Feeds

SuSE and IBM secure Linux for the Feds

Open source lockdown

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

SuSE and IBM have moved a step closer to some meaty government and military contracts by helping Linux pass muster on a key security standard.

The two vendors have met Evaluation Assurance Level 2+ (EAL2+) of the Common Criteria (CC) standard used by Feds the world over. This security seal of approval covers SuSE Linux Enterprise Server 8 running on IBM's Intel and AMD-based xSeries servers.

This is a nice milestone for Linux, although the operating system still has a ways to go before it unseats more readily used OSes. All of the major versions of Unix along with Microsoft's Windows 2000 lay claim to a higher EAL4 certification.

SuSE and IBM hope to remedy this problem together. The companies expect to meet EAL3+ certification and the Common Operating Environment (COE) standard later this year. The COE requirement is unique to the U.S. Department of Defense (DoD), which, as we all know, is where the big money is these days.

Meeting these requirements should help Linux put more pressure on Unix and Windows in a key market. The open source OS has already marched right into lucrative segments such as financial services, unseating Unix on its way. Now, it's time to say "hello" to Uncle Sam.

For IBM, it appears a Linux push into government contracts will be nothing but gravy. Few tears will be shed if AIX is replaced by SuSE on IBM kit. In addition, it gives the vendor a bit of leverage against rival Sun Microsystems, which enjoys a prominent place with U.S. three-letter agencies.

Sun has just signed on with SuSE as well, but it's hard to imagine these two vendors going through all the security certification hassle together. First off, Sun does not have a comparable x86-based server lineup to IBM. More importantly, Sun wants Solaris to maintain its hold on the data center for now. Linux is fine as a Web or application server, but it has no place deep in the data center.

This isn't a bad strategy for the moment, since it will take SuSE and IBM sometime to meet Solaris on the security standards front. ®

Security for virtualized datacentres

More from The Register

next story
It's Big, it's Blue... it's simply FABLESS! IBM's chip-free future
Or why the reversal of globalisation ain't gonna 'appen
'Hmm, why CAN'T I run a water pipe through that rack of media servers?'
Leaving Las Vegas for Armenia kludging and Dubai dune bashing
Bitcasa bins $10-a-month Infinite storage offer
Firm cites 'low demand' plus 'abusers'
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
CAGE MATCH: Microsoft, Dell open co-located bit barns in Oz
Whole new species of XaaS spawning in the antipodes
Microsoft and Dell’s cloud in a box: Instant Azure for the data centre
A less painful way to run Microsoft’s private cloud
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.