Red Hat Launches 'Security in a Networked World' Initiative

Linuxworld

United States, August 9, 2005

Company strategy has evolved from platform-level security to also include identity management, monitoring and delivering security content.

Red Hat, Inc. (NASDAQ:RHAT), the world's leading provider of open source solutions to the enterprise, launched the 'Security in a Networked World' initiative during a press conference held yesterday in San Francisco. The strategy will put continued emphasis on delivering value to Red Hat Enterprise Linux customers through platform-level security technologies and policies, but has also expanded to address identity management, systems monitoring and the delivery of security content. Red Hat today announced the availability of Red Hat Certificate System, new collaboration with the Mozilla Foundation, and the availability of Systems Monitoring as part of Red Hat Network.

Red Hat Security Legacy

A top priority in the development of Red Hat Enterprise Linux is to focus on building a flexible, modular, enterprise computing platform whose security infrastructure can be leveraged in every aspect of a corporation's network. From mainframe to desktops, from databases to devicesâeuro”Red Hat builds technologies that can be used as part of an extended, protected network. With the maturation and availability of SELinux (Security Enhanced Linux), technology developed with the National Security Agency, Red Hat built security into the core of the infrastructure. SELinux provides among the highest levels of security available in any commercially available and supported operating system.

Red Hat has also been a leader in meeting key certification standards such as Common Criteria and security components within Federal Information Processing Standards, and is constantly working towards higher levels of certification. Red Hat brings the value of the highest degree of government security requirements to all our customers.

Red Hat Identity Management

Authentication of users, devices, and applications offers the extended assurance that a networked environment is accessed by trusted parties. Red Hat Certificate System is the leading authentication system for ensuring that only authorized users gain access to critical enterprise resources. Red Hat is now taking the next step in enterprise security by officially launching a smart card management system as an integrated component of Red Hat Certificate System.

Extended smart card feature development includes collaboration with the Mozilla Foundation to enable smart card detection in upcoming versions of Firefox and Thunderbird.

Red Hat is also working with partners and customers to enable government compliance with Federal Information Processing Standard 201 (FIPS 201) in response to Homeland Security Presidential Directive 12 (HSPD-12). HSPD-12 mandates that all federal agencies implement smart card technology, that includes digital identity credentials (certificates), to be used to authenticate users prior to granting access to federally controlled buildings (physical) and systems (logical).

Today, the Red Hat Certificate System provides the ability for government entities to generate and manage digital credentials to meet the demands of the largest implementations.

"The opportunity for Red Hat Identity Management solutions adoption in large government agencies is tremendous," said Bill Schell, President of August Schell, a leading Technology Solutions Provider to Federal Agencies involved with defense and national security. "Red Hat technology provides the digital credentialing infrastructure for the world's largest implementation in the federal government for the Department of Defense (DOD). The Red Hat technology has proven itself to scale to meet the functional and performance needs of the entire DOD, worldwide. To date, over 4 million smart cards have been issued to DOD personnel, from Pentagon Generals down to our troops in desert foxholes. Each smart card contains multiple digital certificates generated from the DOD implementation of the Red Hat Certificate System and are used to ensure secure communications and authentication to a variety of devices and services. No other Certificate Management solution in production use within the Federal Government can claim such a monumental success."

Systems Monitoring

Red Hat Network was built alongside Red Hat Enterprise Linux to ensure that enterprise customers would have a management tool to update and secure thousands of systems at once while keeping costs down. Since its inception, Red Hat Network has been implemented to provide a secure and trusted end to end delivery mechanism to protect even the most tightly secured environments by providing immediate notification when updates to address vulnerabilities are available across the entire stack.

Today Red Hat announces the next step in Red Hat Network protection: Monitoring. With the Red Hat Network Monitoring Module, customers can monitor systems, network functionality and applications. Providing immediate access to information about the responsiveness of their secure environments.

"Red Hat Network provides updates and security across the entire Open Source Architecture," said Paul Cormier, Executive Vice President of Engineering at Red Hat. "We simplify the complexity of systems management and security by providing customers with a single mechanism for notification of issues from the device, to datacenter, to applications."

Security in a Networked World: What's Next

Red Hat is commited to providing information about entire networks, from systems to applications and data, in a form that can easily be reported, managed and controlled to ensure the security of the entire environment. The Company continues to invest resources to build out the Open Source Architecture and partner ecosystems to provide choice to enterprise customers building infrastructures based on open source, including through vendors such as Sourcefire.

"Combining the value of the Red Hat infrastructure with our intrusion prevention and real-time network awareness innovations allows Sourcefire to deliver the most comprehensive and cost-effective security solutions in the industry", said Martin Roesch, CTO of Sourcefire, Inc., the creator of the world's most widely adopted intrusion prevention technology, Snort. "The Sourcefire 3D System uniquely complements Red Hat's commitment to extending security throughout the enterprise".

Additionally, Red Hat will work to provide expanded security capabilities and content devliery through Red Hat Network and the Red Hat Knowledgebase, extending the value of a connected, secure network.

For more information on Red Hat Security solutions, please visit Red Hat Booth #210 at LinuxWorld, San Francisco, visit http://www.redhat.com or call 866-2-REDHAT.

About Red Hat, Inc.

Red Hat, the world's leading open source and Linux provider, is headquartered in Raleigh, NC with satellite offices spanning the globe. Red Hat is leading Linux and open source solutions into the mainstream by making high quality, low cost technology accessible. Red Hat provides operating system software along with middleware, applications and management solutions. Red Hat also offers support, training and consulting services to its customers worldwide and through top-tier partnerships. Red Hat's open source strategy offers customers a long term plan for building infrastructures that are based on and leverage open source technologies with focus on security and ease of management. Learn more: http://www.redhat.com

Forward-Looking Statements

Forward-looking statements in this press release are made pursuant to the safe harbor provisions of Section 21E of the Securities Exchange Act of 1934. Investors are cautioned that statements in this press release that are not strictly historical statements, including, without limitation, management's plans and objectives for future operations, and management's assessment of market factors, constitute forward-looking statements which involve risks and uncertainties. These risks and uncertainties include, without limitation, reliance upon strategic relationships, management of growth, the possibility of undetected software errors, the risks of economic downturns generally, and in Red Hat's industry specifically, the risks associated with competition and competitive pricing pressures, the viability of the Internet, and other risks detailed in Red Hat's filings with the Securities and Exchange Commission, copies of which may be accessed through the SEC's Web site at http://www.sec.gov.

LINUX is a trademark of Linus Torvalds. RED HAT is a registered trademark of Red Hat, Inc. All other names and trademarks are the property of their respective owners.