RUDDER 6.0: focus on UX and SecOps

We are proud to announce a new major version: RUDDER 6.0!

More than a year after 5.0 and the creation of the plugin ecosystem, RUDDER 6.0 improves core components, and sets the basis for future exciting features. We particularly worked on the UX by improving the graphic interface. We made it easier to use!

RUDDER is frequently used as a SecOps solution allowing collaboration between teams. This behaviour brings a lot of new security ideas and features to enhance SecOps workflow. That’s why we started working on three new security oriented plugins.

 

Focused on user experience

New technique editor - RUDDER

User experience is one of our main focuses in this release. RUDDER has been built as devOps software. Our goal is to facilitate collaboration within your multiple teams. In this context, we have made a total redesign of the technique editor to give you a better view and a better understanding of the configurations applied to your systems.

new technique resource RUDDER

We have also added technique resources to the technique editor interface. You can now manage your configurations and embedded data (templates, files, variables…) in the same interface, for a simpler and faster experience.

Other minors enhancements have been done to simplify your experience with RUDDER. You can look into the changelog to have more information about it!

 

Enhanced integrations: easier to use

As we made RUDDER easier to use, we did the same with some software integrations. Amazon AWS is the most commonly public cloud used by our users, as Ansible for continuous deployment. We improved our integration with these technologies.

AWS integration

aws cloudformation logoAmazon AWS inventory details (EC2 metadata) can now be used within RUDDER to create dynamic groups based on this data (like Europe region Linux servers) or variables.

In order to make it easier to use, you can also provision RUDDER server in Amazon AWS with Amazon CloudFormation.

Ansible integration

Ansible integration RUDDER
RUDDER could already be employed as inventory source for Ansible. This allows you to use RUDDER properties in Ansible configurations and Rudder dynamic groups as playbooks targets.

Now you can also run a playbook directly using RUDDER and get a compliance report for immediate visual feedback.

 

Secure your configuration management system

We have continued to strengthen the security of RUDDER according to our customers’ needs.

This is why we have introduced a new communication protocol (based on HTTPS) with a fully encrypted communication between agent & server.

 
change validation plugin RUDDER

The change validation plugin, which allows you to require a revision by another person before applying a change, has been extended. In addition to filtering by server group, you can now enable it only for specific users (e.g. newcomers or interns) for more flexible workflows.

 

Make your system more secure

RUDDER already helps you to manage the compliance of your security policy on your systems. But we want to go further to align the solution with our user’s operational security workflows.

Discover the first three plugins. They are currently in development but already available in alpha for advanced users who want to try them!

OpenSCAP plugin

OpenSCAP is a standardized compliance checking solution for enterprise-level Linux infrastructure. The popularity of its formats allows it to quickly execute audit profiles provided by different actors, such as PCI-DSS Baseline for Red Hat.
You can now run these security audits from OpenSCAP and expose the results in Rudder’s web interface.

CVE Management plugin

CVE management plugin RUDDER

The Common Vulnerabilities and Exposures (CVE) system identifies all vulnerabilities and threats related to the security of IT systems. To do this, a unique identifier is assigned to each vulnerability.

RUDDER now integrates and tracks CVE directly through a dedicated interface: audit your RHEL and CentOS system, filter on CVE severity to identify sensitive systems and get CVE details for a quicker remediation.

CIS plugin

CIS plugin RUDDER

The Center for Internet Security publishes its benchmarks to detail how best to secure its systems through a set of best practices.

Apply this ready-to-use rules package to audit CIS standards and best practices to ensure that your systems are compliant.

 

Try RUDDER 6.0 right now!

All new features are now available for our users, except for the CVE management and OpenSCAP plugins which are only available for our customers. If you want to know more about subscription and how to get a demo live, feel free to contact us!

You can also look into the changelog to have each detail about the release. And if you are an advanced user, please test our new plugins and give us your feedback!

Despite extensive testing, we advise our users to wait for the first minor releases to migrate their production instances.

Following our usual release lifecycle, RUDDER 5.0 will stop receiving public upgrades in three months, on the 9th March 2020. Extended support will be provided for up to 2 years after initial 5.0 release, with a minimal upgrade window of 6 to 9 months, depending on the subscription level (9th June 2020 for standard subscription, 9th September for premium).

Share this post

Scroll to Top
Rudder robot named Ruddy makes an announcement.

Release 8.2: simplify IT security compliance with Policy and benchmark solution

Security management module details

This module targets maximum security and compliance for managing your infrastructure, with enterprise-class features such as:
Learn more about this module on the Security management page

Configuration & patch management module details

This module targets maximum performance and reliability for managing your infrastructure and patches, with enterprise-class features such as:

Learn more about this module on the Configuration & patch management page