Enterprise Linux Log

Jul 16 2007   11:52AM GMT

HP earns EAL 4 certification on Linux

ITKE ITKE Profile: ITKE

Today HP execs wrote to tell us that their company has been awarded a top international Linux security certification. The certification, called the Evaluation Assurance Level 4 (EAL4+) Common Criteria security certification for Red Hat Enterprise Linux 5, applies to HP servers, workstations and notebooks.

In June, if you’ll remember, IBM was awarded the same EAL4+ certification for RHEL5 running on IBM System x, System p, System z, and BladeCenter servers.

This cert is part of the Common Criteria Evaluation and Validation Scheme (CCEVS), an internationally recognized standard used by governments and businesses worldwide to determine the level of security and assurance of IT products. CCEVS, undertaken by the National Information Assurance Partnership (NIAP), is part of a collaboration between the National Institute of Standards and Technology and the National Security Agency.

HP has been awarded EAL4+, the highest level of assurance for an unmodified, commercial operating system, for Labeled Security Protection Profile (LSPP), Controlled Access Protection Profile, and Role-Based Access Control Protection Profile for Red Hat Enterprise Linux 5 on HP Integrity, ProLiant and BladeSystem platforms as well as select workstations and desktops.

According to HP, the company worked with Red Hat and the Linux community to develop the features required for the EAL4+ certification. This included contributions to help customers integrate a Linux system into a mixed network with other trusted operating systems. As part of HP’s Secure Advantage product portfolio, this certified product offering helps companies protect data and resources across their entire IT infrastructure to achieve better business outcomes.

The LSPP profile enables HP and its partners to build applications with multiple levels of security. This capability allows government agencies and commercial businesses to collaborate securely by sharing applications with different security clearances on a single system and still have assurance that the system will enable only authorized access at the appropriate level.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: