Accelerate innovation and govern integrity with Red Hat Satellite 6.19

Organizations are shifting fast toward image-based workflows and AI, but you shouldn't have to choose between moving quickly and keeping the lights on. Red Hat Satellite 6.19 bridges that gap. This release focuses on hardening the software supply chain and reducing manual toil so you can stop managing patches and start building. 

Whether you’re migrating to image mode-based Red Hat Enterprise Linux (RHEL), handling hybrid cloud virtualization on Red Hat OpenShift, or spinning up Model Context Protocol (MCP) servers for AI-assisted debugging, Satellite 6.19 gives you the control you need to accelerate innovation while governing integrity. It’s your environment—Satellite just ensures it stays stable, compliant, and fully sovereign.

Increase visibility and control over complex environments

As your RHEL infrastructure scales, the volume of data can quickly outpace your team's ability to process it. Satellite 6.19 increases visibility and control over these complex environments while lowering the barrier to entry for critical administrative tasks. By integrating smarter workflows and AI-assisted management, Satellite turns data into useful insights using natural language prompts and refined filtering, maximizing the productivity of your existing team.

The introduction of the MCP server for Satellite allows you to use natural language to query environmental health, manage content views, and execute patching workflows. This helps bridge the skills gap and handle routine maintenance more efficiently, creating more time to focus on innovation.

Satellite now offers even greater control over Red Hat Lightspeed security features, allowing you to customize your experience to fit the security posture of your unique environment. Filter out irrelevant recommendations to direct energy towards the most critical security threats. By requiring justifications for these overrides, your team can prioritize critical security threats without losing auditability. Additionally, a new task-based progress bar in the inventory user interface (UI) provides real-time visibility into long-running background operations, keeping you informed on the status of your environment.

Minimize your attack surface while keeping sensitive data private

Satellite 6.19 shifts the focus from identifying vulnerabilities to proactively managing risk, even in highly restricted environments. Support for a locally installed, general availability version of vulnerability for RHEL brings Red Hat’s expertise into air-gapped or high-security datacenters. Users can perform bulk triage and define the specific business risk of a Common Vulnerabilities and Exposures (CVE) locally, ensuring a "trust, but verify" posture without requiring external connectivity or compromising data sovereignty.

To support disconnected workflows, enhanced granular Role-Based Access Control (RBAC) provides tight control over who can view, edit, or disable security recommendations. This keeps sensitive vulnerability data accessible only to authorized personnel. Coupled with new advanced triage controls, you can now enable or disable vulnerability analysis for specific hosts and set custom business-risk statuses. By localizing security services and refining access controls, Satellite helps minimize your attack surface while keeping sensitive data private. 

Accelerate the delivery of consistent content across hybrid infrastructures

Satellite 6.19 supports consistent content delivery across your hybrid infrastructure, bridging the gap between traditional RPM management and modern, image-based deployments. With the new image mode management capability, users can track transient package installs on running hosts and automatically generate the Containerfile commands needed to persist those changes in future builds. This automation captures and integrates critical "hotfixes" into the master image, facilitating a smoother transition to reproducible, versioned infrastructure.

To further reduce human error, the web interface now includes full support for managing multiple content views for hosts and activation keys. This unified management helps production environments to remain stable during complex patching cycles. Additionally, the container UI has been completely overhauled with a tag-centric design, providing a streamlined experience for viewing manifests and metadata that mirrors the Red Hat Quay environment.

Modernize the hybrid life cycle and host management with an unified experience

Satellite 6.19 consolidates management workflows from the previously separate All Hosts and Content Hosts pages into a single, unified interface. Built with modern React and PatternFly components, this single view reduces operational overhead and training costs by allowing management of physical, virtual, and container-native infrastructure from one location. This tool consolidation simplifies daily workflows and provides a more cohesive experience for teams managing diverse hybrid environments.

This release also provides a stable, low-risk migration path for moving legacy virtual workloads to Red Hat OpenShift Virtualization. Significant stability improvements and bug fixes ensure that OpenShift Virtualization provisioning is enterprise-ready. Additionally, security is bolstered through support for SSH certificates in remote execution, replacing the riskier "trust on first use" (TOFU) model with a more security-focused, governed authentication method.

Eliminating audit anxiety through automated compliance

Satellite 6.19 automates subscription management reporting as a byproduct of your standard operations with enhanced reporting templates that include cloud billing metadata and configurable hardware models. This eliminates manual data collection for hardware specifications and cloud instances, maintaining accurate and efficient inventory reporting, even in the most restrictive, air-gapped environments.

These updates provide the granular visibility needed to optimize Red Hat investments and uphold full license compliance. Flexible data sharing options allow you to reconcile usage via full or minimal payloads, maintaining audit readiness without compromising strict security policies or requiring direct connections to cloud-based services. This localized accuracy protects your bottom line by preventing over-provisioning and allowing more precise cloud-spending forecasting.

Extended Update Support for Satellite 6.19 

As the final RPM-based release, Satellite 6.19 marks a significant milestone in the product's evolution. To support organizations through this transition, Red Hat is offering Extended Update Support (EUS) for Red Hat Satellite, an optional subscription add-on that provides a stable, predictable bridge for your long-term operational security.

This EUS offering upholds a predictable maintenance cadence focused on Critical and Important security errata (Red Hat Security Advisory) and Urgent priority bug fixes. By aligning the Satellite lifecycle with RHEL EUS policies, IT leaders can maintain a consistent management experience across their entire infrastructure stack while benefiting from simplified, direct upgrade paths to future designated versions.

A security-focused foundation for what comes next

Speed and innovation require a foundation of trust, and Satellite 6.19 delivers the tools to enforce environmental integrity across your stack. 

From the transition to cryptographically secure SSH certificate-based execution to the localized power of vulnerability triage for air-gapped sites, this release brings high-speed innovation into the security-focused corners of your datacenter. By providing clear, useful insights into system health and subscription use, Satellite helps protect your organization from drift, security gaps, and unforecasted costs. With the inclusion of EUS, Red Hat provides a stable, 30-month total maintenance bridge (a year of additional support beyond the standard 18 months) to simplify your transition to modern management practices while upholding a hardened security posture.

Learn more

Satellite 6.19 with EUS is now available! For more information, explore the documentation.