In the security certification – known as the Common Criteria’s Evaluation Assurance Level (EAL) – IBM achieved one of the highest levels of certification for logical partitioning, IBM’s premier virtualization technology used by its servers to run multiple operating systems simultaneously.
IBM’s mainframe logical partitioning technology received a Level 5 rating, IBM’s POWER-based virtualization received a 4+ rating. The results:
Common Criteria certification for virtualization partitioning [1]
Technology Rating
IBM System z9 EC logical partitioning
(PR/SM LPAR for the IBM System z9 109) EAL 5
IBM LPAR for POWER4 pSeries EAL 4+
The independent EAL5 ranking provides companies with information that they can run multiple operating systems with applications containing confidential data -- such as payroll, human resources, e-commerce, ERP and CRM systems -- on one System z9 EC divided into partitions that is designed to keep each system’s data in a security-rich environment isolated from the others. To receive the certification, IBM System z9 EC logical partitioning (LPAR) has been tested by an independent evaluator.
Virtualization, pioneered by IBM on the mainframe in the 1960s, is one of the reasons why mainframes are known as a business engine with many of today’s major companies using the technology. The logical partitioning capability of IBM’s POWER microprocessor architecture evolved from the IBM mainframe. IBM POWER microprocessors are used in IBM System p servers, System i servers, BladeCenter as well as select models of IBM’s TotalStorage DS8000 storage systems.
IBM has built virtualization into the silicon level of its System z and POWER systems to help increase the degree of isolation providing clients resource virtualization. Partitioning and virtualizing workloads have emerged as vitally important in helping clients consolidate workloads and provide security capabilities in an increasingly online world.
Security is increasingly becoming important in a virtualized computer world as clients decide to deploy more virtual machines and enterprise-focused applications on virtualized systems. For example, a bank that is interested in virtualization technology can have a great degree of confidence deploying virtualization on a System z or IBM POWER-based system because it provides hardware-based isolation capabilities. This isolation is designed to help secure applications running side-by-side.
“The superiority of IBM virtualization and logical partitioning in providing security features is in its heritage – it was designed to be shared by hundreds of simultaneous users,” said Rich Lechner, vice president virtualization, IBM. “That rigorous virtualization design point has resulted in robust security.”
The Common Criteria is an international standard for computer security that provides clients the assurance that the process of specifying, developing, and evaluating a computer product has been conducted in a rigorous manner for the areas that the tests measure. The Common Criteria defines a number of processes including an Evaluation Assurance Level (EAL). The EAL is a set of strict requirements that covers the certain development areas of the product reviewed.
Visit the mainframe blog at http://www.mainframe.typepad.com/....
For more information on IBM’s Virtualization Engine technology, visit http://www-03.ibm.com/...
About The Common Criteria
The Common Criteria (CC) is an internationally recognized ISO standard used by the United States federal government and other organizations to assess security and assurance of technology products. The CC provides a standardized way of expressing security requirements, defines the respective set of rigorous criteria by which the product will be evaluated, and is widely recognized among IT professionals, government agencies, and customers as a seal of approval for mission-critical software. To find out more about the Common Criteria security certification standards, visit http://www.commoncriteriaportal.org.