IBM and Red Hat, Inc. announced that Red Hat Enterprise Linux 5 with the KVM hypervisor on IBM Systems has been awarded Common Criteria Certification at Evaluation Assurance Level 4+ (EAL4+). The Common Criteria is an internationally recognized set of standards used by the federal government and other organizations to assess the security and assurance of technology products. This security certification is the first of its kind for an open source virtualization solution.
With this new certification, the KVM hypervisor on Red Hat Enterprise Linux and IBM x86 servers now meets government security standards allowing open virtualization to be used in homeland security projects, command-and-control operations, and throughout government agencies that previously were limited to proprietary virtualization technologies. This security certification paves the way for governments, financial institutions and other security-conscious agencies to create secure, open virtualized IT environments and private clouds.
Open virtualization offers organizations, including government agencies and financial businesses, the opportunity to reduce costs and increase choice with the enterprise-grade KVM hypervisor. "We expect this certification to pave the way for broader adoption of private cloud computing infrastructure in government agencies," says Paul Smith, general manager and vice president for public sector operations at Red Hat.
Red Hat Enterprise Linux 5 features Security-Enhanced Linux (SELinux), a joint project developed by the National Security Agency (NSA) and Red Hat. This Common Criteria certification allows producers to use Red Hat Enterprise Linux 5 with the KVM hypervisor with confidence as they host many tenants on the same machine, knowing that their virtual guests will be separated from each other using Mandatory Access Control technology developed by the NSA. "SELinux addresses common government agency concerns about implementing virtualization, because it provides for virtual resources to run in separate containers and protect each one individually in case of intrusion," says Smith.
The certification of KVM and Red Hat Enterprise Linux 5 applies to IBM System x, BladeCenter and iDataPlex servers. Red Hat Enterprise Linux 6 with the KVM hypervisor is officially "In Evaluation" for Common Criteria certification at EAL4+.
For a full roster of Red Hat's certifications and accreditations, visit www.redhat.com/solutions/industry/government/certifications.html.
For more information on Red Hat, visit www.redhat.com.