Red Hat Enterprise Linux 7.4 introduces support for Network Bound Disk Encryption (NBDE), which enables the system administrator to encrypt root volumes of hard drives on bare metal machines without requiring to manually enter password when systems are rebooted.
USBGuard software framework provides system protection against intrusive USB devices by implementing basic whitelisting and blacklisting capabilities based on device attributes.
OpenSSH libraries update includes the ability to resume interrupted uploads in Secure File Transfer Protocol (SFTP) and adds support for a new fingerprint type that uses the SHA-256 algorithm. This
OpenSSH version also removes server-side support for the SSH-1 protocol.
Multiple new Linux Audit capabilities have been added to enable easier administration, to filter the events logged by the Audit system, gather more information from critical events, and to interpret large numbers of records.
OpenSC set of libraries and utilities adds support for Common Access Card (CAC) cards and now provides also the
CoolKey applet functionality.
OpenSSL update includes multiple enhancements, such as support for the Datagram Transport Layer Security (DTLS) version 1.2 protocol and Application-Layer Protocol Negotiation (ALPN).
OpenSCAP tools have been NIST-certified, which enables easier adoption in regulated environments.
The System Security Services Daemon (SSSD) in a container is now fully supported. The Identity Management (IdM) server container is available as a Technology Preview feature.
Users are now able to install new Identity Management servers, replicas, and clients on systems with FIPS mode enabled.
Several enhancements related to smart card authentication have been introduced.
NetworkManager supports additional features for routing, enables the Media Access Control Security (MACsec) technology, and is now able to handle unmanaged devices.
Kernel Generic Routing Encapsulation (GRE) tunneling has been enhanced.
Storage and File Systems
LVM provides full support for RAID takeover, which allows users to convert a RAID logical volume from one RAID level to another, and for RAID reshaping, which allows users to reshape properties, such as the RAID algorithm, stripe size, or number of images.
You can now enable SELinux support for containers when you use OverlayFS with Docker.
NFS over RDMA (NFSoRDMA) server is now fully supported when accessed by Red Hat Enterprise Linux clients.
The Performance Co-Pilot (PCP) application has been enhanced to support new client tools, such as
pcp-pidstat. Additionally, new PCP performance metrics from several subsystems are available for a variety of Performance Co-Pilot analysis tools.
For more information on the high availability features introduced in this release, see Chapter 6, Clustering
Management and Automation
Red Hat Insights
Since Red Hat Enterprise Linux 7.2, the Red Hat Insights service is available. Red Hat Insights is a proactive service designed to enable you to identify, examine, and resolve known technical issues before they affect your deployment. Insights leverages the combined knowledge of Red Hat Support Engineers, documented solutions, and resolved issues to deliver relevant, actionable information to system administrators.
Red Hat Customer Portal Labs
Red Hat Customer Portal Labs
is a set of tools in a section of the Customer Portal available at https://access.redhat.com/labs/
. The applications in Red Hat Customer Portal Labs can help you improve performance, quickly troubleshoot issues, identify security problems, and quickly deploy and configure complex applications. Some of the most popular applications are: