Red Hat Pursuing Certification For RHEL 6, Hypervisor

Common Criteria certification for the vendor's Linux OS and virtualization would pave the way for its use in private government clouds.

Analytics Slideshow Calculating Cloud ROI
(click for larger image and for full photo gallery)
Red Hat is pursuing a certification for its Linux OS and virtualization, paving the way for government agencies to use the technology to create secure, virtualized IT environments and private clouds.

The Linux vendor has entered into an agreement with Atsec information security to certify Red Hat Enterprise Linux 6 under Common Criteria at Evaluation Assurance Level (EAL) 4, according to a Red Hat blog post.

Common Criteria is a standard evaluation rating issued by the National Information Assurance Partnership that government customers use to evaluate the security of IT products before making purchasing decisions.

The pursuit of certification also will cover the KVM hypervisor on both Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. A hypervisor enables an OS to run virtually without the need for a physical server, reducing the number of energy resources a data center requires.

KVM, or Kernel-based Virtual Machine (KVM), is the virtualization infrastructure for the Linux kernel. Red Hat's virtualization leverages RHEL's Security-Enhanced Linux feature, a joint project development by the National Security Agency and the Linux community to provide high levels of security.

SELinux in particular ensures virtual resources run in separate containers, which protects each one individually in case of intrusion. Protecting each virtualized resource individually is one guideline the National Institute of Standards and Technology recently offered as a way to address common concerns about implementing virtualization.

By including hypervisor technology in its certification, Red Hat will enable government customers to host multiple tenants on a single machine, allowing for a private cloud-computing infrastructure, according to the vendor.

The federal government increasingly is using virtualization to create more efficient and cost-effective data centers as part of an agency-wide consolidation effort.

Security often has been an area of concern for people using virtualization technology, but that perception is beginning to change as the technology becomes more sophisticated and widely used, and security issues taken into consideration by those developing hypervisors.

Red Hat already has achieved Common Criteria certification 13 different times on four different Linux platforms.

Editor's Choice
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing
John Edwards, Technology Journalist & Author
John Edwards, Technology Journalist & Author
James M. Connolly, Contributing Editor and Writer