Announcement: i-Vertix4 Poller
i-Vertix4 Smart Poller is based on Oracle Linux 8 and replaces the current i-Vertix3 Smart Poller, whose support will end on 01.07.2024. i-Vertix4 main focus is on:
In the following post, we will dive into the most important changes in detail.
Oracle Linux 8?
We chose this operating system for various reasons. The most important topics for us were:
- Compatibility with RHEL 8
- Swift availability of updates by Oracle
- Oracle UEK R7 (Unbreakable Enterprise Kernel) enterprise features
- Long term support
i-Vertix4 Smart Poller is based on Oracle Linux 8, making it compatible with RHEL 8. Oracle Linux 8 has been available since 2019, and we are using the latest version 8.8. Oracle Linux 8 will be supported until 01.07.2029.
UEK R7 is built on Linux Kernel 5.15 (RHEL 8 is based on Kernel Version 4.18), an up to date kernel version which provides higher performance, greater stability, additional features, and improved support for new hardware.
For detailed information, please click here
With Oracle Linux 8, up to a 35 percent performance improvement, with respect to i-Vertix3 CentOS 7 can be achieved.
i-Vertix4 Smart Poller security has been emphasized and significantly enhanced. Security-related key features are briefly outlined below.
i-Vertix4 Smart Poller now supports native Secure Boot and UEFI. Secure Boot is a part of the UEFI specification designed to ensure the authenticity and integrity of crucial software components within the firmware. Critical parts of the firmware, such as the OS loader, will only if they have been authorized by a trusted entity. This measure helps prevent the presence of rootkits that can embed themselves before the operating system (OS) boots.
Cryptographic mechanisms (signatures) prevent the execution of untrusted software components. Keys within the UEFI firmware authenticate elements like bootloaders. A bootloader is executed only if it possesses a valid “signature.” If a signature cannot be verified or is invalid, the system will not boot. For instance, if the bootloader’s signature does not match the one expected by the UEFI firmware, the system won’t start.
i-Vertix4 Smart Poller has SELinux enabled by default.
Security-Enhanced Linux (SELinux) is a security architecture for Linux systems that provides administrative teams with even more control over who can access the system. It was originally developed by the US National Security Agency (NSA) through a series of patches applied to the Linux kernel using Linux Security Modules (LSMs).
SELinux was released to the open-source community in 2000 and integrated into the Linux upstream kernel in 2003.
Just like in the i-Vertix3 Poller, the new version includes Fail2ban to prevent brute force attacks.
In the event of 3 incorrect login attempts originating from the same IP address within 10 minutes, that IP address will be automatically blocked for 30 minutes, denying access to the system.
If necessary, Allow Lists can be created to exclude specific IP addresses.
Level Up Your Security and Performance with TLS 1.3 Support and new Smart Poller Hardware
Enhanced Hyper-V support
With i-Vertix4 Smart Poller, overall support for all hypervisors (VMware, KVM, Hyper-V, etc.) has been enhanced. Particularly for Microsoft Hyper-V, there are several important additions:
- Support for Hyper-V Gen2 VMs
- Hyper-V tools
These improvements guarantee a better integration of i-Vertix4 Smart Poller in Hyper-V environments, significantly enhancing security and performance. .
In all virtualization environments, Secure Boot and UEFI are of course available
TLS 1.3 Support
i-Vertix4 Smart Poller now supports the TLS 1.3 protocol, which allows websites monitoring.
Support for i-Vertix Pro S3
i-Vertix4 Smart Poller also introduces support for the new i-Vertix Pro S3 hardware, which brings substantial improvements in performance, security, and industrial suitability.
Of course, i-Vertix4 Poller is backward compatible with i-Vertix3 hardware products.
i-Vertix4 Smart Poller offers numerous advantages, and transitioning can be done gradually by replacing the existing pollers with the new version, provided you are currently using i-Vertix 3.11. This enhances security while providing you with a technology that remains available in the long term.
Starting from September, all new pollers will only be shipped with the new version. We are, of course, available at all times to address any inquiries you might have. Please feel free to reach out to us without hesitation.
You can find a detailed upgrade procedure on i-Vertix KB: Knowledge base – How to migrate from i-Vertix3 Poller to i-Vertix4 Poller – i-Vertix