Controlled Access Protection Profile Certification Ensures High-Performance
64-bit Linux OS on SGI Servers Meets Global Government and Military
Security Standards
SAN FRANCISCO, Feb. 7 /PRNewswire-FirstCall/ -- SGI (Nasdaq: SGIC), a
leader in high-performance computing whose SGI(R) Altix(R) servers
successfully passed the Common Criteria security evaluation for the
Controlled Access Protection Profile (CAPP), announced today that it has
received formal recognition for the certification. A presentation
acknowledging the CAPP certification took place yesterday in a ceremony at
the annual RSA Conference, the world's leading information security
conference and exposition.
The CAPP, a certification applying to operating systems and their
associated hardware systems, plays a key role in specifying a set of
functional and assurance requirements for IT products. This certification
positions SGI among an elite group of computer hardware manufacturers with
only two other vendors' systems having passed this stringent evaluation.
"The certification of Red Hat Enterprise Linux on SGI servers reaffirms
that SGI Altix is a stable, secure platform ideally suited not just for
sensitive government computing environments but commercial industry and
research computing environments as well," said Steve Neuner, director of
Linux, SGI. "SGI continues to address customers' most challenging data
management and analysis problems across a broad range of applications by
improving productivity and time to decision for mission-critical
environments."
The Common Criteria Security Certification was awarded to SGI by the
National Information Assurance Partnership (NIAP), a U.S. Government
initiative developed to meet the security testing needs of both IT
consumers and producers. The long-term goal of NIAP, which is operated by
the National Security Agency (NSA), is to help increase the level of trust
consumers have in their information systems and networks through the use of
cost-effective security testing, evaluation, and validation programs. In
meeting this goal, NIAP seeks to:
* Promote the development and use of evaluated IT products and systems;
* Champion the development and use of national and international standards
for IT security;
* Foster research and development in IT security requirements definition,
test methods, tools, techniques, and assurance metrics;
* Support a framework for international recognition and acceptance of IT
security testing and evaluation results; and
* Facilitate the development and growth of a commercial security testing
industry within the U.S.
The target of evaluation (TOE) for the certification was the Red Hat(R)
Enterprise Linux(R) Version 4 Update 4 operating system. The TOE was a
general purpose multi-user, multi-tasking Linux based operating system
providing a platform for a variety of applications. The evaluation covered
a potentially distributed but closed network of SGI Altix servers running
the evaluated version of Red Hat Enterprise Linux. Red Hat Enterprise Linux
provided the security functionality to meet the CAPP requirements.
SGI industry-standard platforms play a critical role in enabling
government agencies, defense customers and industry leaders to collect,
process, analyze, archive and exploit complex data, so that critical
decisions can be executed with greater speed, confidence, and security. SGI
provides integrated infrastructure that ensures data protection, integrity,
and security while helping to accelerate decisions by delivering the right
information to the right decision makers at the right time. Unlike any
other server platform on the market today, memory, compute power, and data
I/O are all independently scalable on the SGI Altix system enabling users
to scale their system in any dimension to meet their specific computing
needs.
The cryptography used in this product was tested using a cipher
compliance test approach, which used the methodology proscribed by the NIST
Cryptographic Algorithm Validation Scheme. Those security functions
included as FIPS Approved functions were tested by the cryptographic test
laboratory and validated by NIST's Cryptographic Algorithm Validation
Program. For more information regarding the security features tested visit
http://www.niap-ccevs.org/.
With this certification, all operating systems SGI offers today have
been evaluated -- IRIX(R), Trusted IRIX, and SUSE(R) Linux Enterprise
Server 9 from Novell(R). SGI is pursuing further Common Criteria security
evaluations on Altix and Altix XE platforms that include Labeled Security
Protection Profile, Version 1.b (multi-level secure access equivalent to
SGI's Trusted IRIX OS) and Role Based Access Control Protection Profile
Version 1.0.
SGI - Innovation for Results(TM)
SGI is a leader in high-performance computing. SGI delivers a complete
range of high-performance server and storage solutions along with
industry-leading professional services and support that enable its
customers to overcome the challenges of complex data-intensive workflows
and accelerate breakthrough discoveries, innovation and information
transformation. SGI solutions help customers solve their computing
challenges whether it's enhancing the quality of life through drug
research, designing and manufacturing safer and more efficient cars and
airplanes, studying global climate, providing technologies for homeland
security and defense, or helping enterprises manage large data. With
offices worldwide, the company is headquartered in Sunnyvale, Calif., and
can be found on the Web at http://www.sgi.com.
NOTE: SGI, IRIX, the SGI cube and the SGI logo are registered
trademarks of SGI in the United States and/or other countries worldwide.
RED HAT is a registered trademark of Red Hat, Inc. Novell is a registered
trademark, and SUSE is a trademark of Novell, Inc. All other trademarks
mentioned herein are the property of their respective owners.
This news release contains forward-looking statements regarding SGI
technologies and third-party technologies that are subject to risks and
uncertainties. These risks and uncertainties could cause actual results to
differ materially from those described in such statements. The reader is
cautioned not to rely unduly on these forward-looking statements, which are
not a guarantee of future or current performance. Such risks and
uncertainties include long-term program commitments, the performance of
third parties, the sustained performance of current and future products,
financing risks, the ability to integrate and support a complex technology
solution involving multiple providers and users, and other risks detailed
from time to time in the company's most recent SEC reports, including its
reports on Form 10-K and Form 10-Q.
MEDIA CONTACT
Marla Robinson
marlar@sgi.com
256.773.2371
SGI PR HOTLINE
650.933.7777
SGI PR FACSIMILE
650.933.0714
SOURCE SGI
 back to top
Related links:
http://www.sgi.com/
CONTACT:
Marla Robinson, +1-256-773-2371, or
marlar@sgi.com, or PR Hotline, +1-650-933-7777, or PR Facsimile,
+1-650-933-0714, all of SGI
|
