At the annual LinuxWorld conference and expo, Novell and IBM announced certification for the SuSE Linux Enterprise Server 8 on IBM eServers under CAPP/EAL3+, or controlled access protection profile under the common criteria for information security evaluation. This latest certification encompasses a range of IBM servers, including the iSeries, xSeries, pSeries and zSeries.
Also, the xSeries and zSeries platforms running SuSE Enterprise Server 8 have met another security standard: COE, or the common operating environment, a specification designed by the Department of Defense.
The two companies plan to meet another certification, CAPP/EAL4+, as well.
The growing security certifications would appear to open the door to more government and Department of Defense contracts. Indeed, the two companies maintain there has been growing interest in Linux on the part of the public sector, with IBM claiming some 200 government agencies as Linux customers already.
However, it is not a given that the certifications automatically will translate into new government contracts, says Yankee Group analyst Laura DiDio. "It clearly is a step in the right direction and one of the requirements for government work," she told NewsFactor. "However, the government will also demand warranties and indemnification," she noted, referring to IBM's ongoing legal tangle with the SCO Group and the difficulty of offering such assurances.
However, a solution may be at hand. Recently, Novell announced it would offer a measure of protection to its enterprise-Linux customers with the rollout of an indemnification program for SuSE Linux Server 8. Protection is offered for copyright-infringement claims made by third parties against registered Novell customers who have upgrade protection and a technical-support contract dated after January 12th.
