Requests for Federal Information Processing Standard (FIPS) and Common Criteria are widespread and often a key driver for purchases for customers with highly regulated environments. Red Hat Enterprise Linux has built-in security hardening standards that streamline audit or reporting requirements. We are committed to frequent FIPS and Common Criteria evaluations, enabling independent parties to verify our security claims.
Red Hat Enterprise Linux helps you mitigate your risk of being exposed to vulnerabilities using automated and repeatable security controls.
Mitigate – Manage security and reduce the risk of a breach before your data, systems, or reputation is exposed. Red Hat Enterprise Linux:
Secure – Automate security controls and maintain them over time, at scale and with minimal downtime. Red Hat Enterprise Linux:
Comply – Streamline compliance standards for organizations with highly regulated environments. Red Hat Enterprise Linux:
Consistent access controls – Applies security configuration and access controls consistently across bare-metal, virtual, Kubernetes and container environments, and all types of clouds.
Modernized and scalable encryption – Keeps data security with system-wide consistent and customizable cryptography settings for addressing compliance requirements. Easy one-command method of managing the security of cryptography across all of Red Hat Enterprise Linux.
Multilayer breach defense – Provides multiple levels of security including vulnerability scanning and remediation, Security Enhanced Linux (SELinux) mandatory access controls, rootless containers, and application allow lists.
Critical security upgrades and patches – Minimizes downtime and reboots with live Kernel patching and remediation of critical and important security vulnerabilities.
Supply chain security – Provides more secure software life-cycle development practices with static code analysis across the entire code base to minimize security flaws before shipping and improving the upstream open source.
Verified security certifications – Supports customer compliance mandates. Every minor release of Red Hat Enterprise Linux is independently validated against FIPS standards, and every EUS release achieves Common Criteria Certification.
Built-in compliance tools – Streamlines compliance by providing built-in security configuration baselines, OpenSCAP for compliance scanning and integration with Red Hat Smart Management and Red Hat Insights for managing compliance at scale.
Secure hardware root of trust – Provides consistent hardware security module configuration for smart cards and hardware security modules (HSMs) to use hardware to measure software to verify that your systems have not been modified.
Centralized identity management – Manages the authentication and authorization of user actions and role-based access control at scale across the environment. Integrate with other identity and access management solutions and record changes made to the system by privileged users through session recording, auditing, and logging data.
Scalable compliance with Red Hat Insights – Integrates scalable security configuration through OpenSCAP using Red Hat Insights. Take advantage of CVE analysis, an expert rule database of security configuration, compliance checking, and remediation.
Contact your Red Hat sales representative, talk to a Red Hatter, or download a free product trial and find out how Red Hat Enterprise Linux provides you the control, confidence, and freedom to manage security and compliance consistently across your entire hybrid cloud infrastructure.