Slashdot Mirror

← Back to Stories (view on slashdot.org)

Red Hat, Oracle to get Gov't Certification for Linux

Posted by CowboyNeal on from the looks-good-to-us dept.

Mark writes "As this news.com article states, 'Red Hat and Oracle plan to announce on Thursday that the companies have teamed to get Linux evaluated under the Common Criteria, a certification that could open doors for the broader use of open-source software by government agencies.' It looks like this will be an important step in getting Linux to be more widely adopted in governments around the world."

6 of 171 comments (clear)

  1. Re:RHAS again? by Anonymous Coward · · Score: 5, Informative

    RHAS is free...They don't provide an iso for you, but check their website, they do provide step-by-step instructions on how to "create" a RHAS installation for free.

    But for those that want service and don't want the hastle of putting all the pieces together they also provide a nice package.

    As far as windows a bargain, how much does quality node-balancing software cost (~$500), Quality Firewall (~$300), Advanced Server ($750), I could keep going but I think you get the picture. If you don't need HA then RHAS isn't a great deal, but then again if you do, MS doesn't have a competive product...say what you want about 2000&XP (big improvement over NT&9x), you can't call them HA.

    BTBTBT

    scooby

  2. Re:Hypocritical? by Mandi+Walls · · Score: 4, Informative
    Ah, here we go again.

    The Common Criteria is of the fashion:

    "I have this product. I am going to tell you what it does in a security-related context. You can take this checklist, test my product, and certify that it does in fact do these things."

    There is no security implied by the certification. It is a recommendation from the vendor of what the product is best used for when the customer is shopping for products to do certain security-related tasks. The vendor makes the checklist, a third party says "yay" or "nay", the customer says "i need a product that does X, Y, and Z. Windows does X, HP-UX does X and Y, and this one all three, plus it will help my sex life". Or something similar, anyway.

    These things can be as simple as "userA cannot access userB's files" to "enforces complex passwords" to "has the biggest crazy ass firewall known to man". Well, maybe not that last one...

    Now y'all can go back to shootin' your mouths off.

    --mandi

  3. This is not a Dupe! by MrByte420 · · Score: 5, Informative

    This is not a dupe. The story from yesterday is about how the DoD has certified RedHat server as a common operating environment. This story talks about how IBM and Oracle are attempting to get Linux certified on a wider federal level so that agencies can be permitted to use it. They are two different certifications and two different issues and hence two different stories.

    I'm always amazed by the number of clarivoyant slashdot users we have around here who don't need to read a story before posting...

    --
    If religous zealots don't believe in Evolution, then why are they so worried about bird flu?
  4. Re:Who posts the most dupes? by idontgno · · Score: 4, Informative
    Except that in this case, it ain't a dupe.

    Yesterday's article was about RH 8 AS getting DISA (Defense Information Systems Agency) DII (Defense Information Infrastructure) COE (Common Operating Environment) certification. Todays' certification article-o-the-day is about RH 8 AS getting Common Criteria EAL (Evaluation Assurance Level) 2.

    Yeah, to the uninformed, it looks the same. But (A) DII COE is specifically a US DoD certification, whereas CC EAL is an international certification (administered in the US by NIST--National Institute of Standards and Technology); and (B) The article about RH's EAL certification also extensively yatters on about Oracle 9i, whereas the RH COE article doesn't.

    So in conclusion, this is an erroneous dupe sighting. Nothing to see here, move along.

    --
    Welcome to the Panopticon. Used to be a prison, now it's your home.
  5. Government...been there, done that by frozencesium · · Score: 5, Informative

    um, the NSA has already modified linux (the kernel) so that it will meet their standards. redhat is named as a tested distro...see this for details. The biggest problem is that the US government seems to think that they must rely on M$ software (in the unclassified environment at least) for things like exchange and ease of use for the "typical" user.

    this is simple posturing at it's finest. of course...the government's high performance systems (read clusters) aren't running windows anyway. this won't change anything.

    -frozen

    --
    I'm not always the brightest pixel in the stream
  6. Re:RHAS again? by Afrosheen · · Score: 4, Informative

    I worked for an ISO9002 certified company before (York International) and my boss told me the crap behind the cert with ISO also. Basically companies won't do business with you if you're in manufacturing and don't have your ISO cert. The only thing ISO really requires is that your processes are fully documented in specific ways. You could build a product that doesn't fuckin' work and still be ISO certified as long as the docs are there.