Red Hat has announced the release of RHEL (Red Hat Enterprise Linux) 7.6 beta. It aligns with Red Hat’s evolving business model or hybrid cloud, where customers are running their applications on-prem, off-prem, in public cloud, private cloud and even on edge.
Red Hat says that RHEL 7.6 is designed to deliver control, confidence, and freedom to demanding business environments, keeping pace with cloud-native innovation while supporting new and existing production operations across the many footprints of enterprise IT.
Major security improvements
RHEL 7.6 has added Trusted Platform Module (TPM) 2.0 modules to Network Bound Disk Encryption (NBDE), which provides an additional layer of physical security capabilities on top of the network/cloud-based capabilities of NBDE for data protection.
By using Trusted Platform Module (TPM) 2.0 hardware modules, the NBDE capability has been extended to provide two layers of security features for hybrid cloud operations: The network-based mechanism is applicable in the cloud, while the use of TPM on-premises helps to keep information on disks physically more secure.
For better integration with counter-intrusion measures, firewall operations through Red Hat Enterprise Linux have been improved with enhancements to nftables. The nft command line tool can now also provide better control of packet filtering, providing greater overall visibility and simplified configuration for systems security.
Red Hat Enterprise Linux 7.6 beta provides new default cryptographic algorithms for RSA and ECC, which help maintain FIPS compliance and stay current with cryptography requirements from NIST and other standards bodies, as well as organizations responsible for handling sensitive information.
Major container improvements
RHEL 7.6 is introducing Podman, part of Red Hat’s lightweight container toolkit built with enterprise-grade security features in mind. Based on open standards, Podman complements Buildah and Skopeo by enabling users to run, build and share containers with a familiar command-line interface. It also shares the same foundations as CRI-O, helping to provide the capability to run containers both inside and outside of Kubernetes.
Podman can start and run standalone (non-orchestrated) containers from the command line, as services through systemd, or via a remote API; these same capabilities can be used to invoke groups of containers, on a single node, also called pods. It does not require a daemon to function which helps to eliminate complexity and the client-server interactions of a traditional container engine. The technology also helps developers who want to build containers on their desktop, in CI/CD systems, or even starting containers within HPC and big data schedulers.
Automation and management improvements
- One of the biggest pain-points of enterprise customers is automation and management of the system itself. RHEL 7.6 refines management and introduces enhancements to the Red Hat Enterprise Linux Web Console including:
- Showing available updates on the system summary page
- Automatic configuration of single sign-on for identity management, helping to simplify this task for security administrators
- An interface to control firewall services
- The integration of the extended Berkeley Packet Filter (eBPF) provides a safer, more efficient mechanism for monitoring activity within the kernel and will help to enable additional performance monitoring and network tracing tools in the future. The eBPF tool is available as Technology Preview.
RHEL 7.6 supports a wide range of architecture including 64-bit AMD, 64-bit Intel, IBM POWER7+ (big endian), IBM POWER8 (big endian), IBM POWER8 (little endian), IBM POWER9 (little endian), IBM z Systems and 64-bit ARM.
If you are not a Red Hat customer, you can still try the beta.