Today we are celebrating a momentous occasion. Ten years ago today, Red Hat and IBM began our global collaborative partnership to expand the use of enterprise solutions on Linux. It was a small but important start to announce that IBM would run Red Hat Linux on its industry-standard systems. Back in 1999, Red Hat was on the eve of its IPO, and IBM was testing the waters of Linux. Only 10 million users ran the Linux operating system at the time, according to IDC Research quoted in our original partnership announcement.

The global partnership has broadly expanded over the years, and today delivers combined solutions driven by rich joint technology innovations. Together, Red Hat and IBM are deeply penetrating the mission-critical infrastructures of many of the world’s Fortune 500 companies, delivering value to our joint customers through the combination of open source solutions, comprehensive services, solid platforms and technology leadership. Red Hat stands as a Strategic Alliance partner for IBM — the top ranking partnership category — and IBM is a Premier OEM partner for Red Hat.

Our alliance helped spur broad-based industry Linux adoption, driving the one of the fastest growth rates for mainstream operating systems in the past decade. As of 3Q08, IDC’s Server Tracker indicated that Linux accounts for 14% of the overall server market. (rolling 4Q average). Red Hat is the top commercial contributor to the Linux kernel, and IBM is one of the world’s top Linux evangelists—the third largest contributor to the Linux kernel — and runs Red Hat Enterprise Linux across all of our servers and 500 middleware programs.
» Read more

Following the release of Fedora 9 last May, we’ve been hard at work in anticipation for Fedora 10. OK, so maybe we took one day off to celebrate the success of Fedora 9, but we didn’t wait too long before diving in to implement cool, new features in the next release. Fedora 10 (Cambridge) is due out in November 2008, and the Alpha release provides a chance for the whole community to weigh in. Tell us what you think and get involved in testing the new features – check out the Fedora 10 Alpha release notes, and then download the Alpha.

Red Hat engineers working in Fedora and upstream communities have been developing several new features slated for Fedora 10. Here are just a few of the features that we’re very excited to deliver:

• Glitch free audio. The revolutionary PulseAudio stack has been enhanced to use timer-based scheduling. This means that it uses less power, is more hardware independent, and adjusts dynamically to keep audio data flowing without interruption — minimizing drop outs.

• Sectool. Fedora 10 will feature a brand new security auditing and intrusion detection system. It has both text and graphical front ends, features highly configurable groups for adjusting test runs, and is completely modular and extensible. Administrators and the community at large can write their own tests to extend its functionality even further.

• Connection Sharing. Fedora 10 delivers on the promise of NetworkManager’s “Create new wireless network” tool, with easy setup of an ad-hoc wifi network on any machine with a network connection and a spare wireless card. If the machine has primary network connection (wired, 3G, second wireless card), routing is set up so that devices connected to the ad-hoc wifi network can share the connection to the outside network.

There are more great features on the way. As always, everything that goes into and comes out of the Fedora Project is completely open and free for anyone to use, modify, and redistribute. Keep an eye on our wiki’s feature list to see how things are progressing throughout the Fedora 10 development cycle.

We’re excited to announce two major bits of security news from the Red Hat Summit today:

• The launch of the Red Hat Enterprise IPA product
• The acquisition of open source identity integration provider, Identyx

After the completion of a successful beta test program that was launched at the RSA security conference in April, version 1.0 of Red Hat Enterprise IPA is now generally available. If you’re not familiar with the freeIPA project upon which Red Hat Enterprise IPA is based, it was started about a year ago as an open source, standards-based identity and access management solution for the Unix/Linux environment.
» Read more

Today we’re excited to announce another community initiative — the Open Source Software Security community (oss-security). This project is an ongoing effort to manage security information in open source software by building on the collaborative foundation of the open source model.

The purpose of oss-security is to encourage public discussion of security flaws, concepts and practices in the open source community. We don’t want to simply be an information clearinghouse, or to replace any of the current security lists and groups. The goal is to fill an existing vacuum by encouraging active participation of those interested in the ideas and unique challenges in securing open source software. This includes activities such as flaw discovery, understanding, reporting and overall best practices.
» Read more

Today, with atsec information security, we announced that JBoss Enterprise Application Platform, v4.3 is currently ‘In Evaluation’ for Common Criteria certification at Evaluation Assurance Level (EAL)2+ (augmented for flaw remediation).

This is an important announcement on many levels. It represents the first major milestone since we announced our intent to pursue additional Common Criteria certifications in Nov. 2007. Beyond this, many U.S. federal government agencies and private-sector companies use Common Criteria evaluations as a benchmark to make informed security decisions when evaluating solutions. Why? Products are evaluated by independent labs under Common Criteria’s stringent and lengthy testing requirements, giving customers an impartial assessment of the product’s ability to meet specific security requirements. Outside of the U.S., dozens of nations now recognize Common Criteria certifications, agreeing that the evaluations “contribute significantly to confidence in the security of those products.” Because Common Criteria is a recognized international standard, it gives private-sector customers with worldwide operations confidence that the products they purchase will meet local security standards.
» Read more

In the last few weeks, there have been three significant events in the adoption of SELinux and Type Enforcement. They’re all exciting, and each is a testament to the long-term success and viability of the TE approach. Even more exciting, though, is the fact that none of these announcements came from Red Hat. After carrying the flag for so long, it’s gratifying to see other communities join the effort to make serious security a standard feature in general-purpose operating systems.

First, Sun has announced that they will be porting Flask to OpenSolaris in cooperation with the NSA, calling it Flexible Mandatory Access Control, or FMAC. If this sounds familiar, it should — it’s very similar to the deal NSA and Red Hat struck in 2004, when SELinux was just gaining interest from a broad audience.
» Read more

For the last few years, Red Hat has been a regular fixture at the RSA Conference, and this year will be no different. We will be showing the recently open sourced Certificate System Dogtag project and we’ll be launching the beta program for Red Hat Enterprise IPA. Red Hat Enterprise IPA is a new product, scheduled for release mid-year, that is based on the open source freeIPA, centralized Identity, Policy and Audit project. At the Red Hat booth at RSA, we will have a demo showing the high-level features of Red Hat Enterprise IPA, so if you are interested in participating in the beta program please visit us at the show, or sign up for more information about the beta.

Identity and access management is important for reasons of efficiency, risk reduction and compliance. Existing solutions are either no longer compliant (NIS), expensive or not that easy to use (do-it-yourself LDAP and perhaps Kerberos). Red Hat’s acquisition of Netscape’s Directory Server and Certificate System was just the start of our identity and access management strategy.
» Read more

Red Hat Certificate System was acquired from AOL three years ago as part of the Netscape technology acquisition. In keeping with our commitment to open source software, today Red Hat has released all of the source code to Red Hat Certificate System. Much of the technology in Red Hat Certificate System was already open source, including the Apache web server, Red Hat Directory Server and the FIPS140-2 level 2 validated NSS cryptographic libraries, but today’s move further demonstrates Red Hat’s belief that the open source development model creates more secure software.
» Read more

Shortly after purchasing the technologies from AOL/Netscape, we opened the source for Red Hat Directory Server in the summer of 2005. Since then, the Fedora Directory Server project has attracted attention and contributions from the community and is now also at the heart of a broader community effort around the central management of identity, policy and audit for the Unix and Linux world, called freeIPA.

Today’s 8.0 release of Red Hat Directory Server is built directly from those fully open source Fedora Directory Server bits and contains all of the contributions and community effort that went into that project. Part of the effort was around achieving full RPM compliance for Red Hat Directory Server, enabling organizations to now rely on the standard Red Hat Network update process for updates.
» Read more

We’ve recently seen a large amount of information in the press regarding information security and what happens when organizations misstep in implementing security procedures and systems. This problem is not going to be solved in the near term. To date, the volume of reports has not diminished public interest. We can expect to see additional incidents and they will become increasingly visible.

The problem requires attention from both technology people and their business partners.
» Read more