ProductsDesktop Server For Scientific Computing For IBM POWER For IBM System z For SAP Business Applications Red Hat Network Satellite ManagementExtended Update Support High Availability High Performance Network Load Balancer Resilient Storage Scalable File System Smart Management Extended Lifecycle SupportWeb Server Developer Studio Portfolio Edition JBoss Operations Network FuseSource Integration Products Web Framework Kit Application Platform Data Grid Portal Platform SOA Platform Business Rules Management System (BRMS) Data Services Platform Messaging JBoss Community or JBoss enterprise
SolutionsApplication development Business process management Enterprise application integration Interoperability Operational efficiency Security VirtualizationMigrate to Red Hat Enterprise Linux Systems management Upgrading to Red Hat Enterprise Linux JBoss Enterprise Middleware IBM AIX to Red Hat Enterprise Linux HP-UX to Red Hat Enterprise Linux Solaris to Red Hat Enterprise Linux UNIX to Red Hat Enterprise Linux Start a conversation with Red Hat Migration services
TrainingPopular and new courses JBoss Middleware Administration curriculum Core System Administration curriculum JBoss Middleware Development curriculum Advanced System Administration curriculum Linux Development curriculum Cloud Computing and Virtualization curriculum
ConsultingStandard Operating Environment (SOE) Strategic Migration Planning Service-oriented architecture (SOA) Enterprise Data Solutions Business Process Management
Issue #12 October 2005
- Adding encryption support to HAL: A user's experience with Fedora development
- Python programming on Linux
- Integrating your applications into the desktop, Part 1
- The state of Java on Linux
- Maintaining an autotools-enabled package
- Performance tuning with GCC, Part 2: Analyzing performance problems
- Using OProfile to analyze an RPM package build
- Remix culture comes to film at the Internet Archive
- Video: Red Hat and TSANet coordinate customer support
- Summit 2006: Not just country
- Video: Red Hat and BEA have no time for downtime
- Video: Red Hat Learning Services get real-world results
From the Inside
In each Issue
- Editor's blog
- Red Hat speaks
- Ask Shadowman
- Tips & tricks
- Fedora status report
- Magazine archive
Red Hat Speaks: Announcing Red Hat Certified Security Specialist (RHCSS)
Red Hat has long attracted industry notice through its use of live system, performance-based testing in its Red Hat Certified Technician (RHCT) and Red Hat Certified Engineer (RHCE) certification programs. Now, Red Hat is adding a first-of-its-kind performance-based security certification to its fold: The Red Hat Certified Security Specialist (RHCSS). Red Hat Magazine recently sat down with Randy Russell, Director of Certifications and Curriculum for Red Hat's Global Learning Services to learn more.
- RHM: What is Red Hat Certified Security Specialist (RHCSS)?
- Red Hat Certified Security Specialist (RHCSS) is a new security credential that proves advanced skills to meet the security requirements of today's enterprise environment. An RHCSS has RHCE security knowledge plus has passed three Endorsement exams proving specialized skills in using Red Hat Enterprise Linux, Red Hat Directory Server and SELinux to meet the security requirements of today's enterprise environment. RHCSS is Red Hat's fourth certification, the only one of its kind in Linux.
- RHM: Why is Red Hat releasing this new certification?
- Unfortunately, the unfriendly world is getting unfriendlier, and the stakes are getting higher. Government agencies, particularly those involved in defense, must contend with the real and present threat of cyber-terrorism, sabotage and espionage. Businesses must be on guard for professional intruders who are interested in stealing credit card accounts on the Web store, or other company-confidential information. More troubling still are internal security breaches. The computers, networks and Internet access that have made workers more productive have also given the disgruntled or wayward employee new ways to seek revenge and new temptations for misbehavior. Putting up firewalls to guard against outsiders while leaving internal networks and systems wide open is simply naíve.
- In the face of such security risks, organizations look increasingly to security certification of their IT personnel to determine who is qualified for the tasks of protecting networks and systems. General certifications like CISSP, which concentrates on security policies, partially meet the need for such credentials. However, there is a need for security certifications that focus on technical implementation, rather than policy or theory. And what better to establish the ability to implement security measures than a performance-based technical certificationone that can only be earned if the candidate successfully performs those tasks on a live system?
- RHM: How does one attain RHCSS?
- As with RHCA, one must first earn RHCE in order to take the endorsement exams required for RHCSS. One must then take and pass the following endorsement exams:
- EX333 Enterprise Network Services Security
EX423 Enterprise Directory Services and Authentication
EX429 SELinux Policy Administration
- As with RHCA, Red Hat supports candidates for these endorsements with courses that provide intensive, hands-on training covering the skills tested. RHCSS builds on the solid foundation of RHCE. It shares common ground with RHCA. Both credentials require the Enterprise Network Services Security (EX333) and the Enterprise Directory Services and Authentication (EX423) endorsements. RHCSS additionally requires the SELinux Policy Administration endorsement (EX429), discussed below. Flexibility is the key to Red Hat's approach. An RHCE can elect to earn only one or two of these endorsements, and each is meaningful on its own. It is always up to individuals and their employers or customers to determine the right mix for them and whether full certification as an RHCSS is a goal. Candidates who earn all three endorsements earn the privilege of calling themselves Red Hat Certified Security Specialists and have conclusively demonstrated a deep, comprehensive set of security skills.
- RHM: what are the pre-requisites for the courses in this program?
- The three RHCSS-track courses presume skills at the RHCE level, and only RHCEs are eligible to take the three endorsement exams required for this certification. Of these five, two test security-related skills: EX333 Security: Network Services, EX423 Directory Services and Authentication, and EX429 SELinux Policy Administration.
- Those without RHCE cannot take the three Endorsement Exams but are still welcome to register for the courses themselves. However, because these courses are upper-level Linux courses, we strongly recommend RHCE or equivalent skills.
- RHM: Why is RHCSS valuable?
- Everywhere there are daily reminders that a networked world brings us into contact with the best and the worst that the world has to offer. Today's organizations must counter the ingenuity and determination of criminals and pranksters with equal ingenuity and determination. The increasingly complex world of IT security requires reliable measures of technical qualifications so that organizations can identify the people who are qualified to implement security solutions. Security certifications from Red Hat separate proven security specialists from those who just decide to print up a "security specialist" business card.
- Learn more about RHCSS.