They don’t need a new distro, unless they hire a lot of highly skilled packagers. I’d take say Ubuntu or OpenSuSE … but it would be RedHat with Oracle for the NHS - they just can’t help losing money.
For my tiny company, I’m going Kubuntu … bear with … Ubuntu means:
Multiple “enterprise AV” are available (ESET and others)
Secure Boot
Full disc encryption is available
Those boxes ticked gets you on the way in the rather naff enterprise security word of tick boxes. Without those - give up now.
The K(DE) bit gets you a lot of configurability and its reasonably easy to get an environment out of the box that Windows users can get to grips with. Besides, I like KDE/Plasma.
I then tack on this rather fine project: https://cid-doc.github.io/ for AD, SYSVOL, “Drive letter” etc integration. Evolution with EWS does email.
My test machine is my desktop (it used to run Arch (actually), my laptop still does) - I started off with Kubuntu 22.04 and wired up all the above and then whilst in a Teams meeting kicked off the upgrade to 23.04 for a laugh. Sound stopped after a while because the kernel modules switched out. Anyway, all good after a reboot.
Seeing as I am competing with something that has GPO, I’ll allow myself to use Ansible.
PS - I should point out that an Arch box can run one of the ESET for Linux products OK (I have). You can get it to do secure boot and it can do FDE. So can Gentoo but I spent 15 years constantly fixing my Gentoo pets too.
They don’t need a new distro, unless they hire a lot of highly skilled packagers. I’d take say Ubuntu or OpenSuSE … but it would be RedHat with Oracle for the NHS - they just can’t help losing money.
For my tiny company, I’m going Kubuntu … bear with … Ubuntu means:
Those boxes ticked gets you on the way in the rather naff enterprise security word of tick boxes. Without those - give up now.
The K(DE) bit gets you a lot of configurability and its reasonably easy to get an environment out of the box that Windows users can get to grips with. Besides, I like KDE/Plasma.
I then tack on this rather fine project: https://cid-doc.github.io/ for AD, SYSVOL, “Drive letter” etc integration. Evolution with EWS does email.
My test machine is my desktop (it used to run Arch (actually), my laptop still does) - I started off with Kubuntu 22.04 and wired up all the above and then whilst in a Teams meeting kicked off the upgrade to 23.04 for a laugh. Sound stopped after a while because the kernel modules switched out. Anyway, all good after a reboot.
Seeing as I am competing with something that has GPO, I’ll allow myself to use Ansible.
PS - I should point out that an Arch box can run one of the ESET for Linux products OK (I have). You can get it to do secure boot and it can do FDE. So can Gentoo but I spent 15 years constantly fixing my Gentoo pets too.