红帽和IBM获得了红帽企业版Linux和IBM服务器KVM Hypervisor最高安全认证
2012-05-09要求高度安全性的机构将受益于开放虚拟化技术
RALEIGH, N.C. – 红帽和IBM今天宣布,IBM系统上的红帽企业版Linux5的虚拟机管理程序(KVM hypervisor)已经获得通用评估准则Common Criteria评估保障级别4级(EAL 4+)认证。通用评估准则是国际广泛认可的标准,其用于联邦政府和其他组织评估技术产品的安全和保障。此次安全认证是业界第一款针对开放源码的虚拟化解决方案的成功案例。
随着这个新的认证,在红帽企业版Linux和IBM x86服务器上的虚拟机管理程序KVM hypervisor符合了政府安全标准,允许在国土安全项目、命令和控制操作和整个政府机构中使用虚拟化,而虚拟化技术之前仅限于专有的虚拟化技术。此安全认证为政府、金融机构和其他重视安全的机构打开了通道,从而可以创建安全、开放的虚拟化IT环境和私有云。
通过企业级KVM hypervisor,开放虚拟化为组织,包括政府机构和金融业务提供了减少成本及增加选择的机会。
“此认证突出了SELinux和KVM联合的力量,我们期望它能够为政府机构内私有云计算架构的广泛采用打开通道。”红帽public sector operations总经理和副总裁Paul Smith说道:“SELinux应对了政府机构在虚拟化实施的通用性问题,因为它为单独的容器提供虚拟化资源,并分别进行保护防止入侵。”(其英文原文如下“This certification highlights the combined power of SELinux and KVM and we expect it to pave the way for broader adoption of private cloud computing infrastructure in government agencies. SELinux addresses common government agency concerns about implementing virtualization because it provides for virtual resources to run in separate containers and protect each one individually in case of intrusion.”)
“安全对于我们的客户来说是最重要的,因为他们会通过虚拟化并在云中共享工作负载和数据,特别是针对世界范围内我们的政府和金融客户。”IBM Linux总监Jean Staten Healy说道:“今天宣布的消息证实了开放的虚拟化和KVM已经在红帽企业Linux和IBM服务器上的业务做好准备,并能够提供高级别的安全认证。”(其英文原文如下:“Security is critically important to all our clients as they share workloads and data through virtualization and in the cloud -- and especially so to our government and financial customers around the world. Today's announcement confirms that open virtualization and KVM are ready for business and are able to offer high levels of security certification on Red Hat Enterprise Linux and IBM Systems.”)
红帽企业版Linux 5安全增强版Linux(SELinux),是由国家安全局(NSA)和红帽共同开发的项目。本次CC认证允许生产者更加有信心地使用带有KVM hypervisor的红帽企业版Linux 5,因为他们在同一个机器上存在多个租户(tenant),也即其虚拟客户通过使用由NSA开发的强制访问控制(Mandatory Access Control)技术进行分离。
在IBM服务器上的红帽企业版Linux虚拟化KVM hypervisor是由德国联邦信息安全办公室BSI进行认证。为了推动本次认证,红帽和IBM与atsec信息安全进行合作,atsec是美国政府和德国BSI授权的实验室。atsec基于面向信息安全评估的通用评估准则CC标准(ISO/IEC 15408),在EAL4+级进行方案安全、性能和可靠性的测试和验证。
此KVM和红帽企业版Linux 5认证适用于IBM x系统、BladeCenter和iDataPlex服务器。
红帽企业版Linux 6的虚拟化KVM hypervisor也已经正式的处于CC EAL4+认证的“In Evaluation(正在评估)”状态。
更多关于IBM的信息请点击查看:www.ibm.com/systems 或 www.ibm.com/linux。
对于红帽认证和认可的完整名册,请点击http://www.redhat.com/solutions/industry/government/certifications.html查看。
更多关于红帽信息请点击www.redhat.com查看。
更多新闻请点击www.press.redhat.com查看。
关于红帽
红帽,世界领先的开源解决方案提供商和S&P 500强企业,总部设在美国北卡罗来纳州的罗利,有超过70个办事处遍布全球。红帽提供高品质、可接受技术的操作系统平台、红帽企业版Linux,以及云、虚拟化、管理、存储和面向服务架构(SOA)的解决方案,包括红帽企业虚拟化和JBoss企业中间件。红帽还面向全球为客户提供培训和咨询服务。更多信息:www.redhat.com。
关于atsec信息安全
atsec信息安全是一家位于德克萨斯的美国政府认可的实验室,atsec的服务包括正式的关于信息保障(IA:information assurance)的实验室测评、IA-enabled commercial off the shelf (COTS)信息技术领域内的测评以及信息安全咨询服务。
结合我们信息安全方面技术的经验和专长,atsec信息安全还提供以下强有力的技能咨询:服务器渗透测试;嵌入式系统和硬件安全的测试及分析;联邦信息安全管理法案(FISMA);信息系统安全管理体系(ISMS)和您个性化需求的独立安全评估。
atsec在德国和瑞典运行当地政府认可的实验室。
前瞻性声明(Forward-Looking Statements)(英文信息)
Certain statements contained in this press release may constitute "forward-looking statements" within the meaning of the Private Securities Litigation Reform Act of 1995. Forward-looking statements provide current expectations of future events based on certain assumptions and include any statement that does not directly relate to any historical or current fact. Actual results may differ materially from those indicated by such forward-looking statements as a result of various important factors, including: risks related to delays or reductions in information technology spending; the effects of industry consolidation; the ability of the Company to compete effectively; uncertainty and adverse results in litigation and related settlements; the integration of acquisitions and the ability to market successfully acquired technologies and products; the inability to adequately protect Company intellectual property and the potential for infringement or breach of license claims of or relating to third party intellectual property; the ability to deliver and stimulate demand for new products and technological innovations on a timely basis; risks related to data and information security vulnerabilities; ineffective management of, and control over, the Company's growth and international operations; fluctuations in exchange rates; and changes in and a dependence on key personnel, as well as other factors contained in our most recent Annual Report on Form 10-K (copies of which may be accessed through the Securities and Exchange Commission's website at http://www.sec.gov ), including those found therein under the captions "Risk Factors" and "Management's Discussion and Analysis of Financial Condition and Results of Operations". In addition to these factors, actual future performance, outcomes, and results may differ materially because of more general factors including (without limitation) general industry and market conditions and growth rates, economic and political conditions, governmental and public policy changes and the impact of natural disasters such as earthquakes and floods. The forward-looking statements included in this press release represent the Company's views as of the date of this press release and these views could change. However, while the Company may elect to update these forward-looking statements at some point in the future, the Company specifically disclaims any obligation to do so. These forward-looking statements should not be relied upon as representing the Company's views as of any date subsequent to the date of this press release.
IBM and x86 are trademarks of IBM Corporation in the United States, other countries, or both. Red Hat, Inc. Red Hat, the Shadowman logo and JBoss are registered trademarks of Red Hat, Inc. in the U.S. and other countries. Linux is a registered trademark of Linus Torvalds. All other product and service names mentioned are the trademarks of their respective companies.