Rocky Linux from CIQ (RLC)
What is Rocky Linux from CIQ (RLC)?
Rocky Linux from CIQ (RLC) enables customers to confidently deploy Rocky Linux into production environments. It builds upon the Rocky Linux community edition with added compliance, indemnification, and supply chain validation guarantees.
What is included with RLC?
Rocky Linux from CIQ provides a commercial and compliance layer on top of the community edition of Rocky Linux, guaranteed security patches, and validated/verified packages through a trusted repository hosted by CIQ. It brings an enterprise-ready experience through service level objectives (SLOs), timely CVE remediations to provide seamless OS updates, and legal indemnification for product use.
CVE Remediations
- Community: Patches for vulnerabilities (CVEs) are normally managed by the community, with best-effort timing for their release. There are no guarantees for when patches will be incorporated into Rocky Linux.
- CIQ: CIQ provides service level objectives (SLOs) to guarantee CVE patches, ensuring deployments remain secure and compliant and IT teams aren’t left fending for themselves in the event of patch embargoes or zero-day disclosures.
Dedicated Repositories
- Community: Rocky Linux packages are mirrored by independent sites with no guarantee of release timing, update cadence, availability or content accuracy.
- CIQ: CIQ ensures package and repository quality by verifying content, offering indemnification, and distributing packages through secure U.S.-based repositories. This adds a layer of accountability and authenticity to the software supply chain.
Indemnification
- Community: The Rocky Linux distribution does not come with any extra legal indemnification from the community of maintainers. Users are therefore open to potential infringement claims related to open source software packaged with the distribution.
- CIQ: RLC comes with legal indemnification protections out of the box. This gives enterprise users the extra peace of mind needed to trust and run open source software with mission-critical workloads.
Technical Feature List
- Rocky Linux/RHEL 1:1 Compatibility – Identical to Rocky Linux and completely compatible with upstream RHEL. This makes RLC an easy drop-in replacement.
- CVE Remediation – Accelerated patching with SLOs
- Package Supply Chain Validation – Verified packages hosted on U.S.-based repositories
- SLO on Security Updates – Guaranteed update and patch release timelines
- Repository Access – Secure access to a CiQ hosted mirror for all packages
- Migration Script – Seamlessly migrate existing Rocky Linux systems to CIQ repositories
FAQ
Does RLC include support when you get it from CIQ?
Support is available separately, so you can pick and choose only what you need!
Is RLC compatible with RHEL?
Yes, it is fully compatible with RHEL.
Is pricing based on a subscription model?
Yes, Rocky Linux from CIQ is priced with an annual subscription.
Are there any technical differences between Community Rocky Linux and Rocky Linux when gotten from CIQ?
No, it is identical!
And even though CIQ provides end-to-end supply-chain validations - we don’t re-sign or tamper with the upstream packages. This ensures a transparent fit for everyone currently running Rocky Linux in their environments, meaning nothing new to test or validate.
Support Information
Rocky Linux from CIQ is available with or without support. If you would like enterprise-level support, please reach out to us at info@ciq.com or check out our support page here!
