- BlackBerry Storm vs. the iPhone
- Digg's Kevin Rose: "We have to do better"
- Blogger warns: "Nortel doesn't make it out alive"
- Financial quagmire bringing out the scammers
- Verizon plays with the wrong e-mail addresses
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
Linux took another step in its evolution Tuesday when IBM and SuSE Linux announced that the open source operating system had achieved an international security certification used by the federal government.
At LinuxWorld in San Francisco, the companies announced that SuSE Linux Enterprise Server 8 running on Intel-based IBM servers had achieved a Common Criteria Security certification. IBM has been shepherding SuSE through the Common Criteria process.
Common Criteria is an internationally recognized standards organization created specifically to develop criteria for IT security. To earn Common Criteria certification, products must meet strict standards in areas such as development environments, security functionality, how security vulnerabilities are handled, security-related documentation and product testing.
A year ago, the National Security Agency mandated that all national security systems use Common Criteria-evaluated products, but has since relaxed that directive because of the dearth of accredited products. Instead, vendors whose products are used for national security systems must commit to getting their products through Common Criteria testing.
With the certification, Linux joins a handful of products that have been OK'd by Common Criteria. The certification "will be a critical factor as Linux is applied to mission critical environments," says Fritz Schulz of the Defense Information Systems Agency.
SuSE Linux Enterprise Server 8 on IBM eServer xSeries earned an Evaluation Assurance Level 2+ certification (EAL2), and IBM and SuSE say that they have filed for a higher level of security certification and expect to achieve that later this year.
In addition to the Common Criteria certification, IBM and SuSE Linux also announced that the SuSE Linux product on IBM eServer platforms is expected to meet the Defense Department's Common Operating Environment requirements, which deal with the functionality and interoperability of software with customized government code.
The Common Criteria evaluation of Linux was completed by Atsec Information Security, an independent IT security consulting company in Germany. In its evaluation, Atsec evaluated how SuSE Linux develops, tests and maintains its products and what its policies are when it comes to handling security issues in its software.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
CA Network & Voice Resource Center
Comprehensive Network & Voice Management Visit CA Network & Voice Management Resource Center and get insights into industry best practices, information that helps you to address your challenges.
CA Network & Voice Management Resource Center
Managing Voice Over IP for Successful Convergence
Voice over IP (VoIP) has much to offer in cost savings but some customers have concerns about VoIP call quality compared to the quality of traditional voice services. This white paper will help you learn how to take the right steps so that voice quality is assured.
Managing VoIP for Successful Convergence
The Changing Face of Network Management
Managing your network is serious business. This paper discusses the benefits of integrating configuration change-awareness into your network fault management solution
Download Whitepaper
Comment