Update Shared Libraries without Reboots with KernelCare+

redhat logoubuntu logo oracle logocentOSdebian logoamazonCloudLinuxopenVZproxmoxelReporaspbianyocto logo

 

Sign up for
I'd like to receive information about KernelCare.
 
By clicking Start Trial Now button, you agree with our Privacy Policy .

To operate servers securely, it’s not enough to patch their Linux kernels. Their shared software libraries must be patched as well. Otherwise, an enterprise lays itself open to attacks that exploit vulnerabilities such as Heartbleed or GHOST.

The usual way that enterprises deal with library vulnerabilities is by rebooting their servers. Admins rarely know exact libraries that services were using, so they just reboot the whole server to update them all. These reboots, however, bring serious problems:

1. Server downtime: When servers are down, websites go down, and display only error messages to visitors. After rebooting, it can take some time for server performance to stabilize, and occasionally servers don’t come back up properly after a reboot.

2. Windows of vulnerability: Because rebooting is laborious and problematic, enterprises often only do it on a periodically scheduled basis, leaving their servers open to attack. Even if they reboot every 30 days to comply with security standards, their servers may be vulnerable for two weeks or more.

In case servers have been patched manually, without a reboot, shared libraries may still contain vulnerabilities. When libraries are updated on disk, old unpatched files can persist in a server’s memory. Also, vulnerability scanners don’t detect these old unpatched library files in memory.

KernelCare+ patches shared libraries without rebooting. The package includes:

Linux kernel patching;
glibc patching;
OpenSSL patching;
Puppet, Ansible, Chef integrations and deployment assistance;
Nessus, Qualys, and Rapid7 integrations and reporting setup assistance;
ePortal for enterprises who require a private patch server inside their secured environment;
Premium Support 24/7 with LiveChat.
ipad2
Learn more on how KernelCare+ keeps servers safe

Watch the KernelCare+ review by LearnLinuxTV

Our Customers
Dell and 1,500+ Enterprise companies
zoom white
netweaver white
liquidweb white
affinitywater white
KernelCare provides services that make server management easy, particularly with regard to security. Not needing to restart a server to get the latest kernel security updates is essential for business-critical applications that can't be taken down for patches. Additionally, their solutions allow some legacy applications to remain secure when alternative options are not available on the market or would be cost-prohibitive to implement.
Justin Jett
Director of Audit and Compliance, Plixer
KernelCare keeps a vital part of our services updated without having downtime from reboots - with all the recent Intel exploits this has been even more valuable than ever. KernelCare also adds additional security to the Kernel making it seem even better value for money. I use it across all our server fleet and would recommend it to all Linux administrators.
Philip Rawlinson
Technical Director, Netweaver
We have come to consider KernelCare as an essential service. The downtime that reboots cause is a disruption for customers, and nuisance for admins, that can be easily avoided with KernelCare.
Joe Oesterling
Chief Technology Officer, Liquid Web
We have been using KernelCare at our EC2 instances and web hosting servers for a long time. We do not run EC2 instances without KernelCare because we think that this is fundamental to bring security and reliability to our company and customers.
Alex Wojtowicz
Owner, Warpnet

KernelCare+ Pricing

Simple and Straightforward, Perfect for medium & large enterprise companies (500+ servers)

1-500
SERVERS
$5.95
per server month
$71 per server year
500+
SERVERS
$3.95
per server month
$47 per server year

Or ask your questions about KernelCare+ right below

The KernelCare team will reply immediately.