Red Hat and IBM Achieve Top Security Certification for KVM Hypervisor on Red Hat Enterprise Linux and IBM Servers

Raleigh

NC, Global, May 9, 2012

Organizations requiring high levels of security to benefit from open virtualization technology

Red Hat, Inc. (NYSE: RHT) and IBM (NYSE: IBM) today announced that Red Hat Enterprise Linux 5 with the KVM hypervisor on IBM Systems has been awarded Common Criteria Certification at Evaluation Assurance Level 4+ (EAL4+). The Common Criteria is an internationally recognized set of standards used by the federal government and other organizations to assess the security and assurance of technology products. This security certification is the first of its kind for an open source virtualization solution.

With this new certification, the KVM hypervisor on Red Hat Enterprise Linux and IBM x86 servers now meets government security standards allowing open virtualization to be used in homeland security projects, command-and-control operations, and throughout government agencies that previously were limited to proprietary virtualization technologies. This security certification paves the way for governments, financial institutions and other security-conscious agencies to create secure, open virtualized IT environments and private clouds.

Open virtualization offers organizations, including government agencies and financial businesses, the opportunity to reduce costs and increase choice with the enterprise-grade KVM hypervisor.

“This certification highlights the combined power of SELinux and KVM and we expect it to pave the way for broader adoption of private cloud computing infrastructure in government agencies,” said Paul Smith, general manager and vice president, public sector operations, Red Hat. “SELinux addresses common government agency concerns about implementing virtualization because it provides for virtual resources to run in separate containers and protect each one individually in case of intrusion.”

“Security is critically important to all our clients as they share workloads and data through virtualization and in the cloud – and especially so to our government and financial customers around the world”, said Jean Staten Healy, director of Linux, IBM. “Today's announcement confirms that open virtualization and KVM are ready for business and are able to offer high levels of security certification on Red Hat Enterprise Linux and IBM Systems.”

Red Hat Enterprise Linux 5 features Security-Enhanced Linux (SELinux), a joint project developed by the National Security Agency (NSA) and Red Hat. This Common Criteria certification allows producers to use Red Hat Enterprise Linux 5 with the KVM hypervisor with confidence as they host many tenants on the same machine, knowing that their virtual guests will be separated from each other using Mandatory Access Control technology developed by the NSA.

Red Hat Enterprise Linux with the KVM hypervisor on IBM Systems was certified by BSI, Germany's Federal Office for Information Security. To facilitate this certification, Red Hat and IBM worked with atsec information security, a U.S. government and BSI accredited laboratory, which tested and validated the security, performance and reliability of the solution against the Common Criteria Standard for Information Security Evaluation (ISO/IEC 15408) at EAL4+.

The certification of KVM and Red Hat Enterprise Linux 5 applies to IBM System x, BladeCenter and iDataPlex servers.

Red Hat Enterprise Linux 6 with the KVM hypervisor is officially “In Evaluation” for Common Criteria certification at EAL4+.

For more information on IBM visit: www.ibm.com/systems or www.ibm.com/linux.

For a full roster of Red Hat’s certifications and accreditations, visit http://www.redhat.com/solutions/industry/government/certifications.html. For more information on Red Hat, visit www.redhat.com. For more news, more often, visit www.press.redhat.com.

About Red Hat, Inc.
Red Hat, the world's leading provider of open source solutions and an S&P 500 company, is headquartered in Raleigh, North Carolina, USA, with more than 70 offices spanning the globe. Red Hat provides high-quality, affordable technology with its operating system platform, Red Hat Enterprise Linux, together with cloud, virtualization, management, storage and service-oriented architecture (SOA) solutions, including Red Hat Enterprise Virtualization and JBoss Enterprise Middleware. Red Hat also offers support, training and consulting services to its customers worldwide. Learn more: www.redhat.com.

About atsec information security
atsec information security corporation is a U.S. Government accredited laboratory, based in Texas, which tests information assurance (IA) and IA-enabled commercial off the shelf (COTS) information technology.

Combining all of our technology security experience and expertise, atsec information security corporation additionally provides strong consulting skills for: network penetration testing; embedded systems and hardware security testing and analysis; the Federal Information Security Management Act (FISMA); Information Systems Security Management Systems (ISMS); and independent security assessments based on your individual needs.

atsec also operates Government accredited laboratories in Germany and Sweden.

Forward-Looking Statements
Certain statements contained in this press release may constitute "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements as a result of various important factors, including: risks related to delays or reductions in information technology spending; the effects of industry consolidation; the ability of the Company to compete effectively; uncertainty and adverse results in litigation and related settlements; the integration of acquisitions and the ability to market successfully acquired technologies and products; the inability to adequately protect Company intellectual property and the potential for infringement or breach of license claims of or relating to third party intellectual property; the ability to deliver and stimulate demand for new products and technological innovations on a timely basis; risks related to data and information security vulnerabilities; ineffective management of, and control over, the Company's growth and international operations; fluctuations in exchange rates; and changes in and a dependence on key personnel, as well as other factors contained in our most recent Annual Report on Form 10-K (copies of which may be accessed through the Securities and Exchange Commission's website at http://www.sec.gov), including those found therein under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations". In addition to these factors, actual future performance, outcomes, and results may differ materially because of more general factors including (without limitation) general industry and market conditions and growth rates, economic and political conditions, governmental and public policy changes and the impact of natural disasters such as earthquakes and floods. The forward-looking statements included in this press release represent the Company's views as of the date of this press release and these views could change. However, while the Company may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company's views as of any date subsequent to the date of this press release.

###

IBM and x86 are trademarks of IBM Corporation in the United States, other countries, or both. Red Hat, Inc. Red Hat, the Shadowman logo and JBoss are registered trademarks of Red Hat, Inc. in the U.S. and other countries. Linux is a registered trademark of Linus Torvalds. All other product and service names mentioned are the trademarks of their respective companies.