by Robin Purnell
Today, open source software powers some of the world’s largest organisations. But that in turn means it is a target for cyber-criminals and nation state actors. As one of the most popular Linux distributions out there, Red Hat Enterprise Linux (RHEL) is well regarded in security circles. Yet when iterations reach end-of-maintenance support, customers must act quickly to protect their servers.
This is where virtual patching capabilities could help to mitigate risk and extend the value of investments in RHEL.
RHEL needs patching
RHEL 6 was released back in November 2010. Inevitably, customers are now facing a crossroads when maintenance support is withdrawn in November this year. They can either upgrade, or enter the Extended Life Phase, where technical support is limited. Crucially, development support will be withdrawn here, meaning no “errata” (including bug fixes) will be released.
Another option is to purchase Extended Life Cycle Support (ELS). This will get technical support back to “unlimited” with new installs and new issues allowed, according to Red Hat. Yet even here, customers may be exposed to some new vulnerabilities. Red Hat explained as follows:
“Even then, we are generally focused on issues that affect production, not low-severity minor things or faults with workarounds … If ELS is purchased, then we do consider and release errata for very critical issues that are considered on a case-by-case basis. One requires the ELS entitlement to request an errata and to get access to any errata released during the ELS phase.”
Why does this matter? As we know, effective patch management is a crucial pillar of any best practice cybersecurity strategy, given the frequency with which new bugs are exploited by attackers to compromise IT systems. Open source distries like RHEL are, in this regard, no different from commercial software like Windows Server.
In fact, working with its partners last year, Red Hat’s Product Engineering organisation fixed 1,313 CVEs across its entire portfolio. It issued almost 1,000 (968) security advisories — a record three-fold increase from 2011.
Why virtual patching?
Another option for RHEL 6 customers to consider is Trend Micro’s virtual patching capabilities. Our Intrusion Prevention technology offers emergency protection for servers and endpoints by providing a virtual patch. It’s a multi-layered solution that inspects and blocks malicious traffic, detects and prevents know and zero day vulnerabilities, blocks against SQL injections attacks, cross-site scripting attacks, and other web application vulnerabilities, and can be deployed on physical, virtual or cloud environments. In so doing, Intrusion Prevention enables organisations to extend the lifecycle of existing platforms like RHEL 6, that have reached end-of-maintenance, without needing to invest in extra support or risk exposing installations to new cyber-threats.
Trend Micro Deep Security and Cloud One – Workload Security offerings provide virtual patching support for RHEL 5 until 2023 and we have no plans to retire support for RHEL 6. That means your RHEL servers and applications running on top of them are protected from known and unknown exploits after November 2020. With that peace-of-mind, organisations can:
- Plan migrations to newer platforms at their own pace
- Block any attacks that could harm corporate reputation and the bottom line
- Adhere to regulatory compliance requirements
- Continue to derive value from existing OS investments
- Avoid unnecessary downtime associated with testing patches
Find out more about Trend Micro’s virtual patching capabilities here.