Red Hat gets RHEL 8.2 certified for high level US government security Linux slinger Red Hat has achieved Common Criteria certification for Red Hat Enterprise Linux 8.2. This means it is cleared as a platform suitable for US users with critical workloads in classified and sensitive deployments, including national security agencies, finance and healthcare organizations. According to Red Hat, RHEL …
If a system is accredited in the patch state it was in when it was tested what happens when there are further patches? Does the accreditation lapse because a patched system is no longer in the same state? If it remains in the same state does the accreditation lapse because it is now out of date?
11/11/2021 - SUSE was awarded with the Common Criteria Certification (NIAP OSPP) for SUSE Linux Enterprise Server 15 SP2. This certification is mandatory for work with the United States (US) Federal Government. It demonstrates compliance to NIAP Protection Profile for General Purpose Operating Systems, Version 4.2.1 (CCEVS-VR-PP-0047) with the Extended Package for Secure Shell (SSH), Version 1.0 (CCES-VR-PP-0039). This certification extends our Common Criteria Certification track by US Compliance Regulations enabling US federal entities to profit from SUSE’s Certified Secure Software Supply Chain while complying with all necessary national regulations.
RHEL, SUSE, and Solaris have all been certified for years since the beginning of the certification program.
The actual certification is for two years and patches during that time do not affect it.
What this means is that government agencies, including ███ , that care and the companies that do business with them can move from version 7.6 (whose certificate expires in July) to version 8.2.
Nothing to see here.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
