SUSE Linux Enterprise Security Certifications and Features

FIPS 140-2 standard

The FIPS publication 140-2, "Security Requirements for Cryptographic Modules," is a U.S. government computer security standard. Many other industry standards like DSS and DISA SRG/STIG depend on FIPS 140-2 certified cryptography modules. The tests and requirements of FIPS 140-2 assure that the cryptographic systems that are validated comply with the newest standards use appropriate key length and create correct ciphertext and keys. The validation also confirms that the module behaves as defined and documented if it runs in FIPS mode.

SUSE Linux Enterprise Server 12 contains seven cryptographic security modules validated to FIPS 140-2. The validation was conducted by atsec and certified by NIST (CMVP). SUSE regularly re-validates these modules.

The following modules are validated:

• SUSE Linux Enterprise Server 11 SP2
  • OpenSSL
• SUSE Linux Enterprise Server 12 and SUSE Linux Enterprise Server 12 SP1
  • OpenSSL
  • Kernel Crypto API
  • OpenSSH Client
  • OpenSSH Server
  • strongSwan
  • Libgcrypt
  • Mozilla NSS
• SUSE Linux Enterprise Server 12 SP2
  • Kernel Crypto API
• SUSE Linux Enterprise Server 12 SP2 and SUSE Linux Enterprise Server 12 SP3
  • OpenSSH Server
  • OpenSSH Client
  • OpenSSL
  • strongSwan
  • Libgcrypt
  • Mozilla NSS

Common Criteria Security Certifications

SUSE received Common Criteria Certificates at Evaluation Assurance Level EAL4, augmented by ALC_FLR.3 (EAL4+) for SUSE Linux Enterprise Server 12 BSI-DSZ-CC-0962-2016 and SUSE Linux Enterprise Server 11 SP2 (BSI-DSZ-CC-0787-2013 and BSI-DSZ-CC-0852-2013) including KVM virtualization on x86_64 and IBM System z. To achieve the certifications, the SUSE products and processes for developing and maintaining its products passed a rigorous security evaluation performed by atsec information security. The certificates were issued by Bundesamt für Sicherheit in der Informationstechnik (BSI). the German Federal Office for IT Security. The Common Criteria for Information Technology Security Evaluation is an international standard (ISO/IEC 15408) recognized by 26 countries worldwide.

STIG

STIG (Security Technical Implementation Guides) are developed by DISA (Defense Information Systems Agency) for the US DoD. STIG are security configuration guides for hardening systems, intended for military field users. When officially released, their application is mandatory for DoD users. The hardening findings are relevant beyond, including commercial applications.

DISA has developed with SUSE a formal STIG for SUSE Linux Enterprise Server 12 in the General Purpose Operating System role. The release letter and package are available upon request. Upon public release, they will be made available on the SUSE file server.

SUSE is working on adding automation content to this formal, manual STIG in SCAP format. We are also working on extending the STIG content with further roles.

FSTEC

Federal Service for Technic and Export Control is responsible for information security and protection of Russian technology. SUSE Linux Enterprise Server 11 SP3 is FSTEC certified (POCC RU.0001.01Би00).

System Hardening

System hardening is the process of securely configuring computer systems to eliminate as many security risks as possible. Comprehensive system hardening configurations can be made in the YaST2 Security Center. There are also guides about security and hardening elements and procedures that are best applied to a server both during installation and post-installation and that aim to improve the fitness of the system for the purposes demanded by administrators. The following guides are:

• SUSE Linux Enterprise 12 Security and Hardening Guide
• SUSE Linux Enterprise 11 Security and Hardening Guide
• SAP HANA Hardening Guide

UEFI Secure Boot

SUSE Linux Enterprise Server support for UEFI Secure Boot secures the boot process by preventing the loading of drivers or OS loaders that are not signed with an acceptable digital signature. See the details here.

OpenSCAP

OpenSCAP tools and libraries have been added in SUSE Linux Enterprise Server since SUSE Linux Enterprise Server 11 Service Pack 2. OpenSCAP is a set of open source libraries providing a path for integration of SCAP (Security Content Automation Protocol). SCAP is a collection of standards managed by NIST with the goal of providing a standard language for the expression of Computer Network Defense-related information. For more information about SCAP, see http://scap.nist.gov.

Firewall

SUSE Linux products come with a packet-filter which is enabled by default and can be configured with YaST2 or from the command line to adjust to the needs of a specific deployment.

Audit Subsystem

The Linux Audit Framework allows detailed logging of security-relevant events and creates an audit trail that allows tracking down the root of a possible security violation. This audit system is compliant with the requirements of a Common Criteria Evaluation at EAL4.

Filesystem Encryption

Data at rest should be encrypted when it is "confidential," especially when it is stored on mobile devices and external storage devices. SUSE Linux Enterprise supports full disk encryption as well as encrypted containers and partitions.

Transport Layer Security

For the encryption of data transmissions over untrusted networks Transport Layer Security (TLS) can be used by many services included in SUSE Linux products.

Security Updates

Software will never be free from flaws. SUSE Linux offers online security and non-security updates that keep your systems secure during their lifetime.

The security features mentioned above have met PCI DSS requirements for operating systems and will help you in creating an IT environment with SUSE Linux that is PCI DSS-compliant.

Process Hardening

We build many of our software packages with extra security measures that protect the running process against many exploitation techniques involving memory flaws.

AppArmor

This security framework protects your Linux OS and applications from external and internal threats and zero-day attacks. AppArmor comes with default policies for quick deployment so you can secure mission-critical applications quickly. Security profiles completely define what system resources individual programs can access and with what privileges. AppArmor also includes learning-based tools and advanced statistical analytics that simplify the development of customized policies, even for the most complex applications. Additionally, changing security policies with AppArmor is dynamic, eliminating the need to reboot the system.

Security-Enhanced Linux (SELinux)

In addition to AppArmor, SELinux capabilities have been added to SUSE Linux Enterprise Server. SELinux is a Linux kernel security module that provides a mechanism for supporting access control security policies, including United States Department of Defense-style mandatory access controls (MAC). While these capabilities are not enabled by default, customers can choose to run SELinux with SUSE Linux Enterprise Server.