credits across multiple partners through our FLEX Account.

When does class start/end?

Classes begin promptly at 9:00 am, and typically end at 5:00 pm.

Does the course schedule include a Lunchbreak?

Lunch is normally an hour long and begins at noon. Coffee, tea, hot chocolate and juice are available all day in the kitchen. Fruit, muffins and bagels are served each morning. There are numerous restaurants near each of our centers, and some popular ones are indicated on the Area Map in the Student Welcome Handbooks - these can be picked up in the lobby or requested from one of our ExitCertified staff.

How can someone reach me during class?

If someone should need to contact you while you are in class, please have them call the center telephone number and leave a message with the receptionist.

What languages are used to deliver training?

Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.

What does GTR stand for?

GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.

I really enjoy the subject matter presented in this course. The instructor was very well verse and presented the material in a easy to understand and professional way... Great job!

Instructor was very knowledgeable and provided instructions worked well in the virtual labs and zoom sessions.

Good job coping with the "new" training, of having video learning in a group setting.

TX3181/3191 Courses. Really good course, highly recommended for TWS/D users.

It is very good and very simple instructions. almost to much hand holding.

4 options available

undo
  • Sep 28, 2020 Oct 2, 2020 (5 days)
    Location
    Virtual
    Location Details
    Language
    English
    Time
    11:00 AM 5:00 PM EDT
    Enroll
    Enroll
  • Dec 14, 2020 Dec 18, 2020 (5 days)
    Location
    Virtual
    Location Details
    Language
    English
    Time
    11:00 AM 5:00 PM EST
    Enroll
    Enroll
  • Mar 15, 2021 Mar 19, 2021 (5 days)
    Location
    Virtual
    Location Details
    Language
    English
    Time
    11:00 AM 5:00 PM EDT
    Enroll
    Enroll
  • May 24, 2021 May 28, 2021 (5 days)
    Location
    Virtual
    Location Details
    Language
    English
    Time
    11:00 AM 5:00 PM EDT
    Enroll
    Enroll
Contact Us 1-800-803-3948
Contact Us Live Chat
FAQ Get immediate answers to our most frequently asked qestions. View FAQs arrow_forward