Rocky Linux from CIQ

Technical Overview

Rocky Linux from CIQ (RLC) is the go-to solution for organizations that need a secure, compliant, and reliable operating system without the costs and complexities of legacy providers. CIQ has enhanced the community-driven Rocky Linux with indemnification, service level objectives, and package validation, ensuring peace of mind for businesses across sectors, especially in highly regulated industries.

Why choose Rocky Linux from CIQ?

RLC is the same Rocky Linux you know and love — a bug-for-bug compatible version of Red Hat Enterprise Linux (RHEL) — with value-added services like:

Service Level Objectives (SLO)

Security patches within 30 days of release.

Supply chain validation

Packages in RLC are verified by CIQ, ensuring the safest possible deployment.

Indemnification

Legal peace of mind for claims of infringement related to use of open source software.

Unlimited deployments

Deploy across on-premise and cloud environments at no additional cost.

CIQ is fully aware that organizations in regulated industries (e.g. healthcare, finance, government) need security assurances and compliance certifications. RLC is a commercially-backed Linux distribution that ensures compliance, accountability, and support — without being locked into long-term, expensive contracts. It’s ideal for businesses of any size, from SMBs to global enterprises, no matter where their infrastructure resides.

Key features

Rocky Linux from CIQ is designed for organizations that require enterprise-grade performance, reliability, security, and compliance.

Enterprise Linux

Rocky Linux is an open source, bug-for-bug compatible version of RHEL.

Latest Rocky 8 and 9 versions

Rocky 8.10 will be under LTS through 2029 while Rocky 9 will update to the latest minor version every six months.

Available Everywhere

RLC is available through CIQ’s interface and CLI. Coming soon to Azure, AWS, GCP, and OCI.

Tested and Validated Supply Chain

CIQ tests new builds of Rocky Linux and validates the package chain of trust prior to deployment.

SLO Security Update

CIQ will ensure fixes are published within a month of a patch being available.

SLO Image Freshness

CIQ has a target of all Rocky Linux updates being present within the cloud within four weeks of deployment, with respect to current cloud listing review delays.

Based in the US

Headquartered in the US, CIQ takes pride in maintaining a predominantly US-based development team, ensuring a strong security posture for handling highly secure government workloads and critical infrastructure

Reliable US-based Content Mirrors

CIQ hosts dedicated repositories for RLC customers in US-based datacenters that are mirrored across time zones and cloud regions.

Feature	Rocky Linux Community	Rocky Linux from CIQ
1:1 compatibility with Enterprise Linux	Yes	Yes
Supply chain validation by CIQ	No	Yes
Package Validation and confirmation by CIQ	No	Yes
SLO on security updates	No	Yes
Limited indemnification	No	Yes
Priority dedicated access to repositories	No	Yes
Professional support with SLAs	Available	Available
Guarantees on security updates	No	Yes
FIPS 140-3	No	Available
Cloud-specific content mirrors	Yes	Yes
Paid support options	Yes	Yes

Service Level Objectives (SLO) for Rocky Linux

Open source communities are excellent sources of innovation, but don’t always move at the speed of business. RLC will ensure you get business-critical updates at a commercial release cadence. With RLC’s SLOs, releases can be expected within one month of enterprise Linux point releases.

Timely Security Updates

RLC will receive updates from upstream Enterprise Linux within 30 days of general availability for all supported versions of Rocky Linux. In the rare instance that unforeseen challenges arise, CIQ remains committed to keeping you informed with regular updates, ensuring you have a clear view of progress and anticipated delivery timelines. Our proactive approach ensures we can adapt and continue moving forward, all while keeping your goals in focus.

Critical Security Response

RLC will receive best efforts for remediating or mitigating critical security vulnerabilities within 30 days of a fix being available. CIQ will prioritize customer security by providing regular status updates, ensuring transparency throughout the resolution process. Our professional services team will be available to aid with mitigation efforts, whether through existing support agreements or additional engagements. CIQ is committed to keeping customer systems secure and operational.

Frequently Asked Questions

RLC includes all repositories available from the RESF with CIQ-built images, isos, and Container Images. Mirrors are available to RLC customers across regions and clouds, with a convenient script available for pointing your instances at the correct repositories. Subscriptions and team access can be managed through the CIQ website.

Subscribers to RLC get access to the following services:

Access to the latest versions of the enterprise-grade, Red Hat Enterprise Linux (RHEL) compatible Rocky Linux.
Commercially-backed mirrors based in the US and available close to your servers.
Two additional repos - CIQ Extras and CIQ Fast Track - which contain tools like migration scripts and will contain security patches if and when necessary.
Indemnification for claims of infringement related to use of open source software.
Critical security issues and CVEs will be provided through the CIQ Fast Track if there is a risk of SLO breach (one month after a fix is released upstream).
A migration script which can be used to point your existing instances to RLC repositories or back to community repositories as needed.

Yes. Linux support from CIQ is available as an add-on.

If RLC subscription is purchased through CIQ, the license can be used on any cloud marketplace. If an RLC subscription is purchased through a cloud marketplace, it can only be used in that marketplace.

There is a 10TB egress limit annually, at which point you will engage with CIQ Account Managers for options.

Rocky Linux from CIQ always provides the latest versions of Rocky Linux 8 and Rocky Linux 9.

The upgrade cycle for RLC follows the six-month minor release cycle for Rocky 9, while Rocky 8 is at its final version of 8.10 through 2029. CIQ recommends updating at least once per week to get the latest package updates containing bug and CVE fixes.

RLC is available from the cloud marketplaces (AWS, OCI, Azure, and GCP) and through the CIQ for on-premise usage.

CIQ tests new builds of Rocky Linux and verifies that the packages in the repositories are cryptographically validated. CIQ also validates that the dependencies are met and come from the original Rocky Linux source.

CIQ is a founding and ongoing sponsor of Rocky Linux. We strongly encourage everyone to try and use Rocky Linux from the community, it is a great product. Depending on your use case, there is no reason not to get Rocky from the community. For businesses seeking to mitigate risk or satisfy requirements, their OS needs to come from a private entity which provides guarantees the community cannot or will not provide.

CIQ sponsors Rocky Linux and gives back significant development efforts to the community. In particular, Long Term Support (LTS) patches are contributed back and the 140-3 FIPS certification is a gift to the community.

RLC supports x86_64 and aarch64.

A simple dnf update will keep you up to date.

Once subscribed to Rocky Linux From CIQ (RLC), you will have access to a script which can be used to point your repos at the correct sources on your existing instance.

Rocky Linux is an RPM-based Linux distribution that uses DNF as its preferred package management tool.

Subscriptions are managed through the CIQ interface or through your Cloud Marketplace account, depending on where it was purchased.

You will lose access to the repository and will no longer be covered by CIQ.

There are many ways to migrate to Rocky Linux. If you seek professional guidance on the move, please contact sales@ciq.com.

Minor version upgrades happen naturally over the course of time, with no action required.