Feeds

Novell beefs software appliance kit

How to harden SUSE Linux

Top three mobile application threats

Novell says that its SUSE Appliance Toolkit is ready for primetime.

Today, the company released an expanded version of the kit - used to create software appliances based on the SUSE distribution of Linux - giving software vendors and corporations a set of tools that were missing from the appliance making service SUSE Studio and the initial release of the Appliance Toolkit.

SUSE Studio Online went into alpha in February 2009 without any management tools, and last July, when the Toolkit debuted, several of the key tools that ISVs and companies needed to use the tool were missing. Nonetheless, Matt Richards - senior program manager for the appliance program at Novell - estimates that some 110,000 unique SUSE Linux-based appliances have been created using SUSE Studio Online in that time, and about 1.4 million appliances created using the tool have been downloaded.

"We have seen just a tremendous uptake for Studio Online," Richards says, but it hasn't been a big money maker for Novell. "Now that we have the updated tools, this is where we are going to start to see the revenue uptick."

Not many ISVs and very few corporations want to use an online service to build the software stacks they deploy in production, and so Novell has announced the SUSE Studio Onsite, a local version of the appliance-making kit that companies can deploy on their own servers behind their own firewalls.

The SUSE Lifecycle Management Server, which manages the software license entitlements for appliances as well as patching and which was promised last summer, ships today too. Up until now, those making software appliances with the SUSE Studio tool had to come up with their own mechanisms for keeping track of licenses (important for helping ISVs and therefore Novell figure out what to charge for support contracts) and do their own patching.

The Appliance Toolkit also gets the promised WebYast module, which allows ISVs and corporate appliance makers to create their own configuration modules for SUSE Linux and the application stack in the appliances they make as well as allowing for remote configuration and management of a deployed software appliance.

SUSE Studio Online, SUSE Studio Onsite, and the Appliance Toolkit are free to ISVs building appliances for resale, but ISVs are expected to charge their customers for front end support and negotiate back end support from Novell when they sell their appliances. (This is all about making money, after all).

If corporations want to use the SUSE Studio Onsite and Appliance Toolkit to spin up Linux-based appliances, they have to pay $100,000 to get the tools and a $25,000 annual maintenance contract and then pay for SUSE Linux support contracts as they deploy appliances internally. Companies can, of course, use the freebie Studio Online appliance maker and toolkit and self-support their Linuxes.

With Red Hat having the dominant share of running Linuxes in corporations - here are no hard numbers for this, just a relative reckoning based on the respective support streams for RHEL and SLES - you might be thinking that Novell would be tempted to be inclusive with SUSE Online and the Appliance Toolkit, much as it was with the Open Build Service, which debuted in April 2006 for packaging up spins of the openSUSE development Linux and which was extended to support the spinning up of RHEL, CentOS, and Ubuntu instances throughout 2008.

Forget that idea.

"The business model here is to drive SUSE Linux and subscriptions for SUSE Linux Enterprise," says Richards. Of course, the whole point of the appliance business is that customers may not know - or care - that they are buying Linux. "Customers are buying a solution, such as QuickBooks on Lotus Foundations hardware appliances, not an operating system. This solution has an operating system, of course, but that is not what the customers care about. They just want QuickBooks."

Well, they care when an operating system crashes, and they certainly care that the price of the hardware/software appliance is as low as possible.

In a separate announcement, Trusted Computer Solutions, which peddles a tool called Security Blanket to harden the security of operating systems, now supports SUSE Linux 11 and openSUSE 11.

Security Blanket already supported the automatic assessing and locking down of security features on Red Hat Fedora 10 and Enterprise Linux 4 and 5, as well as the RHEL clones, CentOS 4 and 5 and Oracle Enterprise Linux 4 and 5 and Sun Microsystems' Solaris 10 (both x64 and Sparc versions). It adheres to various security standards from the Center for Internet Security (CIS), the Defense Information Systems Agency (DISA) Unix Security Implementation Technical Guide (STIGS), the SANS) Institute, the Payment Card Industry Data Security Standard, Director of Central Intelligence Directive (DCID) 6/3, and a number of other US government security procedures for systems. ®

Seven Steps to Software Security

More from The Register

next story
NO MORE ALL CAPS and other pleasures of Visual Studio 14
Unpicking a packed preview that breaks down ASP.NET
Captain Kirk sets phaser to SLAUGHTER after trying new Facebook app
William Shatner less-than-impressed by Zuck's celebrity-only app
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
Cheer up, Nokia fans. It can start making mobes again in 18 months
The real winner of the Nokia sale is *drumroll* ... Nokia
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Put down that Oracle database patch: It could cost $23,000 per CPU
On-by-default INMEMORY tech a boon for developers ... as long as they can afford it
Google shows off new Chrome OS look
Athena springs full-grown from Chromium project's head
Apple: We'll unleash OS X Yosemite beta on the MASSES on 24 July
Starting today, regular fanbois will be guinea pigs, it tells Reg
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.