atsec information security Evaluates Red Hat Linux 4 Update 2 at Common Criteria EAL310 April 2006
atsec information security is proud to announcecompletion of its Common Criteria evaluation of Red Hat Linux 4 Update 2 atevaluation assurance level (EAL) 3 in just six months. The accomplishmentadds to atsec's unparalleled reputation for timely completion of Linuxevaluations; since December 1, 2004, atsec has initiated and completed fiveLinux evaluations at EAL3+ and EAL4+ for three different customers. Thetimely completion of evaluation projects is critical if sponsors are toreap maximum benefit from their investment. atsec's proven success intimely evaluation of Linux products is attributable to the extensiveexperience of its Linux product evaluators, its ongoing workingpartnerships with Linux product sponsors, and its excellent relationshipswith the Common Criteria certifying and validating bodies.
Red Hat Linux 4 Update 2 was certified by the U.S. National InformationAssurance Partnership (NIAP) Common Criteria Evaluation and ValidationScheme (CCEVS) as conformant to EAL3+ and the Controlled Access ProtectionProfile (CAPP), which specifies a set of security functional and assurancerequirements for IT products. The operating system is certified on HPserver platforms including Itanium 2 processor based servers, and IntelPentium/Xeon based servers with EM64T 64-bit extensions and HP AMD Opteronprocessor. HP sponsored the evaluation effort.
Completing evaluations efficiently and with limited resource investment byNIAP is essential for the success of the evaluation program, as pointed outin a recent report by the Government Accountability Office (GAO) on CommonCriteria evaluations. atsec supports these goals and has demonstrated withthis project that Common Criteria evaluations under the NIAP scheme can bedone efficiently, satisfying some of the challenges the GAO reportidentified.
Highlighted Links www.atsec.com
In fact, atsec information security is the world leader in Common Criteriaevaluation of Linux, which is the world's most scrutinized operating systemunder the Common Criteria. In less than three years since atsec pioneeredevaluation of open source Linux systems in its successful August 2003effort to certify SUSE Linux 8, the company has recorded ten successfulLinux evaluations on five different distributions on a large range ofhardware platforms (Intel Xeon 32-bit and 64-bit platforms; Intel Pentiumbased platforms; IBM iSeries, pSeries, zSeries, IBM eServer Opteron basedsystems; HP Opteron based systems; HP Intel Itanium based systems, and SGIAltix massive parallel systems based on Itanium processors) to twodifferent national Schemes, CCEVS NIAP in the U.S. and BSI in Germany. Itis noteworthy that for each of the ten completed evaluations, atsecexamined a unique combination of Linux distribution, hardware platform, andvendor-specific supporting software.
Operating system evaluation is the greatest test of competence in thefield, and atsec continues to earn its reputation as the world leader inthis sphere. Helmut Kurth, atsec Chief Scientist, notes: "Of the 42successful operating system evaluations performed world-wide as listed onthe official Common Criteria Portal web site(www.commoncriteriaportal.org), 22 were performed by atsec."
The conclusion of the Red Hat Linux 4 Update 2 evaluation closely followscompletion of two milestone operating system evaluations: Red HatEnterprise Linux 4 at EAL4+ conformant to CAPP, and IBM z/OS V1R7 at EAL4+conformant to CAPP and the Labeled Security Protection Profile (LSPP).Continuing its pioneering efforts, atsec is conducting the first everevaluation of a Linux product with the SE-Linux security enhancementagainst the Labeled Security Protection Profile (LSPP) in its examinationof Red Hat Enterprise Linux 5. Linux industry experts have noted that thisevaluation is particularly important because it might represent a historicopportunity to integrate security features that are currently specific tothe security Linux branch back into the mainstream commercial Linux branch.
atsec is one of only four companies worldwide with multiple evaluation labsaccredited to perform evaluations under two different national schemes.atsec labs have been accredited by NIAP CCEVS in the U.S. and BSI inGermany to perform evaluations using the Common Criteria standard.Eligibility to perform evaluations under both major schemes and theavailability of a large (40+) staff of qualified evaluators, enable atsecto offer its customers both maximum flexibility, and proven expertise andexperience in Common Criteria evaluations. For more information aboutatsec's qualifications and competence, see www.atsec.com. For independentconfirmation of atsec's competence and reputation, visit the NIAP or BSIwebsites, or contact NIAP or BSI directly.
Scrutiny of Red Hat Linux 4 Update 2 continues. Evaluation at the morerigorous evaluation assurance level 4 begins immediately.
About atsec information security
atsec information security is an independent, standards-based IT(information technology) security consulting and evaluation servicescompany that combines a business-oriented approach to information securitywith in-depth technical knowledge and global experience. atsec launchedits U.S. business in May 2003, building on extensive success in Europedating back to 2000. atsec leverages its deep security, process, andstandards expertise to consult on a wide range of IT security needs,enabling clients to establish integrated security management procedures inorder to manage security risk and improve data, product, and businessprocess reliability. atsec works with leading global companies such asIBM, HP, BMW, SGI, Swisscom, RWE, and Vodafone. For more information,please visit www.atsec.com.
Media Contact:Andreas Fabisfabis@atsec.comatsec information security corporation(512) 615-7317
SOURCE: atsec information security corporation
Source: marketwire
All trademarks and copyrighted information contained herein are the property of their respective owners.
Related Computer Hardware Articles
|
