SUSE Awarded EAL4 Certification

← Back to Stories (view on slashdot.org)

SUSE Awarded EAL4 Certification

Posted by timothy on Sunday February 20, 2005 @06:19AM from the lockup dept.

An anonymous reader writes "Following in the wake of its previous certifications, Novell's SUSE Linux Enterprise Server 9 has achieved EAL4 certification on 'an IBM eServer.' This puts SLES9 in the same league as Windows 2000 for sales in the government sector and is the first Linux distro to achieve an EAL4 certification."

4 of 160 comments (clear)

Min score:

Reason:

Sort:

RHEL 4 - EAL4+ coming by OffTheLip · 2005-02-20 06:24 · Score: 5, Insightful

It's really a matter of money and time.
1. Re:RHEL 4 - EAL4+ coming by hal9000(jr) · 2005-02-20 06:28 · Score: 5, Insightful
  
  Kinda. Provided there is a well designed and realistic Protection Profile and the Security Target is realisticaly designed, there is some value to the CC certification.
  
  The biggest issue I have seen with CC is more in the understanding, or lack there of, of what is covered in a CC eval on both consumers and vendors. Vendors obviously promte the CC eval because it is expensive and has a certain cache. Users tend to glaze over reading the certification docs and most often don't make it very far before checking whatever check box they need.
2. Re:RHEL 4 - EAL4+ coming by soren42 · 2005-02-20 07:43 · Score: 5, Insightful
  
  It's really a matter of money and time.
  
  That's exactly what it is... which is yet another facet of the differences between Novell and Red Hat. Novell has the money to apply their resources across a much broader spectrum than Red Hat - just by virtue of having more money. Also, they have much more staff on the payroll - and by extension, more time (read: manhours).
  
  Initially, there were a lot of concerns when Novell acquired SuSE around their committment to Free Software. But they have repeatedly (YaST, SuSE Linux Open Exchange, FreeSWAN, Hula, etc.) shown that they are committed to the philosophy of Free Software - not just buying the technology to close it up, and make money from selling something proprietary. So, those concerns have been put to bed, it makes Novell/SuSE a very attractive Linux option. They have the resources, relationships, and talent to work quickly and effectively - developing solid, certified, and feature-rich open software.
  
  Please don't mistake this comment as Red Hat bashing. I am simply pointing out that Novell has the resources to really make a difference in the US Linux market - and things like achieving EAL4 (so quickly) prove that.
  
  --
  
  "Adventure? Excitement? A Jedi craves not these things."
Microsoft and Linux Denial by CoolSilver · 2005-02-20 06:38 · Score: 5, Insightful

Wow, I guess Mr. Gates and company must be biting their nails. 2000 has that certification yet XP, the best product with "advanced security technologies" has nothing.

Well I guess it means times have changed. Linux is a big player in the game now and Microsoft needs to realize this and stop denying. False statements hurt worse than the bitter truth of "your product isn't good enough". I rather trust a company and have something that works okay and secure than some company that hides facts and has a better product in some ways, just not security.

It is funny how someone came out with a report saying windows is more secure, but is that based off the experimental code or source and which distribution. Novell and SuSE have always taken security as a priority and it shows.