Introducing Red Hat’s STIG-hardened UBI for NVIDIA GPUs on Red Hat OpenShift

Deploying cutting-edge AI in U.S. government environments can present a formidable challenge. While the power of accelerated computing is essential for modern workloads, the path to achieving an Authority to Operate (ATO) is paved with the complex and time-consuming demands of applying controls such as the Defense Information Systems Agency’s (DISA) Security Technical Implementation Guides (STIGs). This crucial security hardening process can be a manual, painstaking effort that creates friction between development teams and security mandates, slowing innovation.

Today, Red Hat is reducing that friction at the source with the release of a STIG-hardened Red Hat Universal Base Image (UBI-STIG). NVIDIA is leveraging this new, hardened container image as the foundation for a government-ready NVIDIA GPU Operator that works with Red Hat OpenShift.

As part of this effort, Red Hat is also supported in the NVIDIA AI Factory for Government reference design to accelerate deployments of AI agents and applications in federal and enterprise deployments. The NVIDIA AI Factory for Government is a full-stack, end-to-end reference design that provides guidance for deploying agentic AI, physical AI, and HPC workloads on-premises and in the hybrid cloud, while meeting the compliance needs of federal and other high assurance organizations. The reference design is based on the NVIDIA Blackwell platform and integrates NVIDIA-Certified Systems, NVIDIA-Certified Storage, and a broad technology partner ecosystem, including Red Hat. 

This collaboration is a game-changer for government partners and agencies. By leveraging UBI-STIG to create a hardened GPU driver image, NVIDIA is able to include GPU Operator as a part of its government-ready NVIDIA AI Enterprise software. This software meets the security requirements for use within a FedRAMP High or equivalent boundary, allowing customers to accelerate the adoption of AI solutions in highly-regulated environments.  Instead of spending potentially hundreds of hours manually hardening container images, security teams can now deploy the NVIDIA GPU Operator on Red Hat OpenShift with the confidence that a significant portion of the in-image security controls are already met.

This matters for three key reasons:

• Accelerates ATO: By starting with a pre-hardened, STIG-compliant base image, you can significantly reduce the time and effort required for security validation, helping to get critical AI tools into production faster.
• Delivers a trusted software supply chain: It provides a more consistent, repeatable, and verifiable secure baseline for every AI application. Sourcing drivers and operators from within the trusted Red Hat ecosystem satisfies the strictest security policies and simplifies audits.
• Unlocks high-performance AI for secure environments: It provides government agencies with a clear, supported, and more secure path to leverage NVIDIA accelerated computing on Red Hat OpenShift, enabling them to run powerful AI/ML workloads on their most sensitive data.

The future of secure container deployment in highly regulated environments is here. To learn more about how Red Hat's Universal Base Image is the crucial standard for modern, secure applications, visit the UBI 9 overview or pull the image from Red Hat’s container registry at registry.access.redhat.com/ubi9/ubi-stig.

Learn more about how using STIGs can improve your security posture:

• How to use STIGs within the Red Hat portfolio
• The role of STIGs in the broader cybersecurity context
• What hardening with STIGs means