"LISA is where professionals share what's hot in designing, building, and maintaining critical systems."
Tom Limoncelli, author, speaker, and system administrator
"LISA is the place where industry best practices and cutting-edge research come together to advance system administration."
Nicole Forsgren Velasquez, Utah State University
"LISA is where I find direction for evolving the my core professional skills."
LISA '13 Attendee
"I use LISA to benchmark the SA activities in my company."
LISA '13 Attendee
"I keep coming back for the technical content and the personal networking opportunities. I attend for career development."
LISA '13 Attendee
"LISA is the conference that I send my system administrators to so they can bring the latest tools and techniques back to the rest of the team. Much of our current environment can be traced directly back to LISA."
Cory Lueninghoener, Deputy Group Leader of Production High Performance Computing at Los Alamos National Laboratory
"Information from LISA helps us push the envelope on automation and scaling, allowing a team of four to manage over 3000 Firefox build and test systems running 15 different operating systems."
Amy Rich, Manager of Release Engineering Operations at Mozilla
"LISA is the conference that I send my system administrators to so they can bring the latest tools and techniques back to the rest of the team. Much of our current environment can be traced directly back to LISA."
Cory Lueninghoener, Deputy Group Leader of Production High Performance Computing at Los Alamos National Laboratory
"LISA is where professionals share what's hot in designing, building, and maintaining critical systems."
Tom Limoncelli, author, speaker, and system administrator
LISA: Where systems engineering and operations professionals share real-world knowledge about designing, building, and maintaining the critical systems of our interconnected world.
The LISA conference has long served as the annual vendor-neutral meeting place for the wider system administration community. The LISA14 program recognized the overlap and differences between traditional and modern IT operations and engineering, and developed a highly-curated program around 5 key topics: Systems Engineering, Security, Culture, DevOps, and Monitoring/Metrics. The program included 22 half- and full-day training sessions; 10 workshops; and a conference program consisting of 50 invited talks, panels, refereed paper presentations, and mini-tutorials.
System administrators often run into interesting conflicts between sysadmin, customer, and IT security needs. These conflicts generally lead to difficulty in achieving a balance between administrative convenience, good customer service, and minimal risk. There are processes or services available that can significantly improve any of these areas; however, many times they are costly or resource intensive. This course is designed for system administrators who want to improve the security posture of their organizations, using IT security standards paired with good system administration practices, resulting in better service, lower risk, and minimal impact to time and budget.
We will walk a path, covering many domains of IT security and enterprise system administration in ways that utilize the interconnection between good system administration practices and security fundamentals. We will discuss recent risks and threats, analyze them with respect to your environment, review possible impacts and develop mitigations that you can apply immediately. Training includes instruction, discussion, many hands-on labs, and a strong dose of common sense.
Attendees should bring a laptop capable of running a Virtual Guest and will be provided a VM in which to work. The class will have access to a test network of systems for training and lab exercises.
Who should attend:
Beginning to mid-level system administrators of any stripe with an interest in IT security and a desire to improve their security. It is suggested that participants have experience with the *nix command line.
Take back to work:
A toolbox of documentation, (mostly) free software, and a good starting point for developing better practices to improve security and system administration.
Topics include:
The relationship between system administration and IT security
Security theories, standards and risk mitigation as applied by SA's
Information management using Trac and Subversion
Good system administration practices that directly improve IT security
Basic configuration driven system management using Puppet
Host and network auditing, hardening, and monitoring
Developing an effective security awareness program
