During my reading this evening I saw where IBM Corp was able to achieve EAL4 security certification with Red Hat Linux. This is the highest level of security classification and will certainly be a gold star for Red Hat Linux as far a governmental use goes. According to ComputerWorld:
Red Hat Linux has been certified EAL4 Augmented with ALC_FLR.3 on IBM’s mainframe, System x, System p5 and eServer systems. This level of security certification is not usually required for enterprise contracts, but it is mandatory for some programs within government agencies such as the U.S. Department of Defense and the U.S. National Security Agency, Frye said.
Linux had already been certified at the EAL4 level, but this is the first time that the operating system has received the Labeled Security Protection Profile (LSPP) certification, which relates to its access-control features.
This should open the door with the DOD and other high security governmental agencies to be able to consider Red Hat Linux for critical use. Linux had already been certified EAL4, but this is the first time it’s gotten some of the additional certifications along with EAL4.
{ 2 comments… read them below or add one }
Hmmm, I wonder if Windoze has ever achieved such high marks??? I rather doubt it!
Hi Paul,
Actually I believe that some versions of Windows have been received EAL4 certifications. It’s a very involved process with strick rules about configuration and setup.
I’m not sure which versions or any additional certifications.
Leave a Comment