| HP releases multi-level security services for RHEL5 |
Nov. 01, 2007
There is security, and then there is Security. HP, with its new multi-level security services for Red Hat Enterprise Linux 5 is now offering Common Criteria certified level security for this Linux on its server and desktops.
Common Criteria is an ISO security framework standard. It is frequently required in government computing contracts. It is also, historically, difficult for open-source software to obtain, as described briefly in "Free-Libre/Open Source Software (FLOSS) and Software Assurance" (PDF link) by David A. Wheeler, an author and software developer.
Erik Lillestolen, HP's government program manager for the open-source & Linux organization, hopes that these new offerings will help get not just HP computers, but Red Hat Linux as well into secure federal government offices.
The new services include five support services. Support options include long-term support, MLS solution on-site training, MLS solutions design, implementation and validation, MLS Support and Standard Support with level 1 and level 2 care pack. All of these are provided by Hewlett-Packard. Red Hat, in turn, supports HP, but for a customer there's only, as the saying goes, "one throat to choke" in case there's a problem, and that throat is HP's.
The services are compatible with a wide range of HP hardware products, including HP ProLiant, HP BladeSystem and HP Integrity servers as well as select workstations, desktops and notebooks. It is these hardware/OS platforms used together than have been Common Criteria certified.
"Multi-level security is mission-critical for customers managing top-secret information, such as government agencies. HP is thrilled to deliver customers the first MLS offering for Linux in the industry, enabling the utmost in security without the complexity and cost of a proprietary operating system," said Lillestolen. "This is an important step in combating the perception that taking Linux security to the next level is a long and complicated process."
Lillestolen is correct. It is not uncommon for Common Criteria testing to take millions of dollars. The entire Common Criteria process has long been heavily criticized. Still, when all is said and done, many products must be Common Criteria certified to even be considered for purchase by many government agencies.
According to HP, the key benefits of the MLS Services include: Reduced risk, rapid deployment and lowered costs. Paul Smith, Red Hat's vice president of government sales operations, said, "With unauthorized intrusions and data breaches ever-present concerns for federal IT departments, protecting sensitive and confidential data is of paramount importance as military, intelligence and law enforcement agencies coordinate efforts on national security initiatives. The multi-level security functionality within RHEL combined with the additional offerings from HP will help government CIOs ensure the integrity of sensitive information and limit its access to authorized personnel."
Steven J. Vaughan-Nichols
Do you have comments on this story?
Talkback here
NOTE: Please post your comments regarding our articles using the above link. Be sure to use this article's title as the "Subject" in your posts. Before you create a new thread, please check to see if a discussion thread is already running on the article you plan to comment on. Thanks!
Related Stories:
(Click here for further information)
|
|
|
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.
Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.
Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.
Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.
Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.
Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.
Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.
Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.
|
|
|
|
|
news feed