Slashdot Mirror

← Back to Stories (view on slashdot.org)

Red Hat, Oracle to get Gov't Certification for Linux

Posted by CowboyNeal on from the looks-good-to-us dept.

Mark writes "As this news.com article states, 'Red Hat and Oracle plan to announce on Thursday that the companies have teamed to get Linux evaluated under the Common Criteria, a certification that could open doors for the broader use of open-source software by government agencies.' It looks like this will be an important step in getting Linux to be more widely adopted in governments around the world."

9 of 171 comments (clear)

  1. Support coming from the right areas.. by anto · · Score: 3, Informative

    It is good to see that the requests for the certifications arn't coming from a vendor or the developers but the end users who will be deploying the product. You really can't get a better advertisment than that.
    Having Oracle on side will help as well, as the article mentions they have tones of experience getting their product (and thus the OS) certified. It is massivly in Oracle's interest to do so - less $'s on the OS means the purchaser can spend more on the hardware / DB.

  2. Re:RHAS again? by Anonymous Coward · · Score: 5, Informative

    RHAS is free...They don't provide an iso for you, but check their website, they do provide step-by-step instructions on how to "create" a RHAS installation for free.

    But for those that want service and don't want the hastle of putting all the pieces together they also provide a nice package.

    As far as windows a bargain, how much does quality node-balancing software cost (~$500), Quality Firewall (~$300), Advanced Server ($750), I could keep going but I think you get the picture. If you don't need HA then RHAS isn't a great deal, but then again if you do, MS doesn't have a competive product...say what you want about 2000&XP (big improvement over NT&9x), you can't call them HA.

    BTBTBT

    scooby

  3. Re:dupe? by MrByte420 · · Score: 3, Informative

    The story from the other day was that the DoD had certified Red Hat for their purposes. This is Red Hat and Oracle attempting to gain a more general federal certification which would allow many agencies to consider linux for deployment. Federal law currently requires many agencies to only use "certified" software and operating systems.

    --
    If religous zealots don't believe in Evolution, then why are they so worried about bird flu?
  4. Re:Hypocritical? by Mandi+Walls · · Score: 4, Informative
    Ah, here we go again.

    The Common Criteria is of the fashion:

    "I have this product. I am going to tell you what it does in a security-related context. You can take this checklist, test my product, and certify that it does in fact do these things."

    There is no security implied by the certification. It is a recommendation from the vendor of what the product is best used for when the customer is shopping for products to do certain security-related tasks. The vendor makes the checklist, a third party says "yay" or "nay", the customer says "i need a product that does X, Y, and Z. Windows does X, HP-UX does X and Y, and this one all three, plus it will help my sex life". Or something similar, anyway.

    These things can be as simple as "userA cannot access userB's files" to "enforces complex passwords" to "has the biggest crazy ass firewall known to man". Well, maybe not that last one...

    Now y'all can go back to shootin' your mouths off.

    --mandi

  5. This is not a Dupe! by MrByte420 · · Score: 5, Informative

    This is not a dupe. The story from yesterday is about how the DoD has certified RedHat server as a common operating environment. This story talks about how IBM and Oracle are attempting to get Linux certified on a wider federal level so that agencies can be permitted to use it. They are two different certifications and two different issues and hence two different stories.

    I'm always amazed by the number of clarivoyant slashdot users we have around here who don't need to read a story before posting...

    --
    If religous zealots don't believe in Evolution, then why are they so worried about bird flu?
  6. Re:Who posts the most dupes? by idontgno · · Score: 4, Informative
    Except that in this case, it ain't a dupe.

    Yesterday's article was about RH 8 AS getting DISA (Defense Information Systems Agency) DII (Defense Information Infrastructure) COE (Common Operating Environment) certification. Todays' certification article-o-the-day is about RH 8 AS getting Common Criteria EAL (Evaluation Assurance Level) 2.

    Yeah, to the uninformed, it looks the same. But (A) DII COE is specifically a US DoD certification, whereas CC EAL is an international certification (administered in the US by NIST--National Institute of Standards and Technology); and (B) The article about RH's EAL certification also extensively yatters on about Oracle 9i, whereas the RH COE article doesn't.

    So in conclusion, this is an erroneous dupe sighting. Nothing to see here, move along.

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  7. Re:RHAS again? by Anonymous Coward · · Score: 3, Informative

    Nothing...except...I sort of fibbed...99% of RHAS is free, a tiny bit of the code is redhat's but not open source. But there are other free options to do these tasks (just not so pretty ones).

    BUT if you read redhat's site, they explicitly say that you can make your own ANYTHING based off their open source code (+ others), are sell it as their own. The only caveat is that you CAN'T use the RH logo or name to endorse your product...it HAS to be in your name, and show no direct affiliation (the most you can say is that it is based on RH, like Mandrake does/did).

    So if you follow their directions, build your own ISO, you could sell it as yourDistroLinux, the only problem is support, etc. Most companies that really have HA requirements also have the money (and need) for large full service support contracts. And if they are going to pay for it, they might as well pay RedHat (the industry standard).

    I think is would be a great OSS project, and in fact there are several like it out there. http://linux-ha.org/ (I've counted 8 "developer groups" that looked like they already had a decent HA solution).

    BTBTBT

    snoopy

  8. Government...been there, done that by frozencesium · · Score: 5, Informative

    um, the NSA has already modified linux (the kernel) so that it will meet their standards. redhat is named as a tested distro...see this for details. The biggest problem is that the US government seems to think that they must rely on M$ software (in the unclassified environment at least) for things like exchange and ease of use for the "typical" user.

    this is simple posturing at it's finest. of course...the government's high performance systems (read clusters) aren't running windows anyway. this won't change anything.

    -frozen

    --
    I'm not always the brightest pixel in the stream
  9. Re:RHAS again? by Afrosheen · · Score: 4, Informative

    I worked for an ISO9002 certified company before (York International) and my boss told me the crap behind the cert with ISO also. Basically companies won't do business with you if you're in manufacturing and don't have your ISO cert. The only thing ISO really requires is that your processes are fully documented in specific ways. You could build a product that doesn't fuckin' work and still be ISO certified as long as the docs are there.