RALEIGH, N.C - —
Red Hat, Inc. (NYSE: RHT), the world's leading provider of open source solutions, today announced that Red Hat Enterprise Linux 7.1 has been awarded the Common Criteria Certification at Evaluation Assurance Level (EAL) 4+ for an unmodified commercial operating system under the Operating System Protection Profile (OSPP). This marks the first time that an operating system has been Common Criteria-certified with Linux Container Framework Support, further demonstrating Red Hat Enterprise Linux 7’s ability to provide hardened and more secure IT innovations like Linux containers.
Not only does the Common Criteria certification demonstrate that Red Hat Enterprise Linux offers industry-leading security features, this achievement also marks our flagship operating system as the first to bring a framework for Linux container technology into the world of more secure, certified computing.
The Common Criteria is an internationally recognized set of standards used by the federal government and other organizations to assess the security and assurance of technology products. In the Common Criteria scheme, EAL represents the depth and rigor of the evaluation, giving consumers the confidence that products specified at a specific level meet the package of security assurance requirements associated with that level. This certification provides government agencies, financial institutions, and customers in other security-sensitive environments the assurance that Red Hat Enterprise Linux 7.1 meets clear, specific security standards used by the federal government.
In addition to Linux Container Framework Support, Red Hat Enterprise Linux 7 has also been certified to include functionality for:
Advanced Management (MLS mode only)
Labeled Security (MLS mode only)
Runtime protection against programming errors, encompassing address space layout randomization (ASLR), stack smashing protector strong and others
This combined functionality makes Red Hat Enterprise Linux 7 the most secure platform that Red Hat has ever certified via Common Criteria.
Certified configurations from Red Hat Partners include:
Dell EMC PowerEdge R530, R630, R730, R730xd, R920, and R930
Dell EMC PowerEdge T430 and T630
Dell EMC PowerEdge M630 and M830
Dell EMC PowerEdge FC430, FC630 and FC830
Dell EMC PowerEdge C6320
Dell Precision Rack 7910 Workstation
Hewlett Packard Enterprise (HPE)
Red Hat Enterprise Linux 7.1 was certified by BSI, Germany's Federal Office for Information Security. To facilitate this certification, Red Hat worked with atsec information security corporation, a U.S. government and BSI accredited laboratory, which tested and validated the security, performance and reliability of the solution against the Common Criteria Standard for Information Security Evaluation (ISO/IEC 15408) at EAL4+.
Paul Smith, vice president and general manager, Public Sector, Red Hat
“As the world’s leading enterprise Linux platform, Red Hat Enterprise Linux powers some of the world's most complex, critical and highly-secure systems, from financial markets to military communications networks. Not only does the Common Criteria certification demonstrate that Red Hat Enterprise Linux offers industry-leading security features, this achievement also marks our flagship operating system as the first to bring a framework for Linux container technology into the world of more secure, certified computing.”
Helmut Kurth, vice president and chief scientist, atsec information security corp.
“atsec has been working with Red Hat and the Linux community for many years to improve the security of the Linux Operating System. Throughout the many evaluations of Red Hat Enterprise Linux we pushed for enhancements of the security of this operating system and we are proud that this effort helped to create one of the most secure operating systems for critical applications that exists today.”
Scott Farrand, vice president, Platform Software, Hewlett Packard Enterprise
“Security is a constant concern for government, financial, and other security-sensitive customers. Achieving the EAL 4+ certification across the entire line of HPE ProLiant servers with Red Hat Enterprise Linux ensures our customers meet stringent government security standards.”
Jim Wasko, vice president, Open Systems, IBM
"The Red Hat Common Criteria Certification provides enterprise level security validation for large scale IBM Power and Z Systems computing environments leveraging open source solutions. As clients choose open source capabilities to achieve greater flexibility in their cloud environments, they can have confidence in the security offered by Red Hat's Linux Operating System."