Red Hat Enterprise Linux 9.5 gains security, networking upgrades

Red Hat is out this week with the latest milestone update of its flagship Linux platform.

Red Hat Enterprise Linux 9.5 (RHEL) became generally available on Nov. 14, providing users of the platform with a long list of updates and improvements that impact nearly every aspect of IT and system operations. Red Hat Enterprise Linux 9.x first debuted back in 2022, with the company providing incremental updates every six months with additional features.

The latest version of the world’s leading enterprise Linux platform introduces more than 70 enhancements, ranging from advanced networking capabilities to improved container management tools. These updates aim to address key challenges faced by enterprise IT teams, including the growing complexity of modern infrastructure, the need for enhanced security in AI workloads and the demand for more efficient developer workflows.

Key updates in RHEL 9.5 include:

Enhanced confidential computing support for AI workloads
New file management capabilities in the web console
New system role for automated configuration at scale
Pre-hardened image configurations in Image Builder
BIND 9.18 support for enhanced DNS capabilities

Web console upgrades aim to ease RHEL management

Many enterprise Linux managers still rely on the command line interface (CLI) to manage the platform. Not all users however want to work in the CLI, some prefer a graphical user interface.

A standout feature in RHEL 9.5 is the significant expansion of the web console’s capabilities. This new addition provides a comprehensive file manager interface that enables administrators to perform everyday file management tasks without using the command line.

“Web console now includes a file management component provided by the cockpit-files package,” Scott McBrien, technical product marketing manager, RHEL, at Red Hat, told Network World. “It allows users to navigate the filesystem, upload new files to the machine, as well as regular file operations like copying, moving and renaming files.”

Enhanced networking infrastructure brings more IPv6 access

As an operating system platform that is used as the basis for enterprise, cloud and even telecom scale deployments, RHEL’s networking stack is of particular importance to users.

RHEL 9.5 introduces significant networking improvements designed to enhance connectivity and security across hybrid environments. The platform now supports simultaneous use of firewalld and nftables services, removing previous limitations that restricted administrators to one service at a time. Firewalld is a commonly used Linux firewall service while notables provides filtering and classification of network packets.

Also of particular note for networking professionals is the fact that the RHEL NetworkManager now supports connecting to IPsec VPNs that use IPv6 addressing.

“Previously, NetworkManager supported only IPv4 addressing when using the NetworkManager-libreswan plugin to connect to Internet Protocol Security (IPsec) VPN,” the RHEL 9.5 release notes state. “With this update, you can connect to IPsec VPNs that use IPv6 addressing.”

NetworkManager now also supports the ‘leftsubnet’ parameter for IPsec VPNs, enabling more sophisticated subnet-to-subnet configurations. Additionally, the nmstate utility gains support for the congestion window clamp (cwnd) option, providing better control over TCP traffic management.

Developer tools and container innovation

RHEL 9.5 marks a significant shift in developer tools with Java Developer Kit (JDK) 17 becoming the default Java implementation, replacing JDK 11. This transition brings improved application performance, faster code execution, and enhanced scaling capabilities while maintaining backward compatibility for existing applications.

Container management receives a major upgrade with Podman 5.2, introducing the Podman farm build feature. This enhancement enables developers to build multi-platform images on remote machines using a single command, streamlining the container development and deployment process across diverse environments.

Podman is Red Hat’s container platform that provides a competitive alternative to the Docker container technology.

Confidential computing security gets a boost

Security enhancements form a cornerstone of RHEL 9.5, with several strategic improvements to the platform’s security architecture.

The new sudo system role enables automated configuration of sudo privileges at scale, allowing organizations to delegate administrative tasks more securely while maintaining consistent configurations across their environment.

RHEL 9.5 also strengthens its position in confidential computing, particularly for AI workloads, by introducing enhanced protection mechanisms that help safeguard sensitive data while enabling AI systems to process large datasets securely. Image Builder now offers pre-hardened image configurations, embedding security best practices directly into system images from the start.

“Red Hat Enterprise Linux image builder now offers common security standards compliant builds such that the resulting image has install-time choices made to meet the selected standard,” McBrien said.

For example: Changing a running machine’s partition layout to have separate filesystems is difficult, but if those choices are made during the install, it becomes much simpler. He also noted that Intel SGX and AMD SEV support are in tech preview.

“These technologies encrypt virtual machine memory to obscure its contents from the system hypervisor,” McBrien said.

Web console upgrades aim to ease RHEL management

Enhanced networking infrastructure brings more IPv6 access

Developer tools and container innovation

Confidential computing security gets a boost

Read more Red Hat news