This article is more than 1 year old
Red Hat gets RHEL 8.2 certified for high level US government security
Linux slinger's gear can now look after ███ ███ ███ in secure ███ ███
Linux slinger Red Hat has achieved Common Criteria certification for Red Hat Enterprise Linux 8.2.
This means it is cleared as a platform suitable for US users with critical workloads in classified and sensitive deployments, including national security agencies, finance and healthcare organizations.
According to Red Hat, RHEL 8.2 was certified by the National Information Assurance Partnership (NIAP), an American government program that oversees evaluation and validation of commercial off-the-shelf (COTS) IT products for conformance to the international Common Criteria requirements. Actual testing and validation was completed by Acumen Security, a laboratory accredited by the US government.
Common Criteria certification itself is designed to provide a level of assurance to users that a particular product meets security criteria for specific compute environments. Rigorous testing by a qualified independent third party is a key part of this process.
RHEL 8.2 was validated against the Common Criteria Standard for Information Security Evaluation (ISO/IEC 15408) using version 4.2.1 of the NIAP General Purpose Operating System Protection Profile, including Extended Package for Secure Shell (SSH), version 1.0.
This version of Red Hat Enterprise Linux was released in April 2020, perhaps giving an indication of the level of testing necessary to achieve Common Criteria certification (CCC). It is, however, only the latest release of the platform to be accredited.
Clara Conti, Red Hat VP and general manager for North America Public Sector, said the certification of RHEL 8.2 "shows our continued commitment to making Red Hat Enterprise Linux a platform ... [that] serves as the backbone for critical and security-sensitive operations."
Meanwhile, Red Hat recently announced a beta release of RHEL 8.6, which showcases the new features coming in the production release of the platform, as usual.
This includes more system roles to streamline RHEL configuration for common tasks, such as a High Availability Cluster role, with automated tooling to standup high availability clusters using prescriptive use case scenarios and topology recommendations. There is also a Firewall System role and a System Role for web console, which automates the installation and configuration of the RHEL web console.
- CentOS Stream 9: Understanding the new Red Hat OS release for non-Red-Hat-type people
- Red Hat 8.5 released with SQL Server and .NET 6 ... this is Linux, right?
- Enterprise open-source is on the up and proprietary software on the way down
- Red Hat forced to hire cheaper, less senior engineers amid budget freeze
Last year, Red Hat also released an early beta for Red Hat Enterprise Linux 9, which is based on Linux kernel version 5.14 and provides a preview of the next major update of RHEL.
Red Hat customers can directly access the Red Hat Enterprise Linux Betas from the Red Hat Enterprise Linux Customer Portal.
Last month, Red Hat's owner, IBM, spilled the beans on its long term strategy behind the decision to purchase the Linux distributor. Spoiler: it is the OpenShift application platform. ®