Securing Access To Chef Deployment Servers

cancel
Showing results for 
Search instead for 
Did you mean: 

Securing Access To Chef Deployment Servers

L1 Bithead

Currently we have a rule allowing the APP "ssl" from many different zones to our Chef Deployment Servers. I am trying to determine if there is a specific APPID for Chef but been unable to fine one. Since the server team says both port 80 and 443 are needed I am considering to setup the policy using APPIDs "ssl" and "web-browsing". Looking for ideas on how others are handling this. Thanks

1 REPLY 1

L4 Transporter

I've had no personal experience (or knowledge) with Chef as of yet. But searching the Applipedia does seem to agree that there is no app for it.

 

So barring any responses of actual value, my suggestion would be to do exactly what you are doing and let the traffic flow, then review the logs and see what AppID is actually saying. Chances are if you aren't decrypting traffic, ssl will never app shift anyway.

 

You can then look into trying to create a custom App yourself, or at least open a case with PA and request one be added for Chef

 

--
CCNA Security, PCNSE7
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!