Red Hat Completes FIPS 140-2 Certifications

Raleigh

April 23, 2013

National Institute of Standards and Technology issues seven security certifications to Red Hat

RALEIGH, N.C. – April 23, 2013 – Red Hat Inc. (NYSE: RHT), the world’s leading provider of open source solutions, today announced the completion of seven Federal Information Processing Standard (FIPS) 140-2 certifications from the U.S. government’s National Institute of Standards and Technology (NIST). This marks the culmination of Red Hat’s largest certification effort to date with the U.S. government.

Information security officials have a mandate to maintain greater control over data and information systems. U.S. federal agencies that use cryptographic-based security systems to protect sensitive information in computer, telecommunication systems and other IT-related products must use FIPS-140 certified systems in order to meet those security requirements. FIPS 140-2 validation is also required by national agencies in Canada and is recognized in Europe and Australia.

“When dealing with highly sensitive information, IT security is at the forefront of our customer’s minds, especially those within federal sectors,” said Paul Smith, vice president and general manager, Public Sector, Red Hat. “Completing these FIPS 140-2 certifications reinforces the commitment that Red Hat has to meeting the IT needs of those entities and providing the necessary security protection levels required by federal agencies worldwide.”

Red Hat Enterprise Linux 6.2 on HP ProLiant DL585 and IBM BladeCenter® HS22 servers has achieved the following FIPS 140-2 certifications:

The Secretary of Commerce approves standards and guidelines that are developed by NIST for U.S. federal computer systems. NIST develops FIPS when there are compelling U.S. government requirements, such as for security and interoperability, and where there are no acceptable industry standards or solutions. The FIPS 140 Publication Series coordinates the requirements and standards from cryptography modules for hardware and software, and in order to achieve FIPS 140-2 validation, cryptographic modules are subjected to rigorous testing by independent, accredited test facilities.

The validation testing for today’s announcement was performed by atsec information security corporation’s Cryptographic and Security Testing Laboratory in Austin, Texas. atsec is an independent company with long-standing experience in international IT security standards.

atsec commented: “We congratulate Red Hat on their successful certifications. Red Hat continues to be an industry leader with their increasing number of FIPS 140-2 validated cryptographic modules that are regularly updated, retested, and revalidated to the FIPS 140-2 standard; and those modules are included in their distributions. The Red Hat developers and management team show an ongoing commitment to meeting their customer’s compliance requirements with the highest quality products. They prove that commitment by having those products independently examined, tested and validated.”

For a full list of validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules from NIST, visithttp://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm.

Additional Resources

Connect with Red Hat

Get more Red Hat news or subscribe to the Red Hat news RSS feed
Follow Red Hat on Twitter
Join Red Hat on Facebook
Watch Red Hat videos on YouTube

About Red Hat, Inc.
Red Hat is the world's leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As the connective hub in a global network of enterprises, partners, and open source communities, Red Hat helps create relevant, innovative technologies that liberate resources for growth and prepare customers for the future of IT. Learn more at http://www.redhat.com.

JBK-BizTech

Search This Blog

Tuesday, April 23, 2013