RHCSA

REDHAT INSIGHTS

REDHAT INSIGHTS

What is Red Hat Insights?

Red Hat Insights is a cloud service provided by Red Hat for proactive analysis of Red Hat Enterprise Linux (RHEL) deployments. It is also referred to as simply “Insights” below. It includes details on existing configuration flaws, performance concerns, compliance issues, and security vulnerabilities, as well as recommendations for how to fix them.

The locally installed Insights Client scans and matches systems linked to Insights against a set of rules to discover and report potential hazards to system performance, scalability, availability, and security. Red Hat makes every effort to avoid collecting personal information.

This service can build Ansible playbooks to remediate discovered problems in addition to reporting. Ansible Engine on the individual server or Ansible Tower could be used to run these playbooks. Red Hat is in charge of maintaining and expanding the collection of rules.

All active Red Hat Enterprise Linux subscriptions have featured Insights since 2019. As a result, there are no additional expenses associated with using the service. RHEL deployments can use Insights whether they’re on-premises, in private, hybrid, or public clouds.

Data protection and data security

Using a SaaS solution like Insights has some drawbacks, especially for the way our company operates. Each connected host collects a large amount of data and sends it to the cloud service in order to deliver the service. On one hand, this is required for the service to function. There can be no guidance or recommendations without data to examine. On the other side, the transferred data can be used to create a fairly accurate map of the network infrastructure.

The Insights Client allows you to collect data locally without transmitting it to the cloud service using the settings “–-no-upload” or “–-offline.” This allows the sysadmin to check which data has been collected ahead of time. There’s also the option of keeping a deny-list and specifying which data should be banned from collection and transfer.

When one considers the operation of around 100 RHEL servers, each of which provides a different service, it becomes evident that manual control and maintenance of individual deny-lists is not feasible for all systems. Especially since the set of criteria that defines what data to gather changes on a regular basis, and a check would have to be done before each upload.

Unfortunately, there isn’t an on-premise appliance that allows us to use the service inside our firewall. Additionally, there is no allow-list for the Insights Client. Users would have even more control over data gathering and transfer with the latter. They’d have to define what may be transmitted and wouldn’t have to worry about more data being collected and transferred without their awareness a few days later.

I informed the Insights team about my wish for an on-premise appliance as well as my idea for the implementation of an allow-list. Even if my greatest wish for the appliance will not be achieved in the near or medium term, I feel valued as a user and that my feedback is valued.

The service does not gather any personal information, according to the literature referenced above. As a result, the data collected excludes /etc/ passwd, group, shadow, and /home. Red Hat, in general, provides a lot of information about the service and is quite open about its actions. In this regard, the company is exemplary.

After 14 days, incoming data is automatically destroyed if a customer ceases contributing data. When a client is removed from Insights, all data for that client is immediately destroyed.

Nonetheless, once your data has been moved, you lose control over it. You must trust the vendor to meet its commitments, as with any SaaS.

Bring in your security team early when trying out a new SaaS so they can assess the data privacy and controls in place.

Despite these issues, Insights provides the opportunity to learn about problems and vulnerabilities that have previously gone unnoticed and pose a bigger security risk than regular data transfers to Insights. However, whether the benefits outweigh the hazards is a decision that each business must make for itself.

There are a number of RHCSA training institute in Kochi that can help you gain sufficient information on this subject. The best teachings and talents come from the best solutions’ courses. As a result, prepare for the future with RHCSA courses in Kochi.

Author: STEPS

Leave a Reply

Your email address will not be published. Required fields are marked *