Red Hat Inc., the world’s leading provider of enterprise open source solutions, today announced a new Common Criteria Certification for Red Hat Enterprise Linux 8.2, further strengthening Red Hat Enterprise Linux as a platform of choice for users with critical workloads in classified and sensitive deployments.
A Common Criteria Certification is intended to provide a level of assurance that a product meets a certain security criteria for specific computing environments.
A component of the validation is rigorous, standardised and repeatable testing by any independent third party and provides common ground for sensitive computing operations at an international level.
For Common Criteria, Red Hat Enterprise Linux 8.2 was certified by the National Information Assurance Partnership (NIAP), with testing and validation completed by Acumen Security, a U.S. government-accredited laboratory.
The platform was tested and validated against the Common Criteria Standard for Information Security Evaluation (ISO/IEC 15408) against version 4.2.1 of the NIAP General Purpose Operating System Protection Profile including Extended Package for Secure Shell (SSH), version 1.0 and is the latest Red Hat Enterprise Linux version to appear on the NIAP Product Compliant List.
Open innovation for sensitive computing
As IT’s threat landscape continues to evolve, organisations must find ways to continue protecting sensitive environments and systems while still keeping pace with technological innovation.
Red Hat is committed to answering this need through a comprehensive, cross-portfolio evaluation and U.S.-government recognised validation effort.
The many secure computing certifications achieved by Red Hat Enterprise Linux highlight this drive, as well as establishing Red Hat Enterprise Linux as the bedrock for Red Hat’s open hybrid cloud offerings in highly-regulated IT deployments.
Red Hat Enterprise Linux 8.2 provides more than a validated foundation for security-conscious computing environments – it also includes the benefits of a Red Hat subscription.
While a Red Hat subscription includes extensive levels of technical support, it also provides longer product lifecycles with more reliable and predictable product updates, a dedicated security response team for analysing and addressing potential vulnerabilities as they appear and proactive analytics tools to help identify and remediate potential system issues.
Commenting, Clara Conti, Vice President and General Manager, North America Public Sector, Red Hat, said:
“Linux is the foundation for modern computing, including sensitive IT deployments of all kinds across the hybrid cloud. Today’s Common Criteria Certification of Red Hat Enterprise Linux 8.2 shows our continued commitment to making Red Hat Enterprise Linux a platform that not only embraces innovation but also serves as the backbone for critical and security-sensitive operations.”
Also, Kenneth Lasoski, Director, Common Criteria, Acumen Security, said:
“Acumen Security, part of the global Intertek High Security Certifications group, congratulates Red Hat on the successful Common Criteria certification of Red Hat Enterprise Linux 8.2.
This rigorous security evaluation against stringent requirements for General Purpose Operating Systems identified by the National Information Assurance Partnership under the international Common Criteria Certification standard demonstrates and confirms Red Hat’s commitment to make Common Criteria certified versions of Red Hat Enterprise Linux available to security conscious customers, such as national security-related agencies, finance and healthcare organisations.
“We are honored that Red Hat has once again selected Acumen Security as their security certification partner to achieve this significant milestone as well as applaud their continued commitment and contribution to the information security industry,” Lasoski explained.
Independent security certification for Red Hat Enterprise Linux 8.2 helps to extend the world’s leading enterprise Linux platform as a trusted foundation for computing across the open hybrid cloud, from traditional to cloud-native workloads