SUSE Unveils Comprehensive Infrastructure Security Stack


SUSE, today unveils new innovations alongside its vision to create highly secure infrastructure solutions to enable business’ digital transformation. The announcements at this week’s SUSECON Digital underscore the company’s ambition to harness the power of open source innovation to build the most secure enterprise environments possible.

SUSECON Digital 2022

Innovations to bolster security throughout the entire stack

The latest technology upgrades from SUSE will drive automation and focus on increasing security, everywhere – across its three core solution areas: Business-critical Linux (BCL), Enterprise Container Management (ECM) and Edge.

Facing an increase in supply chain security attacks and rising concerns about container security, companies need to innovate without disruption. Further, with the Industrial Internet of Things emerging as a major segment, the rise of the edge deployments introduces a broader attack surface. The increase in potential attacks – whether in the data center, cloud or at the edge – requires companies to reassess and enforce increased security across their infrastructure solutions.

“Consumers are demanding more robust software solutions due to the scale and breadth of security attacks,” said Melissa Di Donato, CEO of SUSE. “Our customers need comprehensive and secure solutions to support every stage of their digital transformation: they’re calling for multi-cluster, multi-cloud solutions to support their entire business. Today’s announcements highlight our ability to address the critical needs of our customers whilst delivering solutions they can rely on now and in the future.”

Business-critical Linux: Championing a secure and compliant software supply chain

SUSE introduces a new release of its Linux code base, SUSE Linux Enterprise 15 Service Pack 4 (SLE 15 SP4), which provides customers with the advantages of using one of the world’s most secure enterprise Linux platforms.

Highlights of SLE 15 SP4 include:

  • Adding SLSA 4 compliance to existing security certifications: SLE 15 SP4 is the first Linux distribution to deliver packages under the demanding Google SLSA standard distinctly adding a SLSA Level 4 Compliant Supply Chain which helps to protect against the increasing software security and supply chain threats customers face today.
  • Confidential computing changes data protection in the cloud: New with SLE 15 SP4 is the protection of data that is in use, including in main memory or CPU registers, which allows users to safely process sensitive data in the cloud. Building on a long history of upstream collaboration, SLE 15 SP4 is the first Linux distribution to support AMD SEV-ES (Secure Encrypted Virtualization-Encrypted State) host and guest modes, enabling customers to select additional security-strengthening VM isolation. With confidential computing for the cloud, SUSE, AMD and Google Cloud give customers the ability to safely process data, accelerate their migration and ensure their cloud workloads are protected against remote attacks, privilege escalation and malicious insiders. This extends to the workloads that require the most stringent security and compliance.
  • Expansion into the cloud-native world: For cloud-native and edge environments, SUSE collaborates with NVIDIA to deliver maximum performance and availability. With NVIDIA’s recent release of its open sourced GPU kernel-mode driver, SLE 15 SP4 is the first major Linux distribution to deliver it, streamlining GPU-accelerated computing across cloud, data center and edge with a secure software supply chain and excellence in support.
  • Resilience with smarter management for Linux estates: SUSE Manager 4.3 delivers the ability to simplify management of any mixed Linux clients, providing centralized reporting, management and monitoring from a single console, including resource-constrained environments such as edge deployments.
  • Designed for SAP service management: SUSE presents Trento, designed to reduce complexity and safeguard workloads in the cloud, as part of the SUSE Linux Enterprise Server for SAP Applications. Trento assures the integrity and security of a customer’s SAP Applications environment by continuously enforcing best practices and validating system configurations, on the major hyperscalers like Microsoft Azure, Amazon Web Services, and Google Cloud Platform.

Enterprise Container Management: Providing enterprises with governance, security and operational reliability through container management 

Building on last month’s availability of SUSE NeuVector 5.0 and SUSE Rancher 2.6.5, which together enable enterprises to easily secure their hybrid cloud applications, SUSE continues to invest in its container solutions with updates that enhance and secure the capabilities of SUSE Rancher, including:

  • Developer-focused solutions: Rancher Desktop adoption has grown over 300% since its 1.0 release in January. The 1.6 release provides customers with new dashboard capabilities, including easy-to-use drop-down features and a new command line tool called rdctl that enables command line access to GUI features. These help users with tasks such as scripting (for automation, CI/CD), troubleshooting and remote management, as well as improved functionality for the user experience.
  • Robust container storage: Longhorn 1.3 delivers enhanced API using Kubernetes CRDs, which allows Longhorn settings to be customized via kubectl and GitOps-based tools. Customers also benefit from the new storage area network, which accelerates storage replication performance through dedicated NICs, volume cloning support that duplicates environments, and persistent data for scaling, testing and validating cloud-native apps.
  • Expanded partner solutions: SUSE Rancher now supports IBM Z environments, which enables IBM Z customers to benefit from the latest cloud-native innovation. SUSE Rancher is also available on Microsoft Azure and GCP Marketplaces, which allows customers and partners to streamline their procurement processes.
  • Enterprise grade security and certifications: Building on the security enhancements announced today and recently at KubeCon, SUSE intends to release later this year a new Rancher edition with additional enterprise security and compliance capabilities to directly serve the evolving needs of regulated enterprise customers as well as government organizations.

EDGEEnabling business applications to run securely where they run best (at the Edge) 

With a projected 75 billion devices expected to be online by 2025, SUSE is addressing the need for companies to deploy at the edge with new advancements to SUSE Edge, a 100% open source solution that leverages K3s, SLE Micro, and other storage and container security elements that are purpose-built for challenging edge environments.

SUSE Edge seamlessly integrates security across the three management layers needed for a reliable and scalable solution (application lifecycle, Kubernetes lifecycle and operating system). Highlights include:

  • Management at scale: SUSE Edge supports every industry and streamlines operations for customers to be able to adapt and manage thousands of hospitals, restaurants and retail stores as independent edge locations from one centralized location.
  • Addressing future of Industrial IoT: SUSE Edge allows manufacturing and industrial companies to deploy edge applications that support predictive maintenance and analytics value, alongside providing the auto industry with critical edge support necessary to bring intelligent vehicles to the next frontier.
  • Simple and easy operating system deployment: SUSE Edge provides customers with the ability to manage ongoing security with live patching. Customers can also leverage new feature-and-functionality updates that are crucial for keeping the competitive edge for business-critical applications, as well as increasing the competitive wedge.

Supporting Quotes

“SUSE Linux simply runs without any issues and keeps our business going from strength to strength,” said Matthias Assmann, CIO at ElectronicPartner, a top European trading company for consumer electronics.

“We chose SUSE Rancher for our factories as we were looking for a management interface to help internal users, mainly application groups and dev ops teams, to manage several clusters in several locations in a seamless way,” said Andreas Poeschl, Head of Edge Computing and Container Runtime, BMW.  “SUSE Rancher gave us the opportunity to manage and maintain hyperconverged infrastructure – this gives us the benefit of lower effort while not compromising on security.”

“K3s enables us to deploy, update and secure the underlying container platform quickly, providing a resilient Edge-based runtime allows us to increase resiliency,” said Zachary Hardin, Director Systems Engineering, Home Depot. “We used K3s in a few different ways to solve needs for our business and having that flexibility while having peace of mind on security is really key for us to solve our business challenges.”


Please enter your comment!
Please enter your name here