Alcide Rapid 7 Logo no-lazy Alcide Rapid 7 Logo no-lazy
Alcide has been acquired by Rapid7- a leading provider of security analytics and automation. Learn more

Let’s Start DevOpsIng

Helping DevOps with Simple, Secured and Automated Deployments

Support Business Velocity. In Your Comfort Zone.

Software is inherently complex. One of the guiding principles of DevOps is to do everything possible to ensure that it doesn’t unnecessarily become more complex. Shorter more frequent sprints, a more modular approach to code, automation, smart tooling, along with interdepartmental collaboration and constant alignment usually gets the job done.

But what happens when you’re dealing with a totally decentralized, fragmented IT  environment, where the moving parts are all interdependent but provided by third parties that aren’t designed to “play nice together”? How do you streamline that without compromising quality or security standards?

How can you provide third party server access to elements of your secure network without compromising other more sensitive elements and without adding totally unnecessary complexity (and headaches) to your IT environment? Using the unique API endpoint of the relevant network element, Alcide can provide dynamic access to only the desired third-party application. An elegantly simple solution in the face of needless complexity.

 

 

 

Dan
Hi Sara! Since most of our teams are already sending messages and files through Slack channels to coordinate their work, I thought we might streamline the process by opening our systems health monitoring toolkit to the relevant teams on Slack.
Sara
OK… which components require this access?
Dan
Prometheus alert manager
Sara
OK. But we need to define an access list for alert manager to access slack. How do you plan on doing that?
Dan
We’re going to provide egress access to the internet for alert manager
Sara
What else is running on the server that hosts alert manager?
Dan
Lots of other stuff…
Sara
So no. Egress access is not an option. We need to isolate Alertmanager in a better way so that other components are not getting internet access.
Dan
Security groups won’t do either…We can leverage a proxy server with an API filtering list to isolate and provision access to alert manager.
Sara
Honestly, that sounds like an implementation nightmare
Dan
Well…with Alcide I can specify the API endpoint on the Prometheus alert manager VM and containers and open access dynamically only to slack servers.