Red Hat Completes FIPS 140-2 Certifications for Red Hat Enterprise Linux 7
The world’s leading enterprise Linux platform adds nine security
certifications from the National Institute of Standards and Technology
RALEIGH, N.C.--(BUSINESS WIRE)--
Red Hat, Inc. (NYSE: RHT), the world’s leading provider of open source
solutions, today announced that Red Hat Enterprise Linux 7.1 has
received nine Federal Information Processing Standard (FIPS) 140-2
security certifications from the U.S. federal government’s National
Institute of Standards and Practices (NIST). These certifications,
achieved in 2016, emphasize Red Hat’s focus on delivering a more secure
foundation for mission-critical systems, building upon Red
Hat Enterprise Linux 7.1’s recent achievement of a Common Criteria
security certification at Evaluation Assurance Level (EAL) 4+ as the
first certified operating system to offer Linux Container Framework
Support.
The FIPS 140-2 certification program is a joint initiative between the
U.S.-based National Institute for Standards and Technology (NIST) and
the Communications Security Establishment (CSE) for the Government of
Canada. This internationally recognized certification is mandated by
national agencies in the U.S. and Canada and recognized in Europe and
Australia. Information systems based on Red Hat Enterprise Linux 7 now
have greater assurance that native cryptographic security systems, such
as those used to encrypt data and provide more secure communications,
have been formally evaluated to meet international cryptography
standards.
Red Hat Enterprise Linux 7.1 has achieved FIPS 140-2 certification for
the following modules:
The certified Red Hat Enterprise Linux 7.1 modules retain FIPS 140-2
certification when running on these hardware configurations:
-
HPE ProLiant DL380p Gen8 with PAA
-
HPE ProLiant DL380p Gen8 without PAA
-
IBM Power8 Little Endian 8286-41A
-
IBM z13 (single-user mode)
The U.S. Secretary of Commerce approves standards and guidelines that
are developed by NIST for U.S. federal information systems. The FIPS 140
Publication Series coordinates the requirements and standards from
cryptographic modules for hardware and software, and in order to achieve
FIPS 140-2 validation, cryptographic modules are subjected to rigorous
testing by independent, accredited test facilities.
The validation testing for today’s announcement was performed by atsec
information security corporation’s Cryptographic and Security Testing
Laboratory in Austin, Texas. atsec is an independent company with
long-standing experience in international IT security standards.
Supporting Quotes
Paul Smith, vice president and general
manager, Red Hat
“Protecting highly-sensitive data, from
employee and customer financial data to national security details, is a
critical need for modern IT departments, particularly those operating in
the public sector. Red Hat understands the varied IT security needs of
these organizations, and Red Hat Enterprise Linux’s FIPS 140-2 and
Common Criteria EAL4+ certifications provide continued support of our
commitment to deliver a highly-secure operating system for environments
that require the strictest of protections.”
Yi Mao, manager, Cryptographic Security Test Laboratory, atsec
information security
“Red Hat endeavors to keep assurances by
having a third party lab working with them to perform code inspection
and independent testing against rigorous standards in cryptography as
well as product security. It has been a dramatic effort for Red Hat to
take their stack of cryptographic libraries running on the operating
system RHEL 7.1 through FIPS 140-2 validation. Their pursuit for greater
security is demonstrated in the wide validation scope and deep
understanding of security requirements, and we are honored to be Red
Hat’s chosen lab for these FIPS 140-2 certifications and applaud their
achievement.”
Additional Resources
Connect with Red Hat
About Red Hat, Inc.
Red Hat is the world’s leading provider
of open source software solutions, using a community-powered approach to
provide reliable and high-performing cloud, Linux, middleware, storage
and virtualization technologies. Red Hat also offers award-winning
support, training, and consulting services. As a connective hub in a
global network of enterprises, partners, and open source communities,
Red Hat helps create relevant, innovative technologies that liberate
resources for growth and prepare customers for the future of IT. Learn
more at http://www.redhat.com.
Forward-Looking Statements
Certain statements contained in
this press release may constitute “forward-looking statements” within
the meaning of the Private Securities Litigation Reform Act of 1995.
Forward-looking statements provide current expectations of future events
based on certain assumptions and include any statement that does not
directly relate to any historical or current fact. Actual results may
differ materially from those indicated by such forward-looking
statements as a result of various important factors, including: risks
related to the ability of the Company to compete effectively; the
ability to deliver and stimulate demand for new products and
technological innovations on a timely basis; delays or reductions in
information technology spending; the integration of acquisitions and the
ability to market successfully acquired technologies and products;
fluctuations in exchange rates; the effects of industry consolidation;
uncertainty and adverse results in litigation and related settlements;
the inability to adequately protect Company intellectual property and
the potential for infringement or breach of license claims of or
relating to third party intellectual property; risks related to data and
information security vulnerabilities; the ability to meet financial and
operational challenges encountered in our international operations;
ineffective management of, and control over, the Company’s growth and
international operations; and changes in and a dependence on key
personnel, as well as other factors contained in our most recent
Quarterly Report on Form 10-Q (copies of which may be accessed through
the Securities and Exchange Commission’s website at http://www.sec.gov),
including those found therein under the captions “Risk Factors” and
“Management’s Discussion and Analysis of Financial Condition and Results
of Operations.” In addition to these factors, actual future performance,
outcomes, and results may differ materially because of more general
factors including (without limitation) general industry and market
conditions and growth rates, economic and political conditions,
governmental and public policy changes and the impact of natural
disasters such as earthquakes and floods. The forward-looking statements
included in this press release represent the Company’s views as of the
date of this press release and these views could change. However, while
the Company may elect to update these forward-looking statements at some
point in the future, the Company specifically disclaims any obligation
to do so. These forward-looking statements should not be relied upon as
representing the Company’s views as of any date subsequent to the date
of this press release.
Red Hat, Red Hat Enterprise Linux and the Shadowman logo, are
trademarks or registered trademarks of Red Hat, Inc. or its subsidiaries
in the U.S. and other countries. Linux® is the registered trademark of
Linus Torvalds in the U.S. and other countries.
View source version on businesswire.com: http://www.businesswire.com/news/home/20161213005746/en/
Red Hat, Inc.
John Terrill, 571-421-8132
jterrill@redhat.com
Source: Red Hat, Inc.