It is expanding its open source solutions with capabilities that accelerate the digital transformation of companies and increase the security of IT infrastructure, SUSE announced at its annual conference. The supplier supports business continuity with, among other things, real-time repairs and automation, artificial intelligence-supported containerization.
88 percent of companies experienced more than one cloud-related security incident in the past year, according to SUSE’s recent survey (Securing the Cloud), which was prepared by interviewing half a thousand senior managers and IT professionals in the United States, the United Kingdom, and Germany. An equally high proportion of professionals also agreed that they and their teams would move more workloads to the cloud and edge network if they could be more confident that their data would not fall into unauthorized hands – pointing to a critically important connection between data integrity and cloud use.
In response to concerns surrounding cloud security, SUSE is continuously improving its open source software so that organizations can run their workloads with greater flexibility and security in all environments, from the data center to the cloud to the edge network, said the vendor’s speakers at the SUSECON 2023 conference held in Munich at the end of June.
– All companies must increase their business flexibility and resilience in order to be able to face increasingly sophisticated and potentially serious digital attacks, said Thomas Di Giacomo, SUSE’s technology and product director. – It is necessary for them to take seriously the security of their complex workloads, especially with regard to artificial intelligence and machine learning (AI/ML) platforms, where the protection of customer data requires increased control. SUSE takes an approach to supply chain security that, along with the latest developments just announced, helps organizations securely take advantage of the cloud and protect their digital business operations.
Linux security steps up
The latest version of SUSE’s enterprise Linux platform, SUSE Linux Enterprise 15 Service Pack 5 (SLE 15 SP5), brings the high-performance computing capabilities essential for artificial intelligence and machine learning workloads and works closely with the Rancher Kubernetes platform. For example, SLE 15 SP5 further expands the capabilities of software update without restart (Live Patching), thereby strengthening business continuity, security and compliance.
Another novelty is that SLE 15 SP5 is the first of the Linux distributions to support the Confidential Computing approach, which ensures the protection of customer data processed in the public cloud and edge networks in a new way. Thanks to this, companies can work with fully encrypted virtual machines (VM) in any environment. For this, SLES 15 SP5 supports the latest chipset developments from AMD, Arm, IBM and Intel.
SLE 15 SP5 for SAP Applications, supported by SAP, increases the high availability of SAP systems and enables faster deployment through tools with improved automation and built-in security functions. Developments include the automatic identification and full observability of servers, cloud instances, SAP HANA databases, SAP S/4 HANA, and NetWeaver applications and clusters. New capabilities in SP5 also enable continuous monitoring of high availability (HA) configurations by visually displaying potential issues and applying recommended fixes.
SUSE Manager 4.3.6 now supports more than 15 different Linux distributions, including SUSE systems as well as Red Hat Enterprise Linux (RHEL) 9 and all its variants, including Rocky Linux and Alma Linux. From early fall, SUSE Manager will be available on the AWS marketplace as a pay-as-you-go solution. Companies can thus monitor their infrastructure from the cloud, with all the advantages of measurable usage, scalability and uniform billing. Thanks to the service, they can easily and quickly use the new developments of SUSE Manager, including the solution specifically intended for organizations running SAP workloads, which also includes subscriptions, services and training, even with limited time and the right skills.
Running containerized and virtualized workloads as a modular operating system, the SUSE Adaptable Linux Platform (ALP) brings enterprise Linux to life in modern cloud environments. As an open source project, SUSE ALP provides self-healing and self-monitoring capabilities, performing both operating system and container layer tasks. Companies can thus focus on their workloads regardless of hardware and applications, the software company highlighted in its announcement.
Container security in Kubernetes environments
The open-source Rancher container management platform, acquired by SUSE three years ago, also received security-enhancing product updates to optimize storage, support hardened virtual machines (VMs), and better manage vulnerabilities and compliance:
Strengthening data protection, optimizing backup archives and applying new standards of Kubernetes-optimized storage with advanced kernel technology – The Longhorn 1.5 storage platform is an incubator project of the CNCF (Cloud Native Computer Foundation), whose primary maintainer is Rancher. In its latest release, the platform will include a preview of the next-generation Storage Performance Development Kit-based storage engine, which improves I/O performance of persistent volumes used by applications. New features also include the ability to control the backing image via the Container Storage Interface (CSI) and support for ClusterAutoscaler via Pod Disruption Budgets (PDB). In this way, operators can better control the costs of storage volumes and the support of installations in Kubernetes environments operating in the public cloud.
Managing the growing interdependence of containers and virtual machines in modern infrastructure environments – SUSE is further simplifying the operation of cloud-native infrastructures with the next release of Harvester 1.2. Starting in July, companies will be able to access features such as support for storage purchased from third-party vendors through CSI and running security-optimized operating systems. Telecom and edge users can dynamically assign single-root I/O virtualization (SR-IOV) functions to their workloads, and the new modular framework gives them better control over operational functions in resource-constrained environments.
SUSE has also implemented the full Rancher management console in Harvester as an experimental feature for faster deployment of the container management platform. In Harvester’s bare metal mode, users can run and manage VMs and containers in Kubernetes clusters.
Improved Vulnerability Management and Easier Container Security – The SUSE NeuVector 5.2 update includes enterprise-grade security, vulnerability and compliance management, and enterprise-grade scalability. It comes with major features such as common vulnerabilities and risks database search, NIST 800-53 report mapping, Center for Internet Security (CIS) benchmarks, AWS Marketplace integrated billing, token-based API access, customizable login banners and the Harbor adapter.
At its conference, SUSE also announced that NeuVector will be available on the AWS Marketplace from July with usage-based pricing, and later in the summer it will also be available on the Microsoft Azure and Google Cloud marketplaces. An AI assistant will soon be available through Rancher Prime’s Slack customer channel, which will help make the platform easy to use with generative artificial intelligence capabilities, automation, and real-time information.
And SUSE Edge 2.0 is supplemented with components from the open source Akri project, which enable the identification and scheduling of workloads related to IoT devices – sensors, cameras, control systems and other equipment. Devices connected to the Industrial Internet of Things can thus be monitored together with the rest of the infrastructure, which improves the integration of IT and operational (IT/OT) technology, facilitates the reuse of configurations and the creation of self-healing clusters.