Updated SUSE ALP Prototype Focuses On Confidential Computing

SUSE announced today the release of "Piz Bernina", its latest quarterly update to the SUSE Adaptable Linux Platform that is working to establish the next-generation SUSE/openSUSE computing platform.

Prior SUSE ALP prototype releases have upped the x86-64 micro-architecture feature level, enabled full-disk encryption, improved the new D_Installer, transactional system handling, and more. With today's "Piz Bernina" as their third ALP prototype, the focus is largely on confidential computing enhancements.

For SUSE ALP Piz Bernina the key highlights include:

- Confidential Computing: provides a Trusted Execution Environment that protects data in use by isolating, encrypting, and executing virtual machines. 

- Hardware and runtime attestation to verify the integrity of workloads and together with FDE (Full Disk Encryption) mark the starting point for end-to-end data security. 

- Foundation for future extended Confidential Virtual Machine support (CVM), covering support for more hardware vendors and making use of the most recent hardware for confidential computing.

- Integration of NeuVector: to support a secure ecosystem, ALP-users can run NeuVector to identify malicious behaviors and prevent those affecting the underlying host OS or potentially other containerized workloads. 

- Support for s390x architecture: in addition to the already supported x86_64 and aarch64 architectures.

- FDE (Full Disk Encryption) with TPM can now be selected at installation-time to support data security at rest. 

More details on today;s SUSE ALp Prototype #3 via the SUSE blog that also includes download images, including various pre-built VMs.