Over the last couple of weeks and months I looked a bit more into Linux than before and especially Red Hat. Just to check out what new features and technologies it offers and also if anything might have improved that was already offered in the past. The list of possible topics for posts about comparisons between Linux and Unix and pros and cons grew rapidly and was too long. But one thing became clearer and clearer – Enterprise is not enterprise. Putting the word enterprise in your name is not either.
Calling yourself Enterprise is not the same as being called enterprise.
As I mentioned, the list of topics is long but there is a perfect example that I want to use in this post to emphasize my statement above.
One might get the feeling that I believe Linux or in this case Red Hat is totally garbage. No, it’s not. There are things it fits better than Solaris. But now it is about enterprise. The Red Hat Product Security Center for example is fantastic. I love it. Lots of information and tools to stay on top of security topics.
But at the same time the Red Hat Product Security Center is making me wonder why the name of the Linux distribution includes the word Enterprise.
As Red Hat shows on their website they are able to provide a great value of data in terms of compliance, cve, etc., but where is this value when it comes to the operating system? Gone!
Openscap has been available in Red Hat Linux longer than in Oracle Solaris but just making it available is nothing but a nice offer that takes the work of downloading and installing away from the customer and that’s it. That’s just as much enterprise as offering a shell with default settings or any other application/program.
I am well aware that the meaning of the word enterprise depends on quiet a lot of factors and mostly just on the subjective point of view. It might be facts like scalability, stability, usability, different performance aspects or the rate of consolidation one can achieve by using the product. These and many others are important but often depend on what you need it for.
One thing though always matters and that’s the rate and quality the product improves and matures. Wouldn’t it make you sad and mad at the same time when you have to put quiet a lot of time, nerves and effort into something that is already there but not passed on to you as a customer? Have you ever used the openscap command? As great as the tool is just as annoying it is to use and especially to get going with it. As usual, once you get the hang of it it’s ok. But really not more than that. What happened the last couple of years while the security topic got pushed all the way to the front of IT? Well, let’s look at the facts. Red Hat created a nice, no actually an extremely nice, website with a fantastic security section. You will get all the information on for example current CVEs that you want and need. Really enterprise like if you ask me! Chapeau! Love it. I actually use it as an example of what I expect when I talk to the Oracle Solaris team. Yesterday was the last time even. :-) Greetings, guys.
So obviously there was some work that happened on the compliance topic. Here is what did not happen over the years. Nothing close to what the Red Hat Product Security Center offers can be easily done when you are running a Red Hat Enterprise Linux server. Let me just show you a “simple” command used to start a compliance run of a certain benchmark for RHEL and Solaris.
# oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_rht-ccp --results scan-xccdf-results.xml /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml
# compliance assess -p pci-dss
In case you want to run the benchmark and profile that is set as the default you even only need the following:
# compliance assess
Can you tell the difference? This is a customer orientated implementation. And again, it is just one small example.
Well, there really is not much more to say. I just much rather spend money on enterprise features and implementations than Enterprise names.
For all the admins and engineers go and check it out. And even if you don’t want to use Solaris and just simply can’t bother your OS vendor. Sorry it is RHEL in this case but that’s just because I am closer to RHEL than to other distributions.
All in all, I promise you, it is worth checking it out! Have fun.