Config Management Camp

5 - 7 February, 2018

Gent, Belgium

Building a distributed firewall on top of CFEngine

Ole Herman Schumacher Elgesem

In this talk, we will look at the challenges associated with traditional network topologies. We will discuss new technological opportunities which leverage automation software. The focus of the talk is how automation software can manage the local firewall of each host (host-based firewall) and the security implications of this. We will also look at some real life threat scenarios and how host-based firewalls can mitigate these risks.

About Speaker

Ole Herman is a developer at, the company behind CFEngine, Mender and Zener. He graduated from University of Oslo in 2017, with a Master of Science in Informatics, and has been a core developer on the CFEngine project since 2016. His interests include information security, automation, machine learning, networking, and electronics.

Slide Deck

Building a host based firewall on top of CFEngine from Nick Anderson