SUSE®, a global leader in innovative, reliable and enterprise-grade open source solutions, today announced its flagship Linux distribution has earned Common Criteria EAL 4+ certification. SUSE Linux Enterprise Server (SLES) 15 SP2 is now EAL 4+ level certified for IBM Z, Arm and x86-64 architectures, signifying compliance with the most-demanding security requirements for mission-critical infrastructure. SUSE’s Common Criteria EAL 4+ software supply chain certification includes secure production, delivery of updates, and protection of critical digital assets.
SUSE is currently the only provider of a recent general-purpose Linux operating system with a secure software supply chain that is certified Common Criteria EAL 4+ for all these platforms.
“In today’s age of advanced hacking and service disruption, Common Criteria EAL 4+ level certification for SLES provides confidence to critical service providers such as governments, finance and banking companies, healthcare organizations, water and power companies, telecommunications providers, and others innovating at the edge,” said Thomas Di Giacomo, SUSE Chief Technology and Product Officer. “SUSE’s commitment to open interoperability means SLES 15 customers around the world can be certain their operating system conforms to the highest international standards for computer security within their chosen IT infrastructure.”
Kara Todd, director of Linux, IBM Z & LinuxONE at IBM, said, “This latest Common Criteria EAL 4+ certification, the highest level attainable for an open source operating system, for SUSE Linux Enterprise on IBM Z demonstrates a continued prioritization on security and reliability, which we expect will be very well received by our joint customers around the world. We are seeing an ever-growing number of exciting new Linux workloads which are a great fit for the underlying scalability, reliability and security that the IBM Z platform provides.”
Bhumik Patel, director of Ecosystem Software Development, Infrastructure Line of Business, Arm, said, “The pervasiveness of Arm technology from cloud to edge underscores our responsibility to work with the industry to deliver infrastructure solutions with end-to-end security. By achieving EAL 4+ certification for SLES, SUSE is opening new doors for what is possible with Arm-based servers and edge infrastructure.”
The exponentially growing number of internet-of-things (IoT) and edge computing devices has increased risk to networks and required countries to raise their compliance requirements for infrastructure providers, particularly those involved in services essential to their economies, governments, and health and safety of citizens. SUSE’s Common Criteria EAL 4+ certified secure software supply chain enables the highest security standards for edge and IoT devices for critical infrastructure providers such as telecommunications companies and others innovating at the edge.
SUSE Linux Enterprise Server 15 SP2 was certified by BSI, Germany’s Federal Office for Information Security, based on an evaluation conducted by atsec information security. Details regarding SUSE’s full “Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.3 Systematic Flaw Remediation” certification are listed at www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Betriebssysteme/1151.html?nn=513260. For more information about SUSE Linux Enterprise Server, visit www.suse.com/products/server. More about Common Criteria certification can be found at www.commoncriteriaportal.org.