Some of the new features include drive support for synthetic devices; Heartbeat, a feature that allows the host to detect whether the guest is running/responsive; enhanced boot support; and a feature which allows Linux distributions to use up to four virtual processors per virtual machine. 

V 2.1 supports the following Linux distros: SUSE Linux 10 SP3, SUSE Linux 11, and RHEL versions 5.2, 5.3, 5.4 and 5.5.  The above hyperlink will bring you to the download page for the software, which is available now.

Just in time for the holidays, HP released it’s preinstalled SLED (SUSE Linux Enterprise Desktop) 10 SP2 on its HP Compaq dc5850. (I wonder if the name SLED is a coincidence, or if they held off the release to get it out with the snowy weather?) Steven J. Vaughan-Nichols has already been reviewing SLED 10 SP2 on his blog, noting that the main improvements surround interoperability with Microsoft. He shares that the new version of SLED supports read and write access to local NTFS drive partitions and has better active directory integration. Vaughn-Nichols installed SLED and encountered a few kinks — a hassle that can be avoided in HP’s preinstalled offering.

But if all of that sounds too practical, or dare I say too boring, fear not — Ken Hess has provided a Linux geek wish list for the 2008 holiday season.You may already have a Linux mobile phone, but do you have a Chumby? Hess points out that all of these gadgets have Linux inside. What more could you want?

1. Asus Eee PC
2. Chumby
3. MusicPal
4. LimeBook
5. Linux-based phones
6. Amazon Kindle
7. MVIX MX-760HD
8. Garmin Nuvi880
9. Nokia N810
10. TiVo

But if you don’t want to spend a bunch of dough, Matt Hartley provides some ideas of “homemade” items that you can give your family and friends by putting your Linux skills to use.

… by utilizing your existing computer system, chances are you already have access to what you need to build a really great gaming rig, with the right open source videos games. Enter PlayDeb for Ubuntu. Whether you download each game individually or opt to give the “gift of plenty” all at once, there are more games here than most people would likely have ever imagined.

From Second Life to a number of very well done first-person shooters, even 3D strategy games, just about anything you might conceive of is available here — at no cost whatsoever.

Hartley also suggests updating an unused notebook and giving the gift of Internet, anywhere, to a loved one. Or spread the joy to your community and give “an off-lease or even totally used PC preloaded with Ubuntu, Fedora, OpenSuSE or PCLinuxOS.”

DirectAuthorize arrives as the third member of a line of products created to ease the task of managing mixed environments with Active Directory. The other two products, DirectControl and DirectAudit, perform centralized authentication and auditing.  

“Typically we serve customers who are looking to introduce Linux, Hewlett-Packard, AIX, or Unix into their environments, and also often VMware.” Centrify CEO Tom Kemp said. “In terms of access rights and password management, that ends up being a lot of sticky notes next to your screen.” DirectAuthorize replaces non-Windows systems’ authorization infrastructure with that of Active Directory, which allows admins to move all user authorization information to a central location and to manage it from that location.

Which tool is best for remote server administration in a Linux environment, and why?

 Jay Lyman, an open source analyst at Boulder, Colo.-based 451 Group, recommends the General Public License-licensed Virtual Network Computing (VNC) system for its user-friendly general user interface. This tool works with Open Secure Shell (OpenSSH) to perform tunneling, a method to establish secure connections between local and remote networks.  OpenSSH itself received several mentions in our IT pros’ responses .

As Kristian Erik Hermansen noted, the tool does more than tunnel. Hermansen’s description of OpenSSH’s capabilities: It can “forward graphical applications to remote machines, create a series of tunnels, redirect traffic over a SOCKS proxy, and perform way too many other features to mention.”  

Serge Wroclawski expected SSH to be at the top of respondents’ lists but suggested they trade it in for more automated remote administration tools. He advises managing remote server configuration with tools such as bcfg2 and Puppet. 

“Remote server management is a multidimensional problem, and managing the Linux OS is only a part of it,” said Ideas International Inc.

CEO Tony Iams Iams outlined several considerations in approaching this problem, but concluded that  “perhaps the most important factor in choosing a remote Linux management tool…is to make sure it integrates smoothly into the dominant management tools and procedures that are already in place.” 

Do you have a question you’d like to see asked and answered? Email it to editor@searchenterpriselinux.com . To see the complete responses from our IT pros, go to the feature main page.

“Ten years ago, most attacks were random,” said Ed Hammersla, the chief operating officer at TCS. “Now we are seeing attackers who have a focused knowledge of their victims. CounterStorm acts as a last line of defense in an environment in which more serious, targeted attacks … have become prevalent.”

Security Blanket first runs a security compliance profile on a system, automatically brings it into compliance with specified security standards and monitors the system for possible breaches.

CounterStorm strengthens the lockdown process with yet another measure: anomaly-based targeted threat prevention that observes a system’s typical behavior, scans for deviations and isolates and attacks these anomalies. With this approach to abnormalities, CounterStorm makes server scanning and issue resolution easier for admins. “It is much easier and less costly to fix 100 servers than it is to fix 1,000,” said Hammersla.

With the acquisition, TCS expands further into commercial applications for its security tools. Hammerla said that while government and the private sector have different security needs, an unsecured system can result in damage to either. “Government and commercial software security administrators have different concerns,” Hammersla said, “but face the same consequences.”

“Hospitals, for example, are not particularly anxious about their networks being infiltrated by China, but the government certainly is,” Hammersla said. “However, over time, I think that we will see more and more of the commercial and government compliancy standards merging.”

A SearchEnterpriseLinux reader from Queensland, Australia, wrote that my recent article asking whether open source is really cheaper than proprietary software missed the point.

“Most users are locked into the concept of Microsoft and this is the problem,” wrote Trevor Hughes. “For Mr. Average, Linux has much to recommend it. If I can do it anyone can. I am 57 and a newcomer to computing. For Internet communications and normal use, Windows is NOT worth the money.”

Hughes really takes issue with the article’s conclusion that users require more technical expertise and a certain openness to risk-taking to maximize the financial savings of open source. However, the article actually addresses Linux on servers in the data center, not Linux on home desktops.

Nevertheless, Hughes expresses the positive, can-do, problem-solving attitude that would lead to successful operation of Linux in the data center — and Windows, too, for that matter.

It’s pretty obvious that Linux can be a big money-saver over Windows. Why else would so many big corporations make the switch? It’s like anything else. There are always trade-offs, and companies and individuals are able to vote with their dollars on what they want to do. And choice is always a good thing.

On Friday, Aug. 22, openSUSE announced that its newest version, 11.1, will support Security Enhanced Linux, or SELinux. Novell’s security tools, AppArmor and SELinux, have traditionally been considered intense rivals. In this interview, openSUSE’s Andreas Jaeger, Roman Drahtmüller and Matthias Eckermann discuss openSUSE’s support of SELinux.

OpenSUSE now has basic enablement with SELinux. That’s great for SELinux users now, but will openSUSE be able to integrate new patches for SELinux?

Andreas Jaeger : OpenSUSE is developed with a community approach; We are proud to have opened the openSUSE build service to the community, with the option to develop and package open source software cross-distribution.

As SELinux is a cross-distribution effort, we encourage members of the SELinux community to participate in the openSUSE build service: to develop, test-drive and integrate new user land patches and tools into openSUSE and other distributions using our cross-distribution service. This way, all distributions running with SELinux enabled in the Linux kernel will benefit.

Is support of SELinux indicative of a larger industry trend toward interoperability?

Roman Drahtmüller: Novell observes a tendency in the industry to increase the security value of a system by introducing additional controls beyond the scope of the application. This means the application is exposed to these controls but cannot change them.

In moving from AppArmor to SELinux, does a company sacrifice compliance benefits?

Drahtmüller: AppArmor profiles for application containment and confinement are comparatively easy to manage throughout an infrastructure. Creating them is a distinct, low-pain checkmark item. The same applies to evaluating log messages that record possible violation attempts against protected system services.

For customers, the transition to SELinux may need a change in thinking and architecture, but also allows for the definition of a complete policy in a system. It helps to disallow actions that are not subject to a defined policy. There are environments that require such a functionality — regardless of the cost associated with it — for compliance reasons.

We anticipate that customers with these requirements will aim for a SUSE Linux Enterprise operating system, as it targets the special needs of customers working in compliance-bound environments.

Security tools have created a tradeoff between capability (SELinux) and usability (AppArmor). Is Novell’s approach to this tradeoff changing with its basic enablement of SELinux?

Matthias Eckermann: As in earlier releases of our product, openSUSE 11.1 reflects our belief in the value of additional security mechanisms in the operating system. The benefit of such mechanisms is maximized if the configuration and administration is as transparent, straightforward and as easy as possible for administrators.

Security needs that aim toward mandatory access control, mandatory integrity control or even multi-level security require a suitable architecture. With the basic SELinux enablement, we will allow our partners and customers to use such an architecture to implement solutions that fulfill their specific needs.

Nevertheless, we want our users to be able to choose their own priorities between administrative effort and functional benefit.

What do you think? Leave a comment below or contact chunter@techtarget.com.

Of the two, VMware is the more surprising since its software isn’t open source, despite its recent decision to make its ESXi virtualization server available for free. In fact, however, VMware recently contributed its Virtual Machine Interface for paravirtualization to the open source community and is working on other ongoing community projects. But Canonical’s joining seems, if anything, overdue; its founder, Mark Shuttleworth, also helped launch the Linux Foundation and is a current board member.

So what’s going on? Is this the beginning of a wave of new members? Jim Zemlin, the Linux Foundation’s executive director, thinks so. “You will be seeing many more new members of the Linux Foundation in the near future,” Zemlin predicted. Collaboration is critical in the open source community, and the Foundation is a place to meet and solve problems, he said.

Well-known tech blogger Jason Perlow wasn’t quite in agreement. He said Canonical’s joining is “almost a nonevent” because of its “huge support” of the community. Nevertheless, its membership puts it on an equal footing with multibillion-dollar firms in a “somewhat exclusive club” and might prompt Red Hat Inc. and Novell Inc. “to take the snappy little upstart” more seriously, he said. Jay Lyman, an analyst at the New York-based 451 Group, said the two new members — especially Canonical — are both “key” to the Foundation because of the popularity and innovation of Canonical’s Ubuntu software. VMware’s membership is not as important to the organization overall, but should help Linux to stay at the forefront of virtualization, he said. Canonical’s silver-level membership (the lowest of three full membership levels) puts it one up on open source leader Red Hat, which is at the same support level but, unlike Canonical, doesn’t have a seat on the board. (Novell is a top-level platinum member.)

Hmmm …perhaps the popular open source software company from across the ocean will start getting a lot more respect.

The products, in providing fuller access to information about what and how your system is doing, promise to make system management more practical and security maintenance more immediate.

The products being released this week at LinuxWorld integrate log file management with a variety of other tasks. They can simultaneously manage log files and collect and manage messages, traps and alerts as well as statistics from all system areas.

As one administrator commented on the blog of Splunk CEO Michael Baum, “Log file management is DEAD.” It is becoming just one side of the larger task of system management. For help on configuring Splunk, check out this tip.

Called “lockdown profiles,” these features enable IT managers to quickly assess systems for security and compliance with four distinct sets of security standards: PCI DSS (credit card security standards), JAFAN (Joint Air Force Army Navy), DCID (Director of Central Intelligence Directive) 6/3, and CIP (Critical Infrastructure Protection). The four profiles are an addition to the company’s product Security Blanket Enterprise Edition.

They are also the most recent in a series of releases from TCS in the past year. The LinuxWorld release of Security Blanket Enterprise Edition will also be able to take snapshots of system security configuration and then provide those snapshots for simplified comparison to previous configurations.

Security Blanket Enterprise Edition supports Red Hat Enterprise Linux versions 4 and 5, CentOS versions 4 and 5 and Oracle Enterprise Linux versions 4 and 5.