Welcome!

Server Monitoring Authors: Carmen Gonzalez, AppDynamics Blog, Yeshim Deniz, Liz McMillan, Pat Romanski

Related Topics: Server Monitoring, Cloud Security

Server Monitoring: Article

Security Takes Lead in Red Hat Enterprise Linux

Security Takes Lead in Red Hat Enterprise Linux

"Security certifications and compliance with standards are top priorities for Red Hat and are key drivers of innovation," noted Paul Cormier, executive vice president of Engineering at Red Hat. "We are committed to industry standards and will continue to drive acceptance and adherence of standards, leading by example." Demonstrating its commitment, Red Hat recapped its security accomplishments, and outlined a two-year roadmap for security in Red Hat Enterprise Linux. Work to achieve government security standards, security certifications, and work with the NSA-developed SELinux lead the list of security initiatives planned by Red Hat. Red Hat's goal is to advance industry security standards and simplify security for customers.

Since its availability in 2002, Red Hat Enterprise Linux has achieved important milestones in security standards:

  • In 2003 Red Hat Enterprise Linux was the first Linux platform to achieve Department of Defense (DoD) Defense Information Systems Agency (DISA) Common Operating Environment (COE) certification.
  • In February 2004 Red Hat Enterprise Linux was awarded Common Criteria Evaluation Assurance Level (EAL) 2 certification.
  • In February 2004 Red Hat receives Mitre certification for Common Vulnerabilities and Exposures (CVE) compatibility for Security Advisories.

    Last quarter Red Hat Enterprise Linux v. 3 was awarded Common Criteria Evaluation Assurance Level (EAL) 2 certification by the UK IT Security Evaluation and Certification Scheme. The evaluation is in compliance with the U.S. government's security policy directives. The Common Criteria Scheme enables consumers to obtain an impartial assessment of an IT product by an independent lab. This impartial assessment, or security evaluation, includes an analysis of the IT product and the testing of the product for conformance to a set of security requirements. Security standards play a critical role in today's computing architecture and Red Hat is working to achieve higher levels of security evaluation with EAL 3 and 4 certification in future releases of Red Hat Enterprise Linux.

    A second security accomplishment for Red Hat is the certification from Mitre for Common Vulnerabilities and Exposures (CVE) compatibility for Security Advisories. CVE aims to standardize the names for all publicly known vulnerabilities and security exposures to simplify security practices. Red Hat is the only Linux vendor to be awarded this certification for security standards.

    Most recently made available in March as part of Fedora Core 2, test 2, Security Enhanced Linux is the most significant milestone in Red Hat's security roadmap for Red Hat Enterprise Linux. Benefits to customers with an implementation of SELinux will be reduced risk and exposure to many of the common security vulnerabilities as well as system access control at a much more granular level. SELinux will be fully integrated and available in Red Hat Enterprise Linux v. 4 in early 2005. For more information on EAL, CVE or other standards, please visit http://www.redhat.com/. To download Fedora Core 2, test 2, with SELinux please visit http://fedora.redhat.com.

  • More Stories By Red Hat News Desk

    Red Hat News Desk trawls the world's news information sources and brings you timely updates on its flagship Red Hat Enterprise Linux as well as the company's other product lines including database, content, and collaboration management applications; server and embedded operating systems; and software - including its most recent virtualization offerings.

    Comments (0)

    Share your thoughts on this story.

    Add your comment
    You must be signed in to add a comment. Sign-in | Register

    In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


    IoT & Smart Cities Stories
    The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected pat...
    There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
    Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the mod...
    At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
    Druva is the global leader in Cloud Data Protection and Management, delivering the industry's first data management-as-a-service solution that aggregates data from endpoints, servers and cloud applications and leverages the public cloud to offer a single pane of glass to enable data protection, governance and intelligence-dramatically increasing the availability and visibility of business critical information, while reducing the risk, cost and complexity of managing and protecting it. Druva's...
    BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.
    The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, compared the Jevons Paradox to modern-day enterprise IT, examin...
    With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors! In this blog post, we provide 7 tips on how, as part of our world-class faculty, you can deliver one of the most popular sessions at our events. But before reading...
    DSR is a supplier of project management, consultancy services and IT solutions that increase effectiveness of a company's operations in the production sector. The company combines in-depth knowledge of international companies with expert knowledge utilising IT tools that support manufacturing and distribution processes. DSR ensures optimization and integration of internal processes which is necessary for companies to grow rapidly. The rapid growth is possible thanks, to specialized services an...
    At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...