Red Hat, Inc. and IBM jointly announced that Red Hat Enterprise Linux 5 with the KVM hypervisor on IBM Systems has been awarded Common Criteria Certification at Evaluation Assurance Level 4+ (EAL4+). The Common Criteria is an internationally recognized set of standards used by the federal government and other organizations to assess the security and assurance of technology products. This security certification is the first of its kind for an open source virtualization solution.
With the new certification, the KVM hypervisor on Red Hat Enterprise Linux and IBM x86 servers now meets government security standards allowing open virtualization to be used in homeland security projects, command-and-control operations, and throughout government agencies that previously were limited to proprietary virtualization technologies. This security certification paves the way for governments, financial institutions and other security-conscious agencies to create secure, open virtualized IT environments and private clouds. Open virtualization offers organizations, including government agencies and financial businesses, the opportunity to reduce costs and increase choice with the enterprise-grade KVM hypervisor.
Red Hat Enterprise Linux 5 features Security-Enhanced Linux (SELinux), a joint project developed by the National Security Agency (NSA) and Red Hat. This Common Criteria certification allows producers to use Red Hat Enterprise Linux 5 with the KVM hypervisor with confidence as they host many tenants on the same machine, knowing that their virtual guests will be separated from each other using Mandatory Access Control technology developed by the NSA.
"Security is critically important to all our clients as they share workloads and data through virtualization and in the cloud - and especially so to our government and financial customers around the world," notes Jean Staten Healy, director, WW Linux and Open Virtualization, IBM.
"This certification highlights the combined power of SELinux and KVM and we expect it to pave the way for broader adoption of private cloud computing infrastructure in government agencies," adds Paul Smith, general manager and vice president, public sector operations, Red Hat. "SELinux addresses common government agency concerns about implementing virtualization because it provides for virtual resources to run in separate containers and protect each one individually in case of intrusion."
The certification of KVM and Red Hat Enterprise Linux 5 applies to IBM System x, BladeCenter and iDataPlex servers. Red Hat Enterprise Linux 6 with the KVM hypervisor is officially "In Evaluation" for Common Criteria certification at EAL4+.
For more information from IBM, visit www.ibm.com/systems/KMV or www.ibm.com/linux.
For a full roster of Red Hat's certifications and accreditations, visit www.redhat.com/solutions/industry/government/certifications.html.