Subscribe

How KernelCare IoT Works

Allocates kernel memory loads new, secure code into it

Momentarily freezes all processes in a ‘safe’ mode

Modifies original functions and jumps to new secure code, ensuring old (vulnerable) code can never run

Unfreezes all processes and resumes

In 2020, KernelCare IoT has become available for patching of AWS Graviton2 ARM64 processors.

 

Watch the demo to see how KernelCare for IoT secures EC2 A1 instances running AWS Graviton2 ARM64 processors in real-time.

Supported Distributions & Chipsets

KernelCare for IoT provides on-the-fly updates for Linux kernels on ARM64.

Supported Distributions
and 15+ other Linux distributions

Supported Chipsets

KernelCare IoT Integrates with Microsoft Azure IoT Hub

Featured on

Frequently Asked Questions

TuxCare is a service that helps organizations take care of support, maintenance and security of Enterprise Linux systems. The portfolio of TuxCare services include:
  • KernelCare Enterprise – live patching for Linux kernels. A subscription with out-of-the-box integration with automation tools & vulnerability scanners, priority support, and a separate ePortal server. It is specially tailored for larger server fleets.
  • LibraryCare Add-on for KernelCare Enterprise – Live patching for shared libraries.
  • KernelCare IoT – live patching for Linux kernels on ARM 64. KernelCare for IoT protects devices with on-the-fly kernel updates. The pricing is custom-based and only provided after a POC stage.
  • QEMUCare –Live patching for QEMU/KVM-based virtualization. The service is aimed to eliminate orchestration and migration of the QEMU/KVM-based VMs. With QEMUCare, the entire virtualisation host patching process is turned into a one-time setup of the agent.
  • DataBaseCare –Live Patching service for MySQL, MariaDB, PostgreSQL and other enterprise open source databases. The service keeps your applications running while your database backend is updated, enhancing database performance, reliability, security and compliance.
  • Extended Support Services – Patches and updates for all Enterprise Linux components & 24/7 incident support. Available for CentOS 6, Oracle Linux 6, Ubuntu 16, Debian 9.
  • Linux Support Services – Basic support package for enterprises using AlmaLinux OS in production infrastructure.
TuxCare doesn’t have a services trial available, but we do individual POCs for Enterprise companies. A 30-day money-back guarantee is available for all subscriptions.
  • The KernelCare team is constantly monitoring security mailing lists to check for vulnerabilities. As soon as one is found, the team prepares a patch and then sends it to distribution servers.
  • An agent will run a process on your device, checking with the distribution servers every 4 hours until it finds a new patch and then safely apply it to the running kernel without needing to stop it.
  • A special kernel module is used to apply the patches. It first loads the update into the kernel address space, then it places relocations on the original code/data to make sure the code block doesn’t execute during the update. Once finished, it will safely switch the execution path from the original to the updated code and then make sure the old code will never run again.
  • KernelCare does all of this instantly, automatically, and without service interruptions.
  • For Enterprise teams, we recommend scheduling a demo with a TuxCare technical engineer. They will collect your system requirements, assist with TuxCare services’ set up on your systems, and ensure you get the best price quote.
  • If your systems are running behind the firewall – contacting sales is the only option because using TuxCare will require an ePortal secure patch server setup.
Full FAQ

Setting up live patching on IoT devices requires a customized approach.

Fill up the form and TuxCare engineers will reach out to you with the next steps.

Contact TuxCare Experts

Privacy Policy and Terms & Conditions

Add more security with other Live Patching Services by TuxCare

Automated live patching for Linux Kernels with centralized management & common automation and vulnerability management tools integration.

Learn More
Library

That detects and patches shared libraries in-memory without disrupting the applications using them.

Learn More
QEMU

Protects enterprise virtualization stack with live patching that does not affect virtual machines or requires migrating them to other servers.

Learn More
DataBase

Keeps the enterprise’s most important asset, data, safe by live patching the database provider, MySQL, MariaDB or PostgreSQL, without interrupting the applications that depend on it.

Learn More

Automated live patching for Linux Kernels with centralized management & common automation and vulnerability management tools integration.

Learn More
LibraryCare add-on for

That detects and patches shared libraries in-memory without disrupting the applications using them.

Learn More
QEMU

Protects enterprise virtualization stack with live patching that does not affect virtual machines or requires migrating them to other servers.

Learn More
DataBase

Keeps the enterprise’s most important asset, data, safe by live patching the database provider, MySQL, MariaDB or PostgreSQL, without interrupting the applications that depend on it.

Learn More

SERVICES

Communicate

Resources

About

+1 (800) 231-7307

[email protected]

Twitter Youtube Facebook-f Linkedin-in
ITWA-2021-Gold-PNG
sam-frame

© 2021 All rights reserved. CloudLinux Inc.

Terms of Use | Privacy Policy | DMCA Notice | Legal

Your compare list

Compare
REMOVE ALL
COMPARE
0