Linux, Unix Players Beef Up Security - InformationWeek
01:58 PM

Linux, Unix Players Beef Up Security

Rivals Sun, Red Hat, and Novell try to one-up one another--and Microsoft--with security enhancements for Solaris and Linux.

As expected, archrivals Sun, Red Hat and Novell unveiled major security improvements for their respective Unix and Linux platforms this week.

At the RSA Conference in San Jose, Calif., Sun revealed plans to release Solaris Trusted Extensions into beta testing in April and simultaneously enter evaluation for Common Criteria Certification at EAL 4+ certification, against Labeled Security Protection Profile (LSPP).

LSPP is one of three levels of advanced security options that are part of EAL 4+, deemed essential for financial, healthcare and government customers that need to protect multiple level of classified data on a single system.

LSPP will add to the existing certification of Solaris 10, now under evaluation, against Controlled Access Protection Profile (CAPP) and Role Based Access Control Protection Profile (RBACPP) at EAL 4+, Sun said.

Sun said the Trusted Extensions will be offered as an add-on to its base Solaris 10 operating system in August.

Meanwhile, archrival Red Hat, whose Linux distribution has stolen many Unix converts, also announced at the RSA conference that its Red Hat Enterprise Linux 4 distribution has achieved CAPP/EAL 4+ certification through a partnership with IBM.

Raleigh, N.C.-based Red Hat also announced at the RSA security conference that an upgrade of its Certificate Server due in mid-2006 will offer integrated smart card support for Linux.

This will allow customers to issue smart cards that support automated log in to a number of leading applications and platforms including Red Hat Linux, Microsoft Windows clients and servers, Internet Explorer and Outlook Express, the company said.

On Tuesday, Microsoft said that its forthcoming Internet Explorer 7 will incorporate its own smart card technology, code named InfoCard, that will also make this possible on the Windows platform.

Redmond, Wash.-based Microsoft also unveiled that it has released into beta testing its own Certificate Lifecycle Management Server that will help customers manage their various digital certificates and authentication tokens. The Microsoft-branded technology came from Alacris, which Microsoft acquired last year.

And Novell, for its part, announced Audit2, a platform that enables customers to monitor and audit user access and other network events in compliance with Sarbanes-Oxley and HIPAA. Novell's SUSE LINUX Enterprise Server 9 on IBM eServers has achieved Controlled Access Protection Profile under the Common Criteria for Information Security Evaluation, known as CAPP/EAL4+.

Partners of Sun, Red Hat, Microsoft and Novell will be able to harness the new capabilities to address compliance issues in each vertical industry and enable more advanced authentication and identity management capabilities for their Unix, Windows and Linux customers.

"Microsoft continues to work toward standards around security and certificate management," said Ken Winell, an executive at Visalign, a Microsoft partner company. "By making their products more standards-oriented, our clients and customers can choose to integrate Microsoft technology or perhaps may use a third party authentication due to heterogeneous environments. "

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
2018 State of the Cloud
2018 State of the Cloud
Cloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
Tech Vendors to Watch in 2019
Susan Fogarty, Editor in Chief,  11/13/2018
Getting DevOps Wrong: Top 5 Mistakes Organizations Make
Bill Kleyman, Writer/Blogger/Speaker,  11/2/2018
AI & Machine Learning: An Enterprise Guide
James M. Connolly, Executive Managing Editor, InformationWeekEditor in Chief,  9/27/2018
Register for InformationWeek Newsletters
Current Issue
The Next Generation of IT Support
The workforce is changing as businesses become global and technology erodes geographical and physical barriers.IT organizations are critical to enabling this transition and can utilize next-generation tools and strategies to provide world-class support regardless of location, platform or device
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll