Latest SUSE Linux Enterprise goes all in with confidential computing

SUSE's latest release of SUSE Linux Enterprise 15 Service Pack 5 (SLE 15 SP5) has a focus on security, claiming it as the first distro to offer full support for confidential computing to protect data.

According to SUSE, the latest version of its enterprise platform is designed to deliver high-performance computing capabilities, with an inevitable mention of AI/ML workloads, plus it claims to have extended its live-patching capabilities.

The release also comes just weeks after the community release openSUSE Leap 15.5 was made available, with the two sharing a common core. The Reg's resident open source guru noted that Leap 15.6 has now been confirmed as under development, which implies that a future SLE 15 SP6 should also be in the pipeline.

SUSE announced the latest version at its SUSECON event in Munich, along with a new report on cloud security issues claiming that more than 88 percent of IT teams have reported at least one cloud security incident over the the past year.

This appears to be the justification for the claim that SLE 15 SP5 is the first Linux distro to support "the entire spectrum" of confidential computing, allowing customers to run fully encrypted virtual machines on their infrastructure to protect applications and their associated data.

Confidential computing relies on hardware-based security mechanisms in the processor to provide this protection, so enterprises hoping to take advantage of this will need to ensure their servers have the necessary support, such as AMD's Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) and Intel's Trust Domain Extensions (TDX).

SUSE also said that its cut of SLE for running SAP applications comes with improvements in High Availability (HA) and speedier deployment thanks to enhanced automation in SP5. These include automatic discovery of servers, SAP HANA databases, SAP S/4HANA, and NetWeaver applications and clusters, plus continuous checks on HA configurations with recommended fixes.

• One small Leap for OpenSUSE as 15.5 arrives ahead of business sibling
• The quest to make Linux bulletproof
• Fancy climbing into ALP over New Year's? Fresh preview versions of SUSE's distro and NetBSD 10 are here
• openSUSE makes baseline CPU requirements a little friendlier than feared

On the management side, the SUSE Manager 4.3.6 tool is now claimed to support over 15 different Linux distributions, including Rocky Linux, Alma Linux and all variations of Red Hat Enterprise Linux 9, in addition to SUSE's own platform.

SUSE said that this will be available in the AWS marketplace on a pay-as-you-go basis later this year, allowing customers to manage their infrastructure from the cloud with a scalable instance on a metered basis.

While not strictly part of SLE, SUSE said it has added security-focused updates to its Rancher platform for managing Kubernetes and containers, such as support for hardened virtual machines and improved vulnerability and compliance management. The premium version, Rancher Prime, is getting the inevitable overhaul of its built-in AI Assistant with OpenAI and other generative AI technologies, since why not?

There is also a new release of its container security tool, with NeuVector 5.2 adding updates for common vulnerabilities, exposure database search, and NIST 800-53 report mapping.

NeuVector will apparently be available on the AWS Marketplace from July, and SUSE said it will also be available on Azure and Google Cloud later this summer.

"Every enterprise must maximize their business resilience to face increasingly sophisticated and potentially devastating digital attacks,” SUSE CTO Dr. Thomas Di Giacomo said. ®