Red Hat Collaborates with IBM, Achieves NIST Certification

March 21, 2017 - This week Red Hat announced a new collaboration with IBM Cloud and added a new National Institute of Standards and Technology (NIST) certification for OpenSCAP 1.2.

IBM and Red Hat joined in a strategic collaboration to encourage enterprises to adopt hybrid cloud. Users will benefit from Red Hat’s OpenStack platform to more easily extend their existing virtualized infrastructure and workloads to the IBM Private Cloud.

To meet the required standards, IBM became a Red Hat Certified Cloud and Service Provider so customers can use Red Hat OpenStack Platform and Red Hat Ceph Storage on IBM Private Cloud.

Red Hat Cloud Access will also be available for IBM Cloud by the end of the month.

Red Hat Cloud Access allows customers to move eligible unused Red Hat Enterprise Linux subscriptions from the datacenter to a public virtualized cloud environment in IBM Cloud Data Center. This effort allows organizations to make the most out of Red Hat software investments by extending subscriptions for scaling with IBM Cloud.

"Our collaboration with IBM is aimed at helping enterprise customers more quickly and easily embrace hybrid cloud," Red Hat OpenStack General Manager Radhesh Balakrishnan said in a statement. "Now, customers who don't have in-house expertise to manage an OpenStack infrastructure can more confidently consume Red Hat OpenStack Platform and Red Hat Ceph Storage on IBM Private Cloud."

Through the collaboration, IBM and Red Hat will provide organizations with the hybrid cloud infrastructure to allow them to efficiently run cloud applications using OpenStack APIs. Organizations will also be able to use Red Hat Cloud Access to provision cloud infrastructure more quickly to migrate existing workloads and Red Hat subscriptions to IBM Cloud.

Entities can leverage IBM and Red Hat technology to scale local environments using the cloud and the companies plan to jointly market their solution for private cloud deployments including workload migration, disaster recovery, capacity expansion, and datacenter consolidation.

Red Hat also announced that its OpenSCAP 1.2 source Security Content Automation Protocol (SCAP) scanner has been certified by NIST. Through this certification, OpenSCAP can analyze and evaluate security automation content correctly. It can also ensure it has met NIST requirements to run in sensitive, security-conscious environments.

Organizations using OpenSCAP for regulatory reason no longer need to request waivers for Red Hat environments. OpenSCAP has been integrated into the Red Hat Enterprise Linux installer allowing systems to run in continuous security compliance from the beginning to through the end of deployment.

“Continuous, repeatable scanning processes are key to keeping modern, increasingly-complex computing environments more secure and safe, and open standards help to make these processes achievable,” Red Hat Public Sector Chief Technologist David Egts said in a statement. “NIST’s new certification of OpenSCAP on the world’s leading enterprise Linux platform provides a flexible, powerful SCAP scanner built on open standards, making it easier for agencies and other organizations to add verifiable, repeatable security scanning to their repertoires.”

Red Hat also seeks to improve app security by providing underlying development libraries for OpenSCAP. From there, independent software vendors can embed NIST certified configuration and vulnerability scanning into applications they build for Red Hat Enterprise Linux.

Red Hat has been modifying its solutions to appeal to organizations needing more secure cloud and virtualization environments that are compatible with existing infrastructure. For healthcare, this is particularly important because many organizations do not have the money or ability to change over their health IT infrastructure environments.

Many healthcare organizations are moving pieces of their environments to the cloud and have to contend with compatibility issues with a migrated or virtualized environment. Tools that simplify the migration process are vital to successful data migration.