Slashdot Mirror

← Back to Stories (view on slashdot.org)

Red Hat Advanced Server Gets DoD COE Certification

Posted by timothy on from the buncha-cud-chewin-hippies dept.

DaveAtFraud writes "CNET is reporting that Red Hat Advanced server has been certified as a 'Common Operating Environment' (COE) when running on an IBM server by the U.S. Department of Defense. Red Hat Advanced Server is the first version of Linux to receive this certification. The certification clears the way for broader use of Linux in governement computer systems. Its interesting to note that the certification effort was made for the more proprietary (and costlier) Red Hat Advanced Server and not the basic Red Hat distribution." This despite the best efforts of certain lobbyists.

2 of 186 comments (clear)

  1. Re:Security? by terraformer · · Score: 5, Interesting
    Well for example, I just installed the latest Mandrake distro and any service I installed was turned on by default. In RH 8.0 you can install any service/package available but nothing is enabled unless you choose to after install. That is one of the cornerstones of security. Only turn on what you need. Just because I want something installed does not mean I want it turned on right now. I should not have to remember to go through and turn off everything just to have stuff sit on my drive until I am ready to configure and harden it.

    Anyhow, all these distro's really have in common is the kernel code which makes them linux. The rest of the software (FTP, wm's, editors) bundled is up to the bundler. It is these choices that can make a distro more secure from another. EX: ssh v. telnet, std ftpd v. vsftpd, vi v. emacs (Sorry, I just had to ;-}) et al; The DOD is going to certify the whole bundle and not just individual pieces. Basically, they don't trust their admins (contractors mostly) to pick the right pieces on their own, so they will find a good bundle and certify that with special instructions.

    --
    Who are you? The new #2 Who is #1? You are #617565. I am not a number, I am a free man! Muhahaha.
  2. Don't think this was easy. by Anonymous Coward · · Score: 5, Interesting

    There was a LOT of bureaucratic inertia standing in the way of this effort inside the DoD. In the office this little initiative started in within ESC, the push for this cost two program managers and one engineer their positions, with extra effort made to derail their careers. Another person had to keep his head down and toe the line for a long time. The replacement for the second program manager was frusterated and constrained and a little scared, having entered the arena of combat by stepping over the corpses of the previous two (figuratively).

    The efforts by DISA and Red Hat were started because the little program that those people worked on provided the customer for the product. Sure, there was a lot of "anecdotal" demand for Linux, but this was the first formal acquisition program that was committed to it. The guinea pig, so to speak.

    Let's give proper respect to RH (those involved know who he is) at Red Hat, who took that first call and pitched it to his management, even though it looked like all the risk was on Red Hat.