Most people don’t consider their average USB memory stick to be a security threat. In fact, in a social engineering experiment conducted in 2016 at the University of Illinois and detailed in this research paper, a group of researchers dropped 297 USB sticks outside in the parking lot, in the hallway, and classrooms. Of the 297 USB sticks dropped,
Continue reading “Built-in protection against USB security attacks with USBGuard”
We’re pleased to announce that Red Hat Enterprise Linux Atomic Host 7.4 is now generally available. Red Hat Enterprise Linux Atomic Host is a lightweight, container-optimized version of Red Hat Enterprise Linux. Red Hat Enterprise Linux Atomic Host couples the flexible, modular capabilities of Linux containers with the reliability and security of Red Hat Enterprise Linux in a reduced footprint, to decrease the attack surface and provide only the packages needed to light up hardware and run containers. Here’s a look at some of the major changes in 7.4.
Continue reading “What’s New in Red Hat Enterprise Linux Atomic Host 7.4?”
In Part 1, we created a working BIND container with local data storage. We can make changes on the local system that will get picked up in the running container. In this part, we’ll explore how we can manage the service from the host with
Continue reading “Containing System Services in Red Hat Enterprise Linux – Part 2”
As a follow-up to my introduction of simple signing, I’m excited to announce that Red Hat is now serving signatures for Red Hat Container Catalog Images!
In May, Red Hat announced the Container Health Index, providing an aggregate safety rating for container images in our public registry. As part of our commitment to delivering trusted content, we are now serving signed images. This means that customers can now configure a Red Hat Enterprise Linux host to cryptographically verify that images have come from Red Hat when they are pulled onto the system. This is a significant step in advancing the security of container hosts, providing assurance of provenance and integrity and enabling non-repudiation. Non-repudiation simply means that the signer cannot deny their signature—a key security principle for digital transactions.
Continue reading “Signed Images from the Red Hat Container Catalog”
At the 2017 Red Hat Summit, several people asked me “We normally use full VMs to separate network services like DNS and DHCP, can we use containers instead?”. The answer is
Continue reading “Containing System Services in Red Hat Enterprise Linux – Part 1”
Last week, Intel launched the new family of Intel® Xeon® scalable processors with new features such as Intel Advanced Vector Extensions 512 (Intel AVX-512), which boost performance of computationally intensive tasks, a new Intel Mesh Architecture for reduced system latency, Intel QuickAssist Technology for hardware acceleration of cryptography and data compression operations and integrated high-speed fabric with Intel Omni-Path Architecture. According to Intel,
Continue reading “Red Hat Enterprise Linux Brings Forth Performance and Scalability Features of New Intel Xeon Processor Family”
Twice a year the most prominent supercomputing sites in the world get to showcase their capabilities and compete for a Top500 spot. With Linux dominating the list, Red Hat is paying close attention to the latest changes that will be announced at International Supercomputing (ISC) show in Frankfurt, Germany between June 18 to June 22, 2017.
While supercomputers of the past were often proprietary, the trend of building them out of commodity components has dominated the landscape in the past two decades. But recently the definition of “commodity“ in HPC has been morphing. Traditional solutions are routinely augmented by various acceleration technologies, cache-coherent interconnects are becoming mainstream and boutique hardware and software technologies previously reserved for highly specialized solutions are being adopted by major HPC sites at scale.
Developing new and adapting existing highly scalable applications to take advantage of the new technological advances across multiple deployment domains is the greatest challenge facing HPC sites. This is where the operating system can provide
Continue reading “Supercomputing & Red Hat: What’s Happening at ISC 2017?”
As predicted in one of my earlier posts, more and more customers are starting to seriously evaluate and move off of third party Active Directory integration solutions. They want to use or at least consider leveraging identity management technologies available in Red Hat Enterprise Linux.
In the calls and face to face meetings as well as during customer presentations at Red Hat Customer Convergence events, Red Hat Summit, Defence in Depth and other conferences I get a lot of questions about such migration. As it is becoming a common theme, I decided to consolidate some of the thoughts, ideas, and best practices on the matter in a single blog post.
Continue reading “Migrating from third party Active Directory integration solutions”
The latest editions of Red Hat Software Collections and Red Hat Developer Toolset are generally available. Red Hat Software Collections 2.4 provide the latest set of open source web servers, web development tools, dynamic languages, and databases. Red Hat Developer Toolset 6.1 provides access to some of the latest, stable open source C and C++ compilers and related development tools.
Continue reading “Red Hat Software Collections 2.4 and Red Hat Developer Toolset 6.1 Generally Available”
Is your server running slowly?
Has your network tuning run amuck?
Is Red Hat OpenShift not scaling for you?
If you’re attending Red Hat Summit, whatever your performance
Continue reading “Bring Your Performance & Scale Problems to the Experts. Beer Included.”