Red Hat, IBM and TCS Team on Linux


Trusted Computer Solutions, Inc. (TCS), a supplier of information sharing technologies to the Department of Defense, the intelligence community and commercial industry, together with Red Hat (Nasdaq: RHAT), provider of open source solutions to the enterprise, and IBM (NYSE: IBM), today announced that Red Hat Enterprise Linux is in Common Criteria evaluation on a broad range of IBM eServer systems. This evaluation will mean that the Red Hat Enterprise Linux meets government security standards for assured information sharing within and across government agencies.

The following details were provided:

Red Hat Enterprise Linux v.5 officially entered The National Information Assurance Partnership (NIAP) approved Common Criteria Evaluation & Validation Scheme (CCEVS) this month to bring a new level of security and assurance to Linux. This operating platform contains kernel and Security Enhanced Linux (SELinux) policy enhancements, developed by IBM, Red Hat, TCS and the community. TCS security enhancements augment the security features of the National Security Agency's SELinux.

The joint effort enables high-value, proven, cross-domain security applications -- such as TCS SecureOffice® NetTop® and NetTop2 - Thin Client, which allow users access to multiple security levels on a single computer -- to run on Red Hat Enterprise Linux.

"For years our customers have been clamoring for the look, feel, flexibility, and functionality of today's commercial software," said Susan Alexander, chief of information assurance research at the NSA. "With NetTop, based on SELinux, they can get just such an environment...without compromising on security."

Prior to the general availability of Red Hat Enterprise Linux v.5 and in compliance with NSTISSP No. 11 National Policy, government agencies can now acquire and implement TCS cross-domain security applications based on a Linux trusted operating system platform. Red Hat Enterprise Linux v.5 will be the first open source distribution with these capabilities.

IBM is sponsoring the certification of Red Hat Enterprise Linux v.5 and has entered the CCEVS at Evaluation Assurance Level 4 (EAL4) and will include the security functionality defined in three protection profiles recognized by the Common Criteria: Labeled Security Protection Profile (LSPP), Controlled Access Protection Profile (CAPP), and Role-Based Access Control Protection Profile (RBAC). These profiles support the requirements of Director of Central Intelligence Directive (DCID) 6/3 at Protection Level 4, which specifies security intelligence-related information and systems measures, including those necessary for Top Secret and Below Interoperability (TSABI).

This CCEVS evaluation means Red Hat Enterprise Linux will reach a level of security previously achieved by only a handful of trusted operating systems. Red Hat Enterprise Linux is now positioned to provide best-of-breed security capabilities for commercial operating systems, offering the government, as well as businesses, unprecedented choice for security applications. The benefits included broader hardware platform choice, reduced cost and IT complexity, improved access to data for decision making and improved government collaboration and intelligence sharing.

Red Hat Enterprise Linux v.5 is anticipated to be in general availability from Red Hat in late 2006. However, in compliance with NSTISSP No. 11 National Policy, the functionality is available today from TCS as a component of their commercial products.

"Red Hat Enterprise Linux will join an exclusive community of trusted operating systems that have achieved this level of security," said Ed Hammersla, chief operating officer at TCS. "The powerful collaboration between IBM, Red Hat, NSA and TCS is going to shake things up, and means our customers have a safe open source alternative to run our SecureOffice suite of application software."

"IBM is joining with Red Hat and TCS to enhance its offerings to the government market with solutions that support both open standards and government security standards," said Anne Altman, IBM's managing director of US Federal. "This announcement represents another example of IBM's ongoing commitment to supplying solutions to the government market, and its commitment to expanding the adoption of Linux throughout government and government agencies."

"In a relatively short period of time Linux has come to be known as a standard, secure computing platform," said Brian Stevens, vice president of Operating Systems Development at Red Hat. "This new level of certification is a testament to the power of collaboration. IBM, TCS, the NSA, Red Hat and the community have worked together to bring the Linux platform forward with rapid innovation in the area of security. This collaboration and evaluation effort will make Red Hat Enterprise Linux the most secure open source operating system platform available."

IBM is working with Red Hat to sponsor the certification of Red Hat Enterprise Linux v.5 on multiple platforms to maximize choice and value for customers. Red Hat Enterprise Linux v.5 will be evaluated on IBM server brands, including: xSeries, pSeries, zSeries and BladeCenter. IBM's server product line offers customers industry-leading performance together with application flexibility, solution choice, and outstanding scalability, reliability and security. IBM's Linux Technology center is working with the open source community and contributing code to this effort. IBM selected atsec information security, a vendor-independent consulting company in the business of IT security, as the certification lab for this effort.

  • Subscribe Newsletter
  • Contribute
Subscribe to ebizQ:

Enter your email address:

 Subscribe Blog Updates via RSS

 Subscribe News via RSS

ebizQ is very interested in what you have to say. To contribute an article, an opinion, or to become a blogger, please contact Peter Schooff.

  • Virtual Conferences
  • Webinars
  • Roundtables

SOA Cloud Qcamp

June 3, 2009

One of the most compelling trends in the enterprise business technology space over the past year has been the emergence of cloud computing. In ebizQ’s upcoming Qcamp virtual un-conference, leading industry experts and practitioners will explore the role of service-oriented architecture (SOA) and business process management (BPM) in supporting cloud-computing initiatives. Additionally, the new skills that developers and IT managers need for successful cloud development will be discussed.Register

View All Virtual Conferences

Smart Case Management: Why It's So Smart.

Date:Nov 05, 2009
Time:12:00 PM ET- (17:00 GMT)


Date:Oct 29, 2009
Time:15:00 PM ET- (19:00 GMT)

View All Roundtables
  • White Papers
  • Podcasts
  • Blogs

Joe McKendrick: Part II of II: Designing Evolve-ability into SOA and IT Systems

In part two of Joe McKendrick's recent podcast with Miko Matsumura, chief strategist for Software AG, they talk about how SOA and IT systems need to change and grow and adapt with the organization around it.

Listen Now

Phil Wainewright: Helping Brands Engage with Social Media

Phil Wainewright interviews David Vap, VP of products at RightNow Technologies, and finds out how sharing best practices can help businesses understand how best to engage with online communities.

Listen Now

Peter Schooff: Making Every IT Dollar Result in a Desired Business Outcome: Scott Hebner of IBM Rati

Scott Hebner, Vice President of Marketing and Strategy for IBM Rational, discusses a topic on the top of every company's mind today: getting the most from IT investments.

Listen Now

Jessica Ann Mola: Where Will BI Fit In? Lyndsay Wise Explains

In BI, this tough economy and the increasing role of Web 2.0 and MDM are certainly topics on people's minds today. WiseAnalytics' Lyndsay Wise addresses each of them in this informative podcast.

Listen Now

Dennis Byron: Talking with...Deepak Singh of BPM Provider Adeptia

Deepak Singh, President and CTO of Adeptia, joins ebizQ's Dennis Byron in a podcast that gets its hand around the trend of industry-specific BPM.

Listen Now
More Podcasts
  • Most Read
  • Quick Guide
  • Most Discussed

Quick Guide: What is BPM?

Learn More

Quick Guide: What is Event Processing?

Smart event processing can help your company run smarter and faster. This comprehensive guide helps you research the basics of complex event processing (CEP) and learn how to get started on the right foot with your CEP project using EDA, RFID, SOA, SCADA and other relevant technologies. Learn More

Quick Guide: What is Enterprise 2.0?

A lot of people are talking about Enterprise 2.0 as being the business application of Web 2.0 technology. However, there's still some debate on exactly what this technology entails, how it applies to today's business models, and which components bring true value. Some use the term Enterprise 2.0 exclusively to describe the use of social networking technologies in the enterprise, while others use it to describe a web economy platform, or the technological framework behind such a platform. Still others say that Enterprise 2.0 is all of these things. Learn More