WEBINAR, July 11th – CVE: speed up vulnerability remediation to secure your systems (in French)
What is RUDDER?
RUDDER is a professional, open source and multi-platform solution allowing you to continuously deploy, audit and remediate the configurations of your critical systems. RUDDER acts as a control tower providing a real-time visibility of your systems’ compliance for reliability and security.
Issues tackled by RUDDER
Our solutions with RUDDER
RUDDER is not designed for:
monitoring – even though continuously auditing configurations can complete a monitoring solution, RUDDER is not intended to replace your supervision system. It can help to deploy it quickly and ensure its proper functioning though.
deployment / integration – RUDDER focuses on system and middleware layers. This foundation has more of a vocation for continuous stability than the higher application layers with different constraints and purposes. Plugins allow RUDDER to interact with these deployment solutions.
network management – due to the proprietary closed OSs specific to each manufacturer, RUDDER cannot control the network equipment.
Who is RUDDER intended for?
In production, the main constraint and cause of complexity are:technical heterogeneity
- of machines (physical machines, VM, cloud, embedded)
- of systems (Linux, Windows, UNIX…)
- between IT actors responsibility scope (system administrator, CISO, system engineer, architect…)
- of preferred areas and levels of expertise of members of the same team
It is to overcome these constraints that RUDDER is:
- multi-device (physical machines, VM, cloud, embedded)
- multi-platform (Linux, Windows, AIX) with abstraction of implementation differences (the agent is responsible for correctly applying the configurations according to the OS)
- multi-interface (web UI, CLI, API)
Thus, each IT professionnal will find in RUDDER an answer to its needs, whether they are:
- for the Managers who wants to visualize the actual state of their machines on clear and concise graphs, to ensure that the safety policy is properly applied throughout the fleet,
- for the Engineers who must build a chain of tools capable of interacting with each other using the API.
- for the Administrators who configures the machines on a daily basis via the web management interface which never requires writing code, even for the most specific business needs, thanks to a drag & drop configuration editor.
Technically, RUDDER works on a target state model that you want to reach or maintain: the agent deployed on each machine works in pull mode and recovers its configuration from the central server and then applies it continuously in an autonomous way.
This continuous verification is possible because the agent is light (10 to 20 MB of RAM) and very fast (written in C, it can apply a hundred rules on a machine in less than 10 seconds). Thanks to this model, RUDDER is secure, resilient to network issues, and capable of managing more than 10,000 machines with a single installation.
It is of course possible to set RUDDER in “audit only” mode in order to visualize compliance deviations without making any changes. Users particularly appreciate this feature when first installing RUDDER on a new park or when setting up a new type of configuration.
The interface is a thin client developed in Scala, a language also chosen for its robustness and speed.
ROI: why invest in Continuous Configuration with RUDDER?
3. Value creation
On the one hand, the resources saved can be invested in projects with higher added value than the repetitive recurrent one; on the other hand, the reliability gain linked to automation improves the quality of service and with it project deliverability, brand image, and time to market.
Since its release in 2012, RUDDER has found its place in large and/or critical productions such as those of:
Reliability of a heterogeneous park with high criticality.
Automation of a high-volume industrial server park.
Compliance control of a fleet subject to ISO 27001 standard.
Fleet: 4,000 VM on AIX and Linux systems.
Use: RUDDER is used daily by the entire production IT team, which continuously deploys and verifies all system configurations.
Fleet: +10,000 Linux servers (physical and cloud).
Use: Management of system configurations both in datacenters and in factories of various sites around the world.
Fleet: 800 Linux and Windows servers.
Use: Management of the system for generating and distributing firmware and industrial software.