Atsec Information Security Completes CAPP/EAL4+ Security Evaluation for SUSE Linux Enterprise Server 9 on IBM eServers
atsec information security has completed a Common Criteria (CC) evaluation of Novell/SUSE Linux Enterprise Server 9 (SLES 9) on IBM eServers, which will result in first-time Evaluation Assurance Level 4+ (EAL4+) certification of the enterprise operating system platform.
Austin, TX and Munich, Germany (PRWEB) February 16, 2005 -- atsec information
security has completed a Common Criteria (CC) evaluation of Novell/SUSE Linux
Enterprise Server 9 (SLES 9) on IBM eServers, which will result in first-time
Evaluation Assurance Level 4+ (EAL4+) certification of the enterprise operating
system platform. The anticipated certification will enable SLES 9 to be adopted
by governments and government agencies for mission-critical and
command-and-control operations, and also reinforces to the private sector that
Linux is a secure, tested platform for essential enterprise
applications.
The first Linux Common Criteria certification (Novell/SUSE
Linux Enterprise Server 8 on the IBM xServer platform) was completed in August
2003 at the EAL2+ level. In the 18 months following initial certification, six
additional evaluations have tested versions of Red Hat Linux and Novell/SUSE
Linux software on a range of IBM and HP hardware platforms at progressively more
secure Common Criteria levels. Gordon McIntosh, Lab Manager of atsec’s Common
Criteria Testing Laboratory in Austin, Texas, notes, “No other commercial
operating system has had security scrutinized and tested as regularly, on such a
large number of hardware platforms, as Linux.”
The scrutiny of Linux will
not end with the successful evaluation of SLES 9 on IBM eServers at the EAL4+
level. Vendors continue to demonstrate their firm commitment to secure operating
system platforms by pursuing Common Criteria certification of new Linux versions
on a full range of current and emerging hardware platforms.
Formal
announcement of the successful EAL4+ evaluation completion on SLES 9 was made at
the opening of LinuxWorld in Boston on 15 February 2005.
About Common
Criteria
The Common Criteria (CC) standard is an internationally-recognized
ISO standard (ISO15408) used by the federal government and other organizations
to assess security and assurance of information technology products. The CC
provides a standardized way of expressing security requirements and defines the
respective set of rigorous criteria by which the product will be evaluated. The
CC is widely recognized within the IT Security community, IT professionals,
government agencies, and customers as the seal of approval for mission-critical
software. Under CC, products are evaluated against strict standards for various
features, such as the development environment, security functionality, the
handling of security vulnerabilities, security related documentation and product
testing.
The Common Criteria Controlled Access Protection Profile (CAPP)
specifies a set of security functional and assurance requirements for
Information Technology (IT) products.
About atsec information
security
atsec information security is the leading provider of high-quality
information security services. These include laboratory services including
product evaluation, as well as general consulting in a wide range of information
security areas including Information Security Management Systems (ISMS), risk
management, PKI consulting, privacy assessment, and security auditing. atsec
information security was founded in 2000 and operates in the U.S. and Europe,
including Austin, Munich, Cologne, and Stockholm.
For more information
about atsec information security, please visit http://www.atsec.com.
# # #
Source : http://www.prweb.com/releases/2005/2/prweb209172.htm