Red Hat rolls out FIPS-certified OS, cloud products

A newly released series of products and certifications could offer federal agencies more flexibility in designing, managing and securely operating open-source private clouds and cloud applications.

The releases are part of a flurry of activity by Red Hat's government-sector business, which is aiming to provide developers with a set of tools to more effectively manage multiple clouds. The releases include federal government certification of six new encryption modules for Red Hat’s Enterprise Linux 5 operating system, and the OpenShift and CloudForms cloud applications.

The Federal Information Processing Standards 140-2 certifications from the National Institute of Standards and Technology were awarded to encryption functions within the Enterprise Linux 5 operating system running on Hewlett-Packard ProLiant Servers, Red Hat said.

The FIPS 140-2 certifications help consolidate the efforts of many open-source projects into a few, certified encryption libraries, said Gunnar Hellekson, Red Hat’s chief technology strategist for its U.S. public-sector division. Among the hundreds of projects making up Red Hat Enterprise Linux, he said, there were more than 15 different encryption implementations requiring certification for use by federal and commercial customers.

The company worked with the open-source development community to prepare the software for certification.

The Enterprise Linux 5 certifications cover:

  • Kernel Cypto API Cryptographic Module.
  • OpenSwann Cryptographic Module.
  • OpenSSH-Client Cryptographic Module.
  • OpenSSH-Server Cryptographic Module.
  • OpenSSL-Cryptographic Module.
  • Libgcrypt Cryptographic Module.

Besides the FIPS 140-2 certifications, Red Hat also released its OpenShift platform as a service capability. It provides open-source developers with the ability to select the languages, frameworks and clouds in which to build, test, run and manage applications.

OpenShift also has a number of offerings such as OpenShift Express; OpenShift Flex, which provides enhanced access to the cloud by allowing users to configure their systems; and OpenShift Power, which will be released later this year. OpenShift Power allows users to manage applications and scale up in the cloud.

OpenShift was released in late April. However, Hellekson said it consists of a variety of open-source software tools that have been available for years, such as Puppet and DeltaCloud. The standard, open-source tools allow users to make use of cloud resources. It allows developers to move already written projects smoothly into the cloud with little or no modification, he said.

Another related new release by Red Hat is CloudForms, which is a product for creating and managing infrastructure-as-a-service private and hybrid clouds. CloudForms is designed to prevent “lock in” that occurs in cloud computing where it is difficult to move work projects out of one cloud and into another. Hellekson said that although agencies are beginning to experiment with using cloud services such as Amazon, they have an internal cloud structure inside their firewalls.

“That means that you’re using a number of different management tools, none of which talk with each, other in order to manage your entire enterprise,” he said.

CloudForms is built on the DeltaCloud API, which allows administrators to manage many clouds as if they were one. It provides a set of management tools for systems management, configuration monitoring and provisioning. Hellekson said it allows a user to manage many different virtual infrastructures from a single screen.

The development and release of CloudForms has been a topic of discussion between Red Hat and the state and local government community for some time. Hellekson said there is a large appetite in the community for management tools that allow developers to gather a variety of applications and manage them as a single entity.

Even for users not planning to use the public cloud, CloudForms is still useful because it prevents agencies from tying their processes and procedures to one virtualization platform such as VM Ware or Eucalyptus.

“CloudForms provides them an opportunity to have each of these clouds coexist with each other. It adds a lot of liquidity to the cloud market, “ Hellekson said.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected