One of the most important things to be done on a system, security-wise, is to ensure that it is safe from network-based attacks.
Ensuring that your system only listens on expected ports and controls access to services at the network level is a tedious, repetitive process. What if services could automatically open the necessary firewall rules? What if the systems running a cluster application could learn about one another and open access to just the other nodes?
With Puppet, all this is possible. We'll cover some of these cases in this chapter. We'll cover the following topics: