IBM, Red Hat and Trusted Computer Solutions Team to Deliver Most Secure Version of Linux Available

Companies Enter Common Criteria Evaluation to Make Red Hat Enterprise Linux a Government Certified, Trusted Operating System


Trusted Computer Solutions, Inc. (TCS), a leading supplier of information sharing technologies to the Department of Defense, the intelligence community and commercial industry, together with Red Hat (Nasdaq: RHAT), the world's leading provider of open source solutions to the enterprise, and IBM (NYSE: IBM), today announced that Red Hat Enterprise Linux is in Common Criteria evaluation on a broad range of IBM eServer systems. This evaluation will mean that the Red Hat Enterprise Linux meets government security standards for assured information sharing within and across government agencies.

Red Hat Enterprise Linux v.5 officially entered The National Information Assurance Partnership (NIAP) approved Common Criteria Evaluation & Validation Scheme (CCEVS) this month to bring a new level of security and assurance to Linux. This operating platform contains kernel and Security Enhanced Linux (SELinux) policy enhancements, developed by IBM, Red Hat, TCS and the community. TCS security enhancements augment the security features of the National Security Agency's SELinux.

The joint effort enables high-value, proven, cross-domain security applicationsâeuro”such as TCS SecureOffice® NetTop® and NetTop2 - Thin Client, which allow users access to multiple security levels on a single computerâeuro”to run on Red Hat Enterprise Linux.

"For years our customers have been clamoring for the look, feel, flexibility, and functionality of today's commercial software," said Susan Alexander, chief of information assurance research at the NSA. "With NetTop, based on SELinux, they can get just such an environment... without compromising on security."

Prior to the general availability of Red Hat Enterprise Linux v.5 and in compliance with NSTISSP No. 11 National Policy, government agencies can now acquire and implement TCS cross-domain security applications based on a Linux trusted operating system platform. Red Hat Enterprise Linux v.5 will be the first open source distribution with these capabilities.

IBM is sponsoring the certification of Red Hat Enterprise Linux v.5 and has entered the CCEVS at Evaluation Assurance Level 4 (EAL4) and will include the security functionality defined in three protection profiles recognized by the Common Criteria: Labeled Security Protection Profile (LSPP), Controlled Access Protection Profile (CAPP), and Role-Based Access Control Protection Profile (RBAC). These profiles support the requirements of Director of Central Intelligence Directive (DCID) 6/3 at Protection Level 4, which specifies security intelligence-related information and systems measures, including those necessary for Top Secret and Below Interoperability (TSABI).

This CCEVS evaluation means Red Hat Enterprise Linux will reach a level of security previously achieved by only a handful of trusted operating systems. Red Hat Enterprise Linux is now positioned to provide best-of-breed security capabilities for commercial operating systems, offering the government, as well as businesses, unprecedented choice for security applications. The benefits included broader hardware platform choice, reduced cost and IT complexity, improved access to data for decision making and improved government collaboration and intelligence sharing.

Red Hat Enterprise Linux v.5 is anticipated to be in general availability from Red Hat in late 2006. However, in compliance with NSTISSP No. 11 National Policy, the functionality is available today from TCS as a component of their commercial products.

"Red Hat Enterprise Linux will join an exclusive community of trusted operating systems that have achieved this level of security," said Ed Hammersla, chief operating officer at TCS. "The powerful collaboration between IBM, Red Hat, NSA and TCS is going to shake things up, and means our customers have a safe open source alternative to run our SecureOffice suite of application software."

"IBM is joining with Red Hat and TCS to enhance its offerings to the government market with solutions that support both open standards and government security standards," said Anne Altman, IBM's managing director of US Federal. "This announcement represents another example of IBM's ongoing commitment to supplying solutions to the government market, and its commitment to expanding the adoption of Linux throughout government and government agencies."

"In a relatively short period of time Linux has come to be known as a standard, secure computing platform," said Brian Stevens, vice president of Operating Systems Development at Red Hat. "This new level of certification is a testament to the power of collaboration. IBM, TCS, the NSA, Red Hat and the community have worked together to bring the Linux platform forward with rapid innovation in the area of security. This collaboration and evaluation effort will make Red Hat Enterprise Linux the most secure open source operating system platform available."

IBM is working with Red Hat to sponsor the certification of Red Hat Enterprise Linux v.5 on multiple platforms to maximize choice and value for customers. Red Hat Enterprise Linux v.5 will be evaluated on IBM server brands, including: xSeries, pSeries, zSeries and BladeCenter. IBM's server product line offers customers industry-leading performance together with application flexibility, solution choice, and outstanding scalability, reliability and security. IBM's Linux Technology center is working with the open source community and contributing code to this effort. IBM selected atsec information security, a vendor-independent consulting company in the business of IT security, as the certification lab for this effort.

For more information on Red Hat Enterprise Linux security certifications, please visit

For more information on NetTop® and NetTop2 Thin Client applications from TCS, please visit

For more information on IBM's eServer line of products, please visit

For more information on the CCEVS evaluation, taking place in Austin, Texas please visit

About IBM

IBM is the world's largest information technology company, with 80 years of leadership in helping businesses innovate. Drawing on resources from across IBM and key Business Partners, IBM offers a wide range of services, solutions and technologies that enable customers, large and small, to take full advantage of the new era of e-business. For more information, visit

About Red Hat, Inc.

Red Hat, the world's leading open source and Linux provider, is headquartered in Raleigh, NC with satellite offices spanning the globe. Red Hat is leading Linux and open source solutions into the mainstream by making high quality, low cost technology accessible. Red Hat provides operating system software along with middleware, applications and management solutions. Red Hat also offers support, training and consulting services to its customers worldwide and through top-tier partnerships. Red Hat's open source strategy offers customers a long term plan for building infrastructures that are based on and leverage open source technologies with focus on security and ease of management. Learn more:

About Trusted Computer Solutions, Inc.

Founded in 1994, Trusted Computer Solutions (TCS) is an industry leader in cyber security and information sharing software products. TCS products and services offer a simple solution that enables government and commercial organizations to securely share information while protecting vital information assets. TCS products strike the right balance between Information Protection and Information Sharing, something vital in today's environment. TCS Products adhere to the most stringent security standards set by U. S. Government Agencies such as the Defense Intelligence Agency and the National Security Agency. The company's SecureOffice® products, which run on Sun Trusted Solaris and Red Hat Linux are installed and accredited in operational systems around the world today protecting our nation's most sensitive digital information. TCS is headquartered in Herndon, Va., with offices in Urbana, Ill. and San Antonio, Tx. For more information, visit

LINUX is a trademark of Linus Torvalds. RED HAT is a registered trademark of Red Hat, Inc. All other names and trademarks are the property of their respective owners.

  • About Red Hat
  • Red Hat is the world’s leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As the connective hub in a global network of enterprises, partners, and open source communities, Red Hat helps create relevant, innovative technologies that liberate resources for growth and prepare customers for the future of IT. Learn more at

  • Forward-Looking Statements
  • Certain statements contained in this press release may constitute "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements as a result of various important factors, including: risks related to delays or reductions in information technology spending; the effects of industry consolidation; the ability of the Company to compete effectively; the integration of acquisitions and the ability to market successfully acquired technologies and products; uncertainty and adverse results in litigation and related settlements; the inability to adequately protect Company intellectual property and the potential for infringement or breach of license claims of or relating to third party intellectual property; the ability to deliver and stimulate demand for new products and technological innovations on a timely basis; risks related to data and information security vulnerabilities; ineffective management of, and control over, the Company’s growth and international operations; fluctuations in exchange rates; and changes in and a dependence on key personnel, as well as other factors contained in our most recent Quarterly Report on Form 10-Q (copies of which may be accessed through the Securities and Exchange Commission’s website at, including those found therein under the captions "Risk Factors" and "Management’s Discussion and Analysis of Financial Condition and Results of Operations". In addition to these factors, actual future performance, outcomes, and results may differ materially because of more general factors including (without limitation) general industry and market conditions and growth rates, economic and political conditions, governmental and public policy changes and the impact of natural disasters such as earthquakes and floods. The forward-looking statements included in this press release represent the Company’s views as of the date of this press release and these views could change. However, while the Company may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company’s views as of any date subsequent to the date of this press release.