* Reduce the cost of maintaining SLES in vSphere environments.
* Obtain direct technical support from VMware for both vSphere and SLES.
* Simplify your purchasing and deployment experience.

In addition, VMware plans to standardize our virtual appliance-based products on SLES for VMware further simplifying the deployment and ongoing management of these solutions.

With SUSE Linux Enterprise Server for VMware®, customers who purchase a VMware vSphere™ license and subscription also receive a subscription for patches and updates to SUSE Linux Enterprise Server for VMware® at no additional cost

More details here.

Customers and independent software vendors (ISVs) of all sizes will have the ability to run SUSE Linux Enterprise Server 10 and 11 on Amazon Elastic Compute Cloud (Amazon EC2) paying only for the hours they use. The new offerings will be available in all instance sizes and in every AWS region around the world. In addition, Novell will provide a maintenance service on AWS so customers can keep their SLES instances up-to-date with Novell’s most current security patches, bug fixes and new features.

The SUSE Cloud Program is a key component of Novell’s strategy to deliver innovative solutions for the intelligent workload management market. With the SUSE Cloud Program and tools like SUSE StudioTM, Novell makes it easy for cloud vendors to offer differentiated services that speed customer acquisition. For enterprises, the SUSE Cloud Program means they can have a common Linux platform across the physical and virtual environments behind their firewall, and then a pay-for-use version of that Linux in the cloud.

In addition to Amazon Web Services, service provider partners who have joined the SUSE Cloud Program include Fujitsu, IBM, Tencent and Vodacom Business.

For more information about the SUSE Cloud Program, visit www.novell.com/suse-cloud-program.

Managing this Linux life-cycle within enterprises is leading to sustained and strong demand for both solutions and services that enable organizations to fast-track their way to an intelligent and compliant Linux infrastructure.

Securelinx is currently assisting a number of Irish organizations to quickly and effectively bring their Linux estates into full and sustainable manageability. Our combination of best of breed solutions and highly experienced engineers ensure the full benefits of an Intelligent Linux Infrastructure are available – today.

Please contact us to receive further information or to enroll for one of our upcoming seminars.

* comprehensive power management capabilities
* performance enhancements
* scalability enhancements
* new security features
* enhanced resource management
* improved virtualization capabilities

There are two features that clearly stand-out.First is the introduction of new filesystem. Red Hat is finally moving to ext4. As the next generation of the extended filesystem family, it includes support for larger file sizes, more efficient allocation of disk space, better file system checking and more robust journaling.
Second  is the new virutalization software. Red Hat is  putting its weight behing Kernel-based Virtual Machine (KVM) as default virtualization technology. Incorporating numerous performance, scheduler and hardware support enhancements, KVM offers improved flexibility and control regardless of the deployment model.

Read more about what’s new in Red Hat Enterprise Linux 6 Beta.

This year, Novell is planning more than 100 technical breakout sessions, including several hands-on training and in-depth technical sessions. There will also be an exhibit hall featuring Novell technical demonstrations and partner products. And throughout the week attendees will have the opportunity to network with peers to exchange ideas, explore solutions and compare best practices.

The conference will be held 18-21 May 2010, in Amsterdam.

As a Novell Platinum Partner Securelinx will be attending this years BrainShare conference as well as taking part in the Partner Symposium. We hope to see you there.

Link: Moving Your Novell GroupWise System to Linux

Rationalize Software Licenses

An inventory of licenses should uncover those that are idle, underused, and even incorrect. Tools like Zenworks Asset Management can be used to create an inventory of all applications used across the enterprise and reconcile those numbers with the existing licenses. That can be a base for a comprehensive review of how many licenses are truly necessary, to retire those that aren’t, and to then negotiate greater discounts by consolidating licenses.

Standardise technologies

As a company grows it acquires a diversity of technologies including programming languages, operating systems, and integration tools. This runs contrary to the notion of accomplishing work with a minimum expenditure of time and effort. A careful review will point out redundant versions, unsupported technologies, and nonstandard tools that should give way to fewer, more standard systems. The cost savings come from simpler and consolidated procurement, as well as lower support and maintenance expenditures.

Securelinx advises choosing a single Linux vendor, be it Red Hat, Novell/SUSE or another vendor. This helps to avoid the problem of having patchwork systems that require substantially more time and money for support and maintenance, at the expense of budgets, new IT capabilities, and innovation. It may also be the opportunity to accelerate a move away from an expensive Unix platform. For a number of years we have observed migrations from legacy Unix systems, to Intel-based hardware coupled with a Linux Operating System. This duo provides a number of advantages. From the financial perspective – commoditized hardware reduces costs and puts the company in a good bargaining position, as it can play various hardware vendors against each other. From a staff perspective – the similarities between Unix and Linux allow, with little training, the transfer of existing skills to support the new environment.

Encourage reuse

Too many companies spend precious IT resources reinventing the wheel. A serious review of an existing project portfolio will probably uncover a number of opportunities to reuse existing solutions and build a common repository of services and solutions. The starting point is to learn what systems exist in the organisation, what application(s) they run, and what level of resources they consume. These apparently obvious questions often prove difficult to answer without historical data that tracks resource usage. A number of software vendors address this problem by offering solutions for availability and performance monitoring. The most popular commercial ones are OP5 Monitor, ManageEngine’s Applications Manager, or Solarwinds. There are also open source projects, lead by the long-established and highly customisable, Nagios.

Consolidate systems that do similar things

Different business units in the same company often have their own versions of essential systems, such as payments and Internet applications. Consolidating these systems at the corporate level can bring substantial savings and make processes simpler and more efficient. The effectiveness of the task depends on intra-departamental communication. In addressing each opportunity, the CIO and business leaders must evaluate trade-offs between short-term convenience and short- and long-term costs and complexity for company as a whole.

Knowledge of usage patterns we mentioned previously may (for example) identify candidates for virtualisation. Most of the commercial Linux vendors bundle virtualisation technology as a part of the operating system and even basic subscription options allow users to run multiple virtual machines on a single host. Consolidation of physical servers and applications increases server utilization, thus lowering hardware, maintenance and electrical costs. It may be done at the unit level, offering some savings, but the most gains from consolidation can be realised if it is agreed and supported at organisational level.

Here we will present five quick wins which, while easy to implement can significantly improve security. This should not replace traditional platform hardening process which is the recommended course of action, but to draw attention to the tools available out of the box that can be easily switched on even on the system already in production environment.

1. Activate Internal Firewall.

IPtables software is installed by default on SLES and can be used to secure your server from unnecessary or damaging traffic,Yast provides easy and intuitive graphical interface which allows restrict access to the system only on specific ports. This is easy task and the main challenge very often turns to be the identification of the TCP and UDP ports that should be allowed.

2. Patch your server.

Failure to keep operating system and application software up to date is the most common mistake made by information system professionals and users. Novell publishes list of released patches on Patch Support Database website.

The easiest way to ensure the compliance is by using Online Patch Management Tool available trough Yast. For multiple systems or when security policies do not allow direct connections to the internet better choice may be the Subscription Management Tool. It is is a proxy system integrated with Novell Customer Center and provides key Novell Customer Center capabilities locally at the customer site, allowing a more secure centralized deployment.

Enterprises may consider implementation of Zenworks Linux Management which can scale to support large IT systems. In addition to standard patching ZLM can provide build management, bare metal installations, configuration management and software and hardware inventory.

3. Disable unnecessary services.

Aside from consuming resources some of the default services can be used as a door by which attackers can gain access to the system. The typical candidates are portmap (if nfs is not used), cups (if printers are not configured on the system).

Another service – SSH is typically used for remote management and if it can not be disabled for practical reasons, direct root logins should at least be disabled and only SSH protocol version 2 allowed.

4. Use sudo.

Sudo is great little tool which deserves more attention from Linux administrators. First benefit is that it makes unnecessary to use root password for day to day management tasks. Secondly it allows granular delegation of tasks between staff. For example database administrators can be given right to start/stop applications they manage and mount disks, while being forbidden from altering network configuration or creating new users.

5. Enable audit subsystem

The audit subsystem provides quite extensive list of rules that can be set to audit events on the system. The choice may be overwhelming but with little effort auditing of login events can be enabled. This is done through setting AUDITD_DISABLE_CONTEXTS=”no” variable in /etc/sysconfig/auditd configuration file and then ensuring auditd service is started automatically during boot time.

The Subscription Management Tool provides an alternative to the default configuration, which requires opening the firewall to outbound connections for each device to receive updates. That requirement often violates corporate security policies and can be seen as a threat to regulatory compliance by some organizations. Through its integration with Novell Customer Center, the Subscription Management Tool ensures that each device can receive its appropriate updates without the need to open the firewall, and without any redundant bandwidth requirements.

In a nutshell, the Subscription Management Tool for SUSE Linux Enterprise provides you with:

* Assurance of firewall and regulatory compliance
* Reduced bandwidth usage during software updates
* Full support under active subscription from Novell
* Maintenance of existing customer interface with Novell Customer Center
* Accurate server entitlement tracking and effective measurement of subscription usage
* Automated process to easily tally entitlement totals (no more spreadsheets!)
* Simple installation process that automatically synchronizes server entitlement with Novell Customer Center

Support for the Subscription Management Tool for SUSE Linux Enterprise 11 is included with any SUSE Linux Enterprise subscription at no additional cost.

Contact Securelinx for additional information and professional advice on managing your Linux infrastructure.

The ability to search, sort and filter vast data volumes has been greatly improved with pagination for views of hosts and services. The new improved search feature includes auto suggestion and let you search on hosts, services host groups and service groups.

A new module for network visualization  has been included in op5 Monitor which allows to visualize the infrastructure using three different map types;
* Auto map, a auto drawn topology map using parent / child relationships.
* Static Map makes it possible to put any object (host, service, host group or service group) on an image of choice.
* Geo map, uses Google maps API, drawing a map by using addresses or gps coordinates on your monitored objects. Object and status information as well as links can be included in the map. The maps can be visualized as widgets on the tactical overview or be used on big monitors in operation centers.

More Screenshots.
Download Demo

Contact Securelinx for further details.