Review: Red Hat Linux 4.0 offers power, security

Review: Red Hat Linux 4.0 offers power, security

With the rollout of Red Hat Enterprise Linux 4.0, the red carpet treatment may be warranted. In our Clear Choice test of this operating system package (we tested RHEL 4.0 Advanced Server, Red Hat's most robust Linux distribution), we found huge performance gains over previous editions, beefed up security options and vastly improved hardware detection mechanisms.

The increased speed comes by way of the new Linux 2.6.9 kernel. RHEL 4.0 posted numbers in our Web transactional test that showed a 23 per cent hike over the numbers posted by RHEL 3.0 on identical hardware.

More secure

The increase in security comes by way of an optional Security Enhanced Linux (SELinux) kernel modification. These SELinux modifications - which are compiled into the Linux kernel by default at installation - get rid of root user and hierarchical privilege vulnerabilities.

This is the first time these methods have been included in an enterprise distribution. They are designed to improve security by directly controlling application access to operating system services. SELinux provides configuration control of every privileged service running inside its environment.

These links prevent root user-access manipulation from exploits attempted against a server.

In practical use, SELinux can keep in check applications that attempt to claim privilege higher than those already established by user and group permissions. These applications can then be configured to limit their action to specific up-privileged resources, rather than those privileges connoted by user access.

Strict enforcement of privilege might stop (especially older) applications, but SELinux log files can then be used to alter services or fix applications so that they can run inside this more secure environment. There are older Unix/Linux/BSD applications that might try to make unapproved calls to printing services or older device code running on a server. To get these working inside the SELinux environment, you'd have to make changes to the Linux configuration file. We experienced such a problem with an older printing application, but we could make it work inside the SELinux parameters by adding a single line to the configuration files.

Better detection

The better hardware detection is brought to the operating system by way of improvements in Anaconda, Red Hat's hardware installer/detector. This program made no mistakes in our diverse server platform compatibility tests.

The use of faster CD-ROM drivers was a small pleasure. This made installation via CD faster than it was with previous editions. We configured PXE boot, and found that this was the easiest and fastest method of populating the many servers we tested for compatibility.

Red Hat has also significantly boosted its list of detectable devices - especially in troublesome areas such as embedded SCSI controllers and un-usual network cards. Hardware changes, such as the change or addition of items like host-bus adapters and USB devices, were handled flawlessly.

Sun's NFS Version 4 is supported by RHEL 4.0. Our testing of this new file system support - while limited by our test network - showed both faster mounts and dismounts than we've seen in past Linux tests. We also noted faster file system access from within applications. This version is backward compatible with NFS Version 3, and we were able to easily mount and dismount file systems across platforms.

Performance of RHEL 4.0 was very good to excellent overall, and a marked improvement over RHEL 3.0. We conducted tests on several platforms to gauge improvements between RHEL versions, as well as a comparison between 32- and 64-bit versions.

These tests measured the operating system's ability to handle Web connections and Web-based transactions. We ran Apache 2.0.3 on top of RHEL 4.0 on each machine. The Linux 2.6.9 kernel gives Red Hat the same speed boosts in our 32-bit tests that we saw when we tested Novell's SuSe Linux Enterprise Server 9.0 when it first sported the new kernel.

The performance of RHEL 4.0 on a 64-bit platform also runs circles around the same code compiled, and running on, a 32-bit box. The ability of the twin-CPU AMD64 Polywell 2200S server used in this test to support Non-Uniform Memory Access techniques likely contributed to the improved 64-bit scores.

Improved disc management

User and services management in this Red Hat package can be done through manual configuration, or by using simple drop-box configurations from the default open source user interface, Gnome. Red Hat's disk management has been improved via a new version of its Linux Volume Manager (LVM2). We tested LVM2 using RAID configurations on HP hardware, as well as mounting and dismounting storage-area network resources. The LVM2 application allows dynamic partitioning without halting disk/volume/partition resources during changes. Formatting new partitions is simpler overall, and the information is more logically presented.

Red Hat continues to polish Linux by paying attention to security and speed. On the surface, it looks like the same old Red Hat, but under the hood it's got a souped-up engine with enhanced safety features.

The hard facts

Red Hat Enterprise Linux Version 4 - Advanced Server

Overall rating: 4.63

Company: Red Hat

Pros: Improved performance; better security with SELinux extensions; outstanding hardware detection.

Con: Some applications might need modifications to run within new security parameters.

The Breakdown

Installation/integration 25 per cent 4.75

Performance 25 per cent 4.75

Management/administration 25 per cent 4.5

Security 25 per cent 4.5

Total score 4.63

Scoring key: 5: Exceptional; 4: Very good; 3: Average; 2: Below average; 1: Consistently subpar.

Local information

RRP: Pricing ranges from $449 up to $25,714.

The product is distributed in Australia by Ingram Micro.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments