Red Hat Advanced Server Gets DoD COE Certification

← Back to Stories (view on slashdot.org)

Red Hat Advanced Server Gets DoD COE Certification

Posted by timothy on Wednesday February 12, 2003 @12:50AM from the buncha-cud-chewin-hippies dept.

DaveAtFraud writes "CNET is reporting that Red Hat Advanced server has been certified as a 'Common Operating Environment' (COE) when running on an IBM server by the U.S. Department of Defense. Red Hat Advanced Server is the first version of Linux to receive this certification. The certification clears the way for broader use of Linux in governement computer systems. Its interesting to note that the certification effort was made for the more proprietary (and costlier) Red Hat Advanced Server and not the basic Red Hat distribution." This despite the best efforts of certain lobbyists.

7 of 186 comments (clear)

Of course they certify the expensive version by jht · 2003-02-12 01:03 · Score: 5, Insightful

Its interesting to note that the certification effort was made for the more proprietary (and costlier) Red Hat Advanced Server and not the basic Red Hat distribution

Why is this even worth noting? Certification efforts aren't especially cheap. If you're going to expend time and resources getting a version of your product certified, why not put the effort into the version that is likeliest to generate enough revenue as a result of the certification to pay for the effort.

After all, while RedHat is in relatively good financial condition, it's not like they have around $40 billion in the bank (unlike some operating system companies). Certifying Advanced Server is a good use of limited resources.

That said, any government security certification is a Good Thing in the commercial marketplace, too - it helps when the engineers need to make a positive case to their PHB's, and gives one more "checklist item" that can get marked in their favor when comparing RH to other vendors.

--
-- Josh Turiel
"2. Do not eat iPod Shuffle."
1. Re:Of course they certify the expensive version by Jim+Hall · 2003-02-12 01:13 · Score: 5, Insightful
  
  Its interesting to note that the certification effort was made for the more proprietary (and costlier) Red Hat Advanced Server and not the basic Red Hat distribution
  Yes, it costs more. But it's about the same as (or less than) support & licensing costs for "big UNIX" like Solaris.
  I think it's incorrect to label RHAS as "proprietary". It's based on a Red Hat Linux boxed set, but I believe they bundle in software from partners.
  Each release of RHAS has a longer lifecycle (something like 14-18 months) so you don't have to upgrade every 6 months when the new Red Hat Linux comes out. You do get a "stepped-up" version of their Red Hat Network support, which we currently use on their boxed sets to stay up to date with erratas.
2. Re:Of course they certify the expensive version by Pharmboy · 2003-02-12 01:18 · Score: 5, Insightful
  
  Why is this even worth noting? Certification efforts aren't especially cheap. If you're going to expend time and resources getting a version of your product certified, why not put the effort into the version that is likeliest to generate enough revenue as a result of the certification to pay for the effort.
  
  After all, while RedHat is in relatively good financial condition, it's not like they have around $40 billion in the bank (unlike some operating system companies). Certifying Advanced Server is a good use of limited resources.
  
  Amen. Their "more expensive" verion is what makes them money, not the free version. Certification of Advanced server doesn't take away from the benefits of their downloadable version, or other distros in any way.
  
  If Linux is going to take hold, SOMEONE has to make money with it. People just miss the point: OS software is free as in speech, NOT as in beer. OSS doesn't mean everyone just walks around and works for free. It means programmers contribute code for "free", but make money when they support this code (and the code others contributed "free") to end users. When they add value to it.
  
  If the GPL did not allow anyone to make any money, in any way, we would not be here talking about Linux.
  
  --
  Tequila: It's not just for breakfast anymore!
Re:Security? by terraformer · 2003-02-12 01:33 · Score: 5, Interesting

Well for example, I just installed the latest Mandrake distro and any service I installed was turned on by default. In RH 8.0 you can install any service/package available but nothing is enabled unless you choose to after install. That is one of the cornerstones of security. Only turn on what you need. Just because I want something installed does not mean I want it turned on right now. I should not have to remember to go through and turn off everything just to have stuff sit on my drive until I am ready to configure and harden it.
Anyhow, all these distro's really have in common is the kernel code which makes them linux. The rest of the software (FTP, wm's, editors) bundled is up to the bundler. It is these choices that can make a distro more secure from another. EX: ssh v. telnet, std ftpd v. vsftpd, vi v. emacs (Sorry, I just had to ;-}) et al; The DOD is going to certify the whole bundle and not just individual pieces. Basically, they don't trust their admins (contractors mostly) to pick the right pieces on their own, so they will find a good bundle and certify that with special instructions.

--
Who are you? The new #2 Who is #1? You are #617565. I am not a number, I am a free man! Muhahaha.
Re:Sure DoD uses the regular version.... by syle · 2003-02-12 01:37 · Score: 5, Insightful

I use it on a box to run apps that I developed that our M$ monkeys haven't matched(or can't) match.
...I just bring out a new app coded in Perl that the green suiters can't live without.
How do these things relate to Linux? No one's arguing that it isn't a good development environment, but perl runs in Win32 fairly easily.
You say superior services, not platforms, but it sounds like you're taking programs that could otherwise be cross-platform using them to push Linux for its own sake. Or, are you doing something with perl that would tie it to Linux?
(Ready to be modded into oblivion for implying that Linux should exist just for its own sake...)

--
/syle
Re:Security? by Anonymous Coward · 2003-02-12 01:47 · Score: 5, Funny

vi v. emacs
I thought Linux could only address 4GB of memory. If this is the case, how is it that emacs can run on one of these computers? What changes did Redhat make to allow this to occur?

Thanks in advance.
Don't think this was easy. by Anonymous Coward · 2003-02-12 02:29 · Score: 5, Interesting

There was a LOT of bureaucratic inertia standing in the way of this effort inside the DoD. In the office this little initiative started in within ESC, the push for this cost two program managers and one engineer their positions, with extra effort made to derail their careers. Another person had to keep his head down and toe the line for a long time. The replacement for the second program manager was frusterated and constrained and a little scared, having entered the arena of combat by stepping over the corpses of the previous two (figuratively).

The efforts by DISA and Red Hat were started because the little program that those people worked on provided the customer for the product. Sure, there was a lot of "anecdotal" demand for Linux, but this was the first formal acquisition program that was committed to it. The guinea pig, so to speak.

Let's give proper respect to RH (those involved know who he is) at Red Hat, who took that first call and pitched it to his management, even though it looked like all the risk was on Red Hat.