Maintaining operational stability while securing infrastructure against an ever-growing list of vulnerabilities is a daily balancing act. Red Hat Lightspeed provides the core services required to manage your infrastructure at scale.
However, getting the most out of these services requires making a strategic decision: How should your infrastructure connect to Red Hat Lightspeed?
The process of choosing a deployment architecture goes beyond engineering; it must also take business strategy into account, as it affects your data privacy, infrastructure costs, and operational agility. Red Hat Lightspeed offers 3 distinct architectural models, outlined in Figure 1.
Figure 1. Lightspeed architectural models
The model you choose will depend on your organization's regulatory requirements and risk appetite. Here’s how to think about the ways each model might align with your business goals.
Hosted (direct): Maximum agility and lowest TCO
In the hosted model, which is included in your Red Hat Enterprise Linux (RHEL) subscription, every RHEL node in your environment connects directly to Red Hat Lightspeed via the internet.
- The business value: This is the ultimate low-friction approach. It offers the fastest time to value with minimal setup complexity. Your teams gain immediate, real-time access to the full suite of services, including advisor, vulnerability, and compliance services, without any additional infrastructure overhead. This capability is included in your RHEL subscription.
- The trade-off: Every node requires outbound internet access, and telemetry data resides in the Red Hat-hosted cloud.
- The verdict: Ideal for organizations prioritizing speed, minimizing infrastructure costs, and operating in standard commercial environments where public cloud data residency is acceptable.
Proxied via Satellite: The secure middle ground
For organizations that need centralized control over their network traffic, the proxied via Satellite architecture provides an elegant compromise. Internal nodes remain safely isolated from the public internet, routing all Red Hat Lightspeed traffic through a centralized Red Hat Satellite egress gateway.
- The business value: You maintain the real-time cloud sync benefits and full feature availability of the hosted model, but with a significantly enhanced security posture. Your internal network remains dark to the outside world, satisfying the requirements of most internal security and compliance teams.
- The trade-off: Setup complexity is moderate, requiring the management of a Red Hat Satellite infrastructure.
- The verdict: The gold standard for standard enterprise and financial environments. It balances robust internal network security with the power of real-time cloud analytics.
This feature requires a Red Hat Satellite subscription.
On-premise (air-gapped): Absolute data sovereignty
Organizations in industries like defense or critical infrastructure, or in highly regulated public sectors, cannot allow any data to leave their physical networks. For these environments, Red Hat Lightspeed offers a subset of services in an on-premise architecture that uses disconnected Red Hat Satellite syncs and containerized Red Hat Lightspeed services.
- The business value: Uncompromising data residency. Telemetry data is analyzed entirely within your walls. With this model, you can still leverage powerful analytics (advisor) and vulnerability tracking without violating strict air-gap mandates.
- The trade-off: While setup complexity is manageable (moderate), this model requires maintaining locally synced data rather than relying on real-time cloud updates.
- The verdict: The mandatory choice for zero-trust, highly classified, or strictly regulated environments where absolute data sovereignty is the non-negotiable priority.
This feature requires a Red Hat Satellite subscription.
Making the right call
Select the architecture that aligns with your operational capabilities and risk tolerance; there is no universal right choice.
By understanding the differences between hosted, proxied, and on-premise deployments, decision makers can give their teams the tools they need to proactively secure and manage their RHEL fleets, without compromising their organization's compliance and security standards.
Additional reading
- “Red Hat Satellite synchronization with Red Hat Lightspeed:” In-depth blog post on how Satellite interacts with Red Hat Lightspeed (previously known as Insights).
- “Red Hat Lightspeed advisor in Red Hat Satellite:” In-depth blog post on Red Hat Lightspeed configuration with Satellite for on-premise, air-gapped deployments.
- Red Hat Lightspeed information portal
Produkttest
Red Hat Enterprise Linux AI | Testversion
Über den Autor
As a Senior Principal Technical Marketing Manager in the Red Hat Enterprise Linux business unit, Matthew Yee is here to help everyone understand what our products do. He joined Red Hat in 2021 and is based in Vancouver, Canada.
Ähnliche Einträge
Erweiterte Post-Quanten-Funktionen von SSH in RHEL
Red Hat Device Edge ist jetzt für NVIDIA Jetson Orin verfügbar
Infrastructure At The Edge | Compiler
Operating System Management | Compiler
Mehr erfahren
- E-Book: Infrastrukturmanagement in der Cloud
- E-Book: Aufbau einer effizienten IT-Grundlage für den Erfolg moderner Unternehmen
- Jetzt testen: Red Hat Enterprise Linux
Nach Thema durchsuchen
Automatisierung
Das Neueste zum Thema IT-Automatisierung für Technologien, Teams und Umgebungen
Künstliche Intelligenz
Erfahren Sie das Neueste von den Plattformen, die es Kunden ermöglichen, KI-Workloads beliebig auszuführen
Open Hybrid Cloud
Erfahren Sie, wie wir eine flexiblere Zukunft mit Hybrid Clouds schaffen.
Sicherheit
Erfahren Sie, wie wir Risiken in verschiedenen Umgebungen und Technologien reduzieren
Edge Computing
Erfahren Sie das Neueste von den Plattformen, die die Operations am Edge vereinfachen
Infrastruktur
Erfahren Sie das Neueste von der weltweit führenden Linux-Plattform für Unternehmen
Anwendungen
Entdecken Sie unsere Lösungen für komplexe Herausforderungen bei Anwendungen
Virtualisierung
Erfahren Sie das Neueste über die Virtualisierung von Workloads in Cloud- oder On-Premise-Umgebungen