IBM and Novell's SUSE LINUX business unit have announced the achievement of new levels of security and operations certification for SUSE that will further enable the adoption of Linux by governments, as well as the Department of Defense for critical command-and-control operations. SUSE LINUX Enterprise Server 8 with Service Pack 3 on IBM eServers has achieved Controlled Access Protection Profile compliance under The Common Criteria for Information Security Evaluation (CC), commonly referred to as CAPP/EAL3+.
The new CAPP/EAL3+ achievement crosses the IBM eServer product line --iSeries, xSeries, pSeries and zSeries systems, as well as Opteron-based systems. CAPP/EAL3+ certification of Linux expands both the functional capabilities and confidence in Linux security beyond that met with the EAL2+ last year, when EAL2+ certification was gained for IBM's eServer xSeries. IBM and SUSE LINUX also announced Common Operating Environment (COE) compliance on IBM xSeries and zSeries platforms with SUSE LINUX Enterprise Server 8, with support for pSeries and iSeries available in the first half of 2004. This achievement means that SUSE LINUX is the first Linux distributor to offer both Common Criteria and COE compliance in the same package. "A little over six months ago, Linux had no security or interoperability certifications. We--with SUSE obviously at the lead, but with IBM support-have gone from no certification to EAL2 to now EAL3+ with the interoperability certification known as COE in just a little over six months and we're on our way to higher levels of certification. There's very clearly a strong trend that we believe should address the Linux critics who felt that Linux could never achieve the certifications that it has," said Westpfahl. For more information about IBM's current certifications, visit http://www-3.ibm.com/security/standards/st_evaluations.shtml.
