RLC Pro Hardened
RLC Pro Hardened is an enhanced, security-focused edition of Rocky Linux from CIQ designed for organizations in regulated or high-security environments.
RLC Pro Hardened builds upon Rocky Linux's trusted foundation - offering full RHEL compatibility - while integrating advanced security features, real-time threat detection, and out-of-the-box compliance with major standards like DISA STIG, CIS Benchmarks, and FIPS 140-3.
Whether you're securing critical infrastructure, managing sensitive data, or enforcing strict security policies, RLC Pro Hardened helps reduce risk, improve audit readiness, and streamline security operations in enterprise Linux environments.
Key Security Features
RLC Pro Hardened includes comprehensive security enhancements designed to protect against modern threats:
Core Package Hardening
- glibc hardening: Removes unsafe environment variables when crossing privilege boundaries
- OpenSSH hardening: Reduces attack surface through removal of non-essential libraries
- Kernel hardening: Enhanced security configurations and runtime protection
- Memory protection: Advanced malloc hardening to prevent memory corruption attacks - see the Hardened Malloc Guide
Runtime Security
- Linux Kernel Runtime Guard (LKRG): Real-time kernel integrity checking - see the LKRG Guide
- Memory corruption detection: Advanced protection against buffer overflows and memory exploits
- Kernel integrity monitoring: Continuous verification of kernel code and critical data structures
Enhanced Security Policies
- Stronger password policies: Enforced complexity and rotation requirements
- SSH restrictions: Hardened SSH configurations with reduced attack surface
- File system permissions: Stricter access controls and permission schemes
- Network security: Enhanced firewall rules and network access controls
Compliance Frameworks
- DISA STIG: Security Technical Implementation Guide compliance
- CIS Benchmarks: Center for Internet Security hardening guidelines
- FIPS 140-3: Federal Information Processing Standard cryptographic compliance
- Common Criteria: International security evaluation standards
See the Security and Compliance section for FIPS enablement, security profiles, and verification scripts.
Getting Started
Sign up at portal.ciq.com and follow the Getting Started guide for download, deployment, and initial configuration.
RLC Pro Hardened can be deployed via:
- Bare Metal ISO - Install directly on physical hardware
- KVM/QEMU - Deploy as a virtual machine using QCOW2 images
- Cloud - Pre-configured images on AWS, Azure, and GCP
See the Installation section for hardware requirements and step-by-step installation guides, or the Cloud Deployment section for cloud-specific guides.
Service Level Objectives (SLO)
RLC Pro Hardened includes the same commercial guarantees as Rocky Linux from CIQ, with additional security-focused SLOs:
- Timely Security Updates: Updates from upstream Enterprise Linux within 30 days of general availability for all supported versions
- Critical Security Response: Best efforts for remediating or mitigating critical security vulnerabilities within 30 days of a fix being available
- Hardening Updates: Security hardening improvements and new threat protections delivered through regular updates
- Compliance Maintenance: Ongoing updates to maintain compliance with security frameworks and standards
RLC Pro Hardened vs RLC
| Feature | RLC | RLC Pro Hardened |
|---|---|---|
| 1:1 compatibility with Enterprise Linux | ||
| Security hardening by CIQ | ||
| Linux Kernel Runtime Guard (LKRG) | ||
| Memory corruption protection | ||
| Enhanced malloc hardening | ||
| Pre-hardened compliance images | ||
| FIPS 140-3 certification | Compliant | |
| Advanced attack detection | ||
| Supply chain validation by CIQ | ||
| SLO on security updates | ||
| Limited indemnification | ||
| Priority dedicated access to repositories | ||
| Professional support with SLAs | Available | Available |
Use Cases
RLC Pro Hardened is ideal for:
High-Security Environments
- Government agencies and contractors
- Defense and military applications
- Critical infrastructure operations
- Financial services and banking
Regulated Industries
- Healthcare systems handling PHI
- Financial institutions with PCI DSS requirements
- Government contractors requiring FedRAMP compliance
- Organizations subject to HIPAA, SOX, or other regulatory frameworks
Enterprise Security
- Companies with strict security policies
- Organizations requiring security certifications
- Businesses with valuable intellectual property
- Environments processing sensitive customer data
Admin Guides
The Admin Guides section covers day-to-day management of RLC Pro Hardened security features, including LKRG, hardened malloc, and the control tool.
Release Notes
See the Release Notes for version history, new features, and security updates.
Support
- Technical Support: Professional Linux support available from CIQ Support
- Training: Training programs available for RLC Pro Hardened administration and security management
- Sales: For pricing, licensing, and enterprise trials, contact CIQ Sales or visit the CIQ website