The latest release of Red Hat's flagship Linux platform adds TPM 2.0 support for security authentication, as well as integrating the open source nftables firewall technology.
Red Hat announced the general availability of its flagship Red Hat Enterprise Linux (RHEL) 7.6 release on Oct. 30, providing organizations with improved security, management and container features. Among the enhanced features is support for the Trusted Platform Module (TPM) 2.0 specification for security authentication.
TPM 2.0 support has been added incrementally over recent releases of Red Hat Enterprise Linux 7, as the technology has matured. The TPM 2.0 integration in 7.6 provides an additional level of security by tying the hands-off decryption to server hardware in addition to the network bound disk encryption (NBDE) capability, which operates across the hybrid cloud footprint from on-premise servers to public cloud deployments.
RHEL 7.6 is the second major milestone release of Red Hat's enterprise Linux platform in 2018, following RHEL 7.5 which came out on April 10. In 2017, Red Hat only had one major milestone update for its enterprise platform with the release of RHEL 7.4 in August 2017.
Firewall
In addition to TPM 2.0 support, RHEL 7.6 also provides enhanced support for the open-source nftables firewall technology. For the past two decades, the primary Linux firewall technology has been the iptables project, with nftables considered to be the replacement for it, according to Red Hat.
Iptables remains fully supported in Red Hat Enterprise Linux 7 to provide stability and consistency for existing installations. However, nftables will enable enterprises to benefit from increased scale with complex rule matching, improved latency with on-the-fly rules changes, atomic transactions with rollbacks and improved visibility and debuggability.
While RHEL 7.6 is moving forward on firewall support, it isn't yet fully embracing the new TLS 1.3 cryptographic standard. TLS 1.3 became a formal standard in March and is the protocol used to help secure data in motion across the internet. The client side of TLS 1.3 is supported by the Firefox web browser and other select client applications. The server side, requires dependencies which would violate Red Hat's commitment to application compatibility and ABI/KABI stability in Red Hat Enterprise Linux 7.6.
Ansible
Management and automation in RHEL 7.6 get a boost with support for Red Hat Enterprise Linux System Roles, which are a set of Ansible modules. Ansible is Red Hat's configuration management and automation platform.
Red Hat Enterprise Linux System Roles, powered by Red Hat Ansible Automation, are incorporated into the Satellite configuration management capabilities. It is Now fully supported, these System Roles provide consistency across Red Hat Enterprise Linux releases and integrate with Red Hat products such as Red Hat Satellite Server and Red Hat Ansible Tower.
Container Toolkit
Red Hat is also adding a new project to its container toolkit in RHEL 7.6 with the inclusion of the Podman project. With Podman, containers can be run outside of Kubernetes. The Podman project joins Buildah for building images, and Skopeo for signing images in the container toolkit.
With a more distributed container toolkit, customers have more choice in how they build, deploy, find and share cloud-native applications, all without having to run a container daemon or engine on a system that was never intended to do so.