Open Source and Linux from HP

Got a big project?

• NIAP awards Common Criteria certification to Hewlett Packard and Red Hat for Red Hat Enterprise Linux 5. EAL4+ certification for CAPP, LSPP & RBACPP culminates several years of HP and community development work towards Multi Level Security protection in a general release operating system.
• White paper: Broad overview of security with Linux and open source.
• Open source security software - Linux and HP Integrity focus.
• White Paper: Security of HP Open Source Middleware Stacks.
• U.S. DoD Develops Roadmap for Open Technology.
• U.S. seminars and promotions.

Common Criteria certification is an important government requirement to ensure that the product’s security aspects meet the specific security demands of government customers around the world. HP, along with partners Red Hat and Intel, worked in cooperative partnership to maintain compliance on HP Linux platforms with the internationally recognized Common Criteria standard.

HP has made great strides in supporting Common Criteria certification on a broad range of HP server and desktop products including:
- HP Integrity product line (Superdome, RX, CX) 
- HP ProLiant ML product line 
- HP ProLiant BL product line 
- HP ProLiant DL product line 
- HP Workstation XW product line 
- HP Compaq DC product line (desktop and notebook) 

Refer to the Red Hat or Novell SUSE security targets below for detailed information on supported HP product architectures and HP’s Linux support matrices  for current Linux support information on HP products. Contact your local sales representative for a detailed discussion on HP’s Linux supported server products.

HP has demonstrated its commitment to the government security community by completing three consecutive certifications with Red Hat Enterprise Linux as well as one recent certification with Novell SUSE Linux Enterprise Server.

HP has selected atsec information security as our evaluation lab. HP has worked successfully with atsec in completing all our previous Common Criteria certifications for HP systems with Linux.

The Certification Configuration guides can be very useful when implementing a highly secure configuration of Linux on HP systems. Here are a few of the topics included: 

• Installation and the selection of install options and packages 
• Setting up SSH, FTP, xinetd 
• Setting up the audit subsystem 
• Systems operation 
• Monitoring, Logging and Audit 
• Security guidelines

Evaluation Configuration Guides for RHEL4U2, RHEL3U3 and SLES8 are available for configuring your systems to meet Common Criteria certification guidelines.

HP teamed with Red Hat and Intel to create an even more secure Linux platform for government and commercial IT deployments that require trusted operating system features and to minimize the risk of damage from attacks on their networks. This work includes Labeled Security Protection Profile (LSPP) and Role Based Access Control (RBAC) certification at EAL 4+, which resulted in the first Common Criteria certified, multi-level security platform using a standard commercial Linux offering.  
 
HP made significant contributions to Linux functionality for multi-level security including: 

• file system auditing 
• labeled printing 
• labeled networking (Netlabel) compatible with legacy MLS systems 

These HP contributions are provided under open source license, specifically GPL. 
 
Security functionality is now integrated into Red Hat Enterprise Linux 5 from HP and Red Hat running on industry standard HP ProLiant, HP BladeSystem, and HP Integrity servers, along with select HP workstations, desktop systems and notebooks. Such built-in security raises the bar for trusted Linux customer deployments while facilitating ISV and developer integration, since partners need not employ a specialized OS version or proprietary hardware like alternative trusted operating systems.

The Open Source Software Institute was notified in January 2006 that they had successfully received FIPS 140-2 certification for Open SSL by the Cryptographic Module Validation Program (CMVP). HP is proud to have provided resources and leadership towards this momentous achievement. For more information: 

• Open SSL receives FIPS140-2 Certification on March 21, 2006
• Project Sponsored by OSS Institute
• OpenSSL FIPS Mod Security Policy (pdf)

• Provides security policy and management utilities
• Simplifies highly secure desktop consolidation
• NSA certification
• HP NetTop