Red Hat Enterprise Linux 6, including the KVM hypervisor, has been awarded the Common Criteria Certification at Evaluation Assurance Level (EAL) 4+ – the highest level of assurance for an unmodified commercial operating system – for the Operating System Protection Profile (OSPP) including extended modules for Advanced Management, Advanced Audit, Labeled Security, and Virtualization for Red Hat Enterprise Linux 6 on Dell, HP, IBM and SGI hardware.
The Common Criteria is an internationally recognized set of standards used by the federal government and other organizations to assess the security and assurance of technology products. In the Common Criteria scheme, EAL represents the depth and rigor of the evaluation, giving consumers the confidence that products specified at a specific level meet the package of security assurance requirements associated with that level.
This certification provides government agencies, financial institutions, and customers in other security-sensitive environments the assurance that Red Hat Enterprise Linux 6 meets government security standards. Red Hat Enterprise Linux 6 features Security-Enhanced Linux (SELinux), a joint project developed with the National Security Agency (NSA).
This Common Criteria certification provides assurance that using Red Hat Enterprise Linux 6 with the KVM hypervisor allows providers to host many tenants on the same machine while keeping their virtual guests separated from each other using Mandatory Access Control technology developed by the NSA.
Paul Smith, vice president and general manager, Public Sector operations, Red Hat said: “This marks our 15th completed Common Criteria certification for Red Hat Enterprise Linux, earning Red Hat a place at the top of the list of the industry’s most certified operating systems. We’ve been deeply committed to security certifications so that customers can confidently turn to Red Hat for the expertise to deploy open source solutions at maximum security levels, and our work with Dell, HP, IBM and SGI on this certification reinforces that government customers can run Red Hat Enterprise Linux with confidence on a wide variety of hardware from many of the industry’s top providers.”