KernelCare Now Automatically Updates Linux Servers
With KernelCare, now available from CloudLinux, scheduled outages for security patches on Linux servers are now a thing of the past, giving organizations real-time updates.
KernelCare automatically applies Linux server security updates without having to re-boot, freeing technical personnel from the laborious process that takes several minutes for every server, several times a year.
“This is the equivalent of changing the engine on an airplane while it's flying," said Dan Olds, principal analyst, Gabriel Consulting Group. “I think this will be viewed as a no brainer purchase when you consider the cost of less than $50 annually per server for having the protection of kernel security updates without downtime.”
“In our experience, KernelCare has worked perfectly and we love it because we no longer have to suffer through performance issues related to re-booting servers,” said Wouter de Vries, founder and CEO of Antagonist, a web hosting provider in the Netherlands (www.antagonist.nl). “Plus, now we don’t have to wait to find a window of opportunity to apply security updates because those are done automatically as soon as they’re available.”
KernelCare loads patches using one module for greatest efficiency with no impact on performance since those take only nanoseconds. For container virtualization, like OpenVZ, there is only one Linux kernel to update no matter how many virtual servers are running on the physical host. If there are 100 virtual servers running on one physical host, each would have needed to be stopped and restarted. With KernelCare, patches are done automatically as soon as they become available, while the machine continues to run – no delay, no downtime.
“Today, system administrators have to re-boot a server to apply the latest kernel security updates, which come out every one to two months,” said Igor Seletskiy, founder and CEO, CloudLinux. “However, because they require a scheduled update (to minimize disruptions from downtime), they are often delayed – sometimes months or even years – which means the server is running with known security vulnerabilities. The problem of having to schedule downtime and then update and re-boot servers in a short period of time is a strain on resources for enterprises of every size. KernelCare solves this update and re-boot issue by providing live kernel patching without the need for the re-boot.”
