IBM and Novell Complete New, Higher Level of Security Certification Evaluation for SUSE Linux

Novell's SUSE Linux Enterprise Server 9 First Linux Distribution to Complete Evaluation Assurance Level EAL4+

15 February 2005

IBM and Novell today announced that SUSE® LINUX Enterprise Server 9 has successfully completed a Common Criteria evaluation to achieve a new level of security certification that will further enable Linux to be adopted by governments and government agencies for mission-critical and command-and-control operations.

In addition, the two companies cooperatively achieved US Department of Defense Common Operating Environment compliance, a Defense Information Systems Agency requirement for military computing products.

Novell’s SUSE Linux Enterprise Server 9 on IBM eServers has achieved Controlled Access Protection Profile under the Common Criteria for Information Security Evaluation, also referred to as CAPP/EAL4+. A formal certificate issued by the Federal Office for Information Security in Germany (BSI) is expected to follow shortly.

While most IT professionals already acknowledge that Linux offers superior security when compared to other operating systems, the certification process is required for governments and governmental agencies to implement Linux solutions. The new, higher level of security certification clears the way for more rapid adoption of Linux by governments in the United States and around the world.

“Another barrier to the adoption of Linux falls today,” said IBM’s Daniel Frye, vice president, Linux Technology Center. “Not only does this pave the way for faster adoption by governments and their agencies, it also reinforces to businesses that Linux is an excellent choice to handle mission-critical applications.”

In addition, IBM and Novell announced that SUSE Linux Enterprise Server 9 had achieved Common Operating Environment compliance across IBM’s eServer line. This compliance – required by the United States Department of Defense – addresses functionality and interoperability requirements for commercially acquired IT products and allows Linux to be used in command-and-control systems, which represent some of the most sensitive and critical applications run by the government.

The Common Criteria is recognized internationally by IT professionals in businesses and government agencies as the ISO standard (ISO/IEC 15408) used by the Federal government and other organizations to assess security and assurance of technology products. It provides a necessary and standardized way of expressing security requirements and defines the respective set of rigorous criteria by which the product will be evaluated.

“The successful completion of this latest security evaluation is a clear demonstration of Novell's commitment to achieving industry approved security standards that will give our customers and partners the confidence to deploy SUSE Linux solutions,” said Markus Rex, vice president and general manager for SUSE Linux at Novell. “The close collaboration between Novell, IBM and atsec has been key to completing the security evaluation in record time.”

The evaluation announced today was completed by atsec information security, one of the world’s leading vendor-independent IT security consulting companies, and accredited in Germany by the Federal Office for Information Security (BSI).

About IBM

IBM is the world's largest information technology company, with 80 years of leadership in helping businesses innovate. Drawing on resources from across IBM and key IBM Business Partners, IBM offers a wide range of services, solutions and technologies that enable customers, large and small, to take full advantage of the new era of e-business. For more information about IBM, visit For more information about IBM and Linux, visit

About Novell

Novell, Inc. (Nasdaq: NOVL) is a leading provider of information solutions that deliver secure identity management (Novell Nsure™), Web application development (Novell exteNd™) and cross-platform networking services (Novell Nterprise™), all supported by strategic consulting and professional services (Novell NgageSM). Active in the open source community with its Ximian® and SUSE Linux brands, Novell provides a full range of Linux products and services for the enterprise, from the desktop to the server. Novell’s vision of one Net – a world without information boundaries – helps customers realize the value of their information securely and economically. For more information, call Novell’s Customer Response Center at (888) 321-4CRC (4272) or visit Press should visit

IBM, the IBM logo, eServer, zSeries, pSeries, iSeries, xSeries, BladeCenter, POWER5, OpenPower, and TotalStorage are trademarks or registered trademarks of International Business Machines Corporation in the United States or other countries or both. See

Novell, Nsure and Ximian are registered trademarks; exteNd and Nterprise are trademarks; and Ngage is a service mark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE Linux AG, a Novell business.

Linux is a registered trademark of Linus Torvalds in the United States, other countries or both.

All other company/product names and service marks may be trademarks or registered trademarks of their respective companies.

Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.