This article is more than 1 year old

Red Hat gets RHEL 8.2 certified for high level US government security

Linux slinger's gear can now look after ███ ███ ███ in secure ███ ███

Linux slinger Red Hat has achieved Common Criteria certification for Red Hat Enterprise Linux 8.2.

This means it is cleared as a platform suitable for US users with critical workloads in classified and sensitive deployments, including national security agencies, finance and healthcare organizations.

According to Red Hat, RHEL 8.2 was certified by the National Information Assurance Partnership (NIAP), an American government program that oversees evaluation and validation of commercial off-the-shelf (COTS) IT products for conformance to the international Common Criteria requirements. Actual testing and validation was completed by Acumen Security, a laboratory accredited by the US government.

Common Criteria certification itself is designed to provide a level of assurance to users that a particular product meets security criteria for specific compute environments. Rigorous testing by a qualified independent third party is a key part of this process.

RHEL 8.2 was validated against the Common Criteria Standard for Information Security Evaluation (ISO/IEC 15408) using version 4.2.1 of the NIAP General Purpose Operating System Protection Profile, including Extended Package for Secure Shell (SSH), version 1.0.

This version of Red Hat Enterprise Linux was released in April 2020, perhaps giving an indication of the level of testing necessary to achieve Common Criteria certification (CCC). It is, however, only the latest release of the platform to be accredited.

Clara Conti, Red Hat VP and general manager for North America Public Sector, said the certification of RHEL 8.2 "shows our continued commitment to making Red Hat Enterprise Linux a platform ... [that] serves as the backbone for critical and security-sensitive operations."

Meanwhile, Red Hat recently announced a beta release of RHEL 8.6, which showcases the new features coming in the production release of the platform, as usual.

This includes more system roles to streamline RHEL configuration for common tasks, such as a High Availability Cluster role, with automated tooling to standup high availability clusters using prescriptive use case scenarios and topology recommendations. There is also a Firewall System role and a System Role for web console, which automates the installation and configuration of the RHEL web console.

Last year, Red Hat also released an early beta for Red Hat Enterprise Linux 9, which is based on Linux kernel version 5.14 and provides a preview of the next major update of RHEL.

Red Hat customers can directly access the Red Hat Enterprise Linux Betas from the Red Hat Enterprise Linux Customer Portal.

Last month, Red Hat's owner, IBM, spilled the beans on its long term strategy behind the decision to purchase the Linux distributor. Spoiler: it is the OpenShift application platform. ®

More about

More about

More about


Send us news

Other stories you might like