Red Hat Achieves Common Criteria Security Certification for Red Hat Enterprise Linux 7

Raleigh, NC - 26 October 2016

The World’s Leading Enterprise Linux Platform is the First Operating System with Support for Linux Container Technology to Receive the Common Criteria Certification

Red Hat, Inc. (NYSE:RHT), the world's leading provider of open source solutions, today announced that Red Hat Enterprise Linux 7.1 has been awarded the Common Criteria Certification at Evaluation Assurance Level (EAL) 4+ for an unmodified commercial operating system under the Operating System Protection Profile (OSPP). This marks the first time that an operating system has been Common Criteria-certified with Linux Container Framework Support, further demonstrating Red Hat Enterprise Linux 7’s ability to provide hardened and more secure IT innovations like Linux containers.

The Common Criteria is an internationally recognized set of standards used by the federal government and other organizations to assess the security and assurance of technology products. In the Common Criteria scheme, EAL represents the depth and rigor of the evaluation, giving consumers the confidence that products specified at a specific level meet the package of security assurance requirements associated with that level. This certification provides government agencies, financial institutions, and customers in other security-sensitive environments the assurance that Red Hat Enterprise Linux 7.1 meets clear, specific security standards used by the federal government.

In addition to Linux Container Framework Support, Red Hat Enterprise Linux 7 has also been certified to include functionality for:

  • Advanced Management (MLS mode only)
  • Labeled Security (MLS mode only)
  • Runtime protection against programming errors, encompassing address space layout randomization (ASLR), stack smashing protector strong and others
  • Packet Filter

This combined functionality makes Red Hat Enterprise Linux 7 the most secure platform that Red Hat has ever certified via Common Criteria.

Certified configurations from Red Hat Partners include:

Dell

  • Dell PowerEdge R530, R630, R730, R730xd, R920, and R930
  • Dell PowerEdge T430 and T630
  • Dell PowerEdge M630 and M830
  • Dell PowerEdge FC430, FC630 and FC830
  • Dell PowerEdge C6320
  • Dell PowerEdge Precision R791

Hewlett Packard Enterprise (HPE)

  • HPE based on x86 64bit Intel Xeon processors:
    • HPE ProLiant ML series G7, Gen8, Gen9 product line
    • HPE ProLiant DL series G7, Gen8, Gen9 product line
    • HPE ProLiant BL series G7, Gen8, Gen9 product line
    • HPE ProLiant SL series G7, Gen8, Gen9 product line
  • HPE based on AMD64 processors:
    • HPE ProLiant ML series G7, Gen8 product line
    • HPE ProLiant DL series G7, Gen8 product line

IBM

  • IBM System p based on Power 8 processors providing execution environments with PowerVM:
    • Big Endian with PowerVM: Tuleta BE model number - Power 835 model 8286-41A
    • Little Endian with Red Hat Virtualization for Power 3.6: Power 835 model 8284-22A
  • IBM System z based on z/Architecture processors:
    • zEnterprise EC12 (zEC12)
    • zEnterprise BC12 (zBC12)
    • zEnterprise 196 (z196)
    • zEnterprise 114 (z114)

Red Hat Enterprise Linux 7.1 was certified by BSI, Germany's Federal Office for Information Security. To facilitate this certification, Red Hat worked with atsec information security corporation, a U.S. government and BSI accredited laboratory, which tested and validated the security, performance and reliability of the solution against the Common Criteria Standard for Information Security Evaluation (ISO/IEC 15408) at EAL4+.

Paul Smith, vice president and general manager, Public Sector, Red Hat, “As the world’s leading enterprise Linux platform, Red Hat Enterprise Linux powers some of the world's most complex, critical and highly-secure systems, from financial markets to military communications networks. Not only does the Common Criteria certification demonstrate that Red Hat Enterprise Linux offers industry-leading security features, this achievement also marks our flagship operating system as the first to bring a framework for Linux container technology into the world of more secure, certified computing.”

Helmut Kurth, vice president and chief scientist, atsec information security corp., “atsec has been working with Red Hat and the Linux community for many years to improve the security of the Linux Operating System. Throughout the many evaluations of Red Hat Enterprise Linux we pushed for enhancements of the security of this operating system and we are proud that this effort helped to create one of the most secure operating systems for critical applications that exists today.”

Scott Farrand, vice president, Platform Software, Hewlett Packard Enterprise, “Security is a constant concern for government, financial, and other security-sensitive customers. Achieving the EAL 4+ certification across the entire line of HPE ProLiant servers with Red Hat Enterprise Linux ensures our customers meet stringent government security standards.”

Jim Wasko, vice president, Open Systems, IBM, "The Red Hat Common Criteria Certification provides enterprise level security validation for large scale IBM Power and Z Systems computing environments leveraging open source solutions. As clients choose open source capabilities to achieve greater flexibility in their cloud environments, they can have confidence in the security offered by Red Hat's Linux Operating System."

Red Hat is the world's leading provider of open source software solutions, using a community-powered approach to provide reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As a connective hub in a global network of enterprises, partners, and open source communities, Red Hat helps create relevant, innovative technologies that liberate resources for growth and prepare customers for the future of IT. 

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development