Red Hat Completes FIPS 140-2 Certifications for Red Hat Enterprise Linux 7
December 13 2016 - 9:30AM
Business Wire
The world’s leading enterprise Linux platform
adds nine security certifications from the National Institute of
Standards and Technology
Red Hat, Inc. (NYSE: RHT), the world’s leading
provider of open source solutions, today announced that Red Hat
Enterprise Linux 7.1 has received nine Federal Information
Processing Standard (FIPS) 140-2 security certifications from the
U.S. federal government’s National Institute of Standards and
Practices (NIST). These certifications, achieved in 2016, emphasize
Red Hat’s focus on delivering a more secure foundation for
mission-critical systems, building upon Red Hat Enterprise Linux
7.1’s recent achievement of a Common Criteria security
certification at Evaluation Assurance Level (EAL) 4+ as the first
certified operating system to offer Linux Container Framework
Support.
The FIPS 140-2 certification program is a joint
initiative between the U.S.-based National Institute for Standards
and Technology (NIST) and the Communications Security Establishment
(CSE) for the Government of Canada. This internationally recognized
certification is mandated by national agencies in the U.S. and
Canada and recognized in Europe and Australia. Information systems
based on Red Hat Enterprise Linux 7 now have greater assurance that
native cryptographic security systems, such as those used to
encrypt data and provide more secure communications, have been
formally evaluated to meet international cryptography
standards.
Red Hat Enterprise Linux 7.1 has achieved FIPS
140-2 certification for the following modules:
- OpenSSL
- OpenSSH Server
- OpenSSH Client
- Libgcrypt
- NSS
- Libreswan
- Kernel Cryptographic API
- Kernel Cryptographic API with
CPAFC
- GnuTLS
The certified Red Hat Enterprise Linux 7.1
modules retain FIPS 140-2 certification when running on these
hardware configurations:
- HPE ProLiant DL380p Gen8 with PAA
- HPE ProLiant DL380p Gen8 without
PAA
- IBM Power8 Little Endian 8286-41A
- IBM z13 (single-user mode)
The U.S. Secretary of Commerce approves
standards and guidelines that are developed by NIST for U.S.
federal information systems. The FIPS 140 Publication Series
coordinates the requirements and standards from cryptographic
modules for hardware and software, and in order to achieve FIPS
140-2 validation, cryptographic modules are subjected to rigorous
testing by independent, accredited test facilities.
The validation testing for today’s announcement
was performed by atsec information security corporation’s
Cryptographic and Security Testing Laboratory in Austin, Texas.
atsec is an independent company with long-standing experience in
international IT security standards.
Supporting QuotesPaul Smith, vice
president and general manager, Red Hat“Protecting highly-sensitive
data, from employee and customer financial data to national
security details, is a critical need for modern IT departments,
particularly those operating in the public sector. Red Hat
understands the varied IT security needs of these organizations,
and Red Hat Enterprise Linux’s FIPS 140-2 and Common Criteria EAL4+
certifications provide continued support of our commitment to
deliver a highly-secure operating system for environments that
require the strictest of protections.”
Yi Mao, manager, Cryptographic Security Test
Laboratory, atsec information security“Red Hat endeavors to keep
assurances by having a third party lab working with them to perform
code inspection and independent testing against rigorous standards
in cryptography as well as product security. It has been a dramatic
effort for Red Hat to take their stack of cryptographic libraries
running on the operating system RHEL 7.1 through FIPS 140-2
validation. Their pursuit for greater security is demonstrated in
the wide validation scope and deep understanding of security
requirements, and we are honored to be Red Hat’s chosen lab for
these FIPS 140-2 certifications and applaud their achievement.”
Additional Resources
- Learn more about FIPS 140-2 compliance
and Red Hat Enterprise Linux
- Read more about Red Hat’s accredited
and certified open source technologies
Connect with Red Hat
- Learn more about Red Hat
- Get more news in the Red Hat
newsroom
- Read the Red Hat blog
- Follow Red Hat on Twitter
- Join Red Hat on Facebook
- Watch Red Hat videos on YouTube
- Join Red Hat on Google+
- Follow Red Hat on LinkedIn
About Red Hat, Inc.Red Hat is the
world’s leading provider of open source software solutions, using a
community-powered approach to provide reliable and high-performing
cloud, Linux, middleware, storage and virtualization technologies.
Red Hat also offers award-winning support, training, and consulting
services. As a connective hub in a global network of enterprises,
partners, and open source communities, Red Hat helps create
relevant, innovative technologies that liberate resources for
growth and prepare customers for the future of IT. Learn more at
http://www.redhat.com.
Forward-Looking StatementsCertain
statements contained in this press release may constitute
“forward-looking statements” within the meaning of the Private
Securities Litigation Reform Act of 1995. Forward-looking
statements provide current expectations of future events based on
certain assumptions and include any statement that does not
directly relate to any historical or current fact. Actual results
may differ materially from those indicated by such forward-looking
statements as a result of various important factors, including:
risks related to the ability of the Company to compete effectively;
the ability to deliver and stimulate demand for new products and
technological innovations on a timely basis; delays or reductions
in information technology spending; the integration of acquisitions
and the ability to market successfully acquired technologies and
products; fluctuations in exchange rates; the effects of industry
consolidation; uncertainty and adverse results in litigation and
related settlements; the inability to adequately protect Company
intellectual property and the potential for infringement or breach
of license claims of or relating to third party intellectual
property; risks related to data and information security
vulnerabilities; the ability to meet financial and operational
challenges encountered in our international operations; ineffective
management of, and control over, the Company’s growth and
international operations; and changes in and a dependence on key
personnel, as well as other factors contained in our most recent
Quarterly Report on Form 10-Q (copies of which may be accessed
through the Securities and Exchange Commission’s website at
http://www.sec.gov), including those found therein under the
captions “Risk Factors” and “Management’s Discussion and Analysis
of Financial Condition and Results of Operations.” In addition to
these factors, actual future performance, outcomes, and results may
differ materially because of more general factors including
(without limitation) general industry and market conditions and
growth rates, economic and political conditions, governmental and
public policy changes and the impact of natural disasters such as
earthquakes and floods. The forward-looking statements included in
this press release represent the Company’s views as of the date of
this press release and these views could change. However, while the
Company may elect to update these forward-looking statements at
some point in the future, the Company specifically disclaims any
obligation to do so. These forward-looking statements should not be
relied upon as representing the Company’s views as of any date
subsequent to the date of this press release.
Red Hat, Red Hat Enterprise Linux and the
Shadowman logo, are trademarks or registered trademarks of Red Hat,
Inc. or its subsidiaries in the U.S. and other countries. Linux® is
the registered trademark of Linus Torvalds in the U.S. and other
countries.
View source
version on businesswire.com: http://www.businesswire.com/news/home/20161213005746/en/
Red Hat, Inc.John Terrill,
571-421-8132jterrill@redhat.com
Red Hat (NYSE:RHT)
Historical Stock Chart
From Mar 2024 to Apr 2024
Red Hat (NYSE:RHT)
Historical Stock Chart
From Apr 2023 to Apr 2024