JBoss EAP 4.3 Achieves Security Certification

Posted on by Rich Sharples

cc-logo

A few weeks back JBoss Enterprise App. Platform 4.3 achieved Common Criteria Certification at Evaluation Assurance Level (EAL) 2+ – here’s the press release and here’s the evaluators updated page.

Common Criteria Evaluation is an internationally recognized standard that defines a  framework for computer systems users to specify security requirements; for vendors to implement them and for third-party evaluators to test them. The Evaluation process ensures that this is all carried out in a consistent, formalized and standard way.

The Evaluation Assurance Level (EAL) describes the “depth and rigour” of the evaluation not necessarily the security hardness. Though products certified at Level 7 (the highest) are likely to be deployed more demanding and secure environments than a product certified at Level 1 (the lowest). EAL 2+ means the products have been evaluated in collaboration with the vendor (eg. to provide development, design and test documentation).

What this means is that customers who care about security (who doesn’t ?) can be assured that JBoss Enterprise App. Platform 4.3 will meet commonly accepted, best practice security requirements. Even outside military and government use, who use Common Criteria as a benchmark, this evaluation should demonstrate Red Hat’s commitment to security. It’s a long and fairly involved process and the costs aren’t insignificant.

This is the first successful evaluation for a JBoss product but the JBoss Data Services Platform is currently in process and we’re already planning for a more stringent evaluation (higher EAL) for JBoss EAP 5.x.

Tab Sweep : JBoss Mostly

Posted on by Rich Sharples

Over the last ten years – every year has been proclaimed the year that Java dies. And every year people are proven wrong and I think that will continue to happen for another 20 or 30 years. To put it into perspective COBOL, another fairly sucessful language is 50 (fifty) years old this month. Other popular langauges : C – 37 years old, C++ – 26 years old, Java – a mere 14 years old. People are still running and maintaining COBOL, ditto C, C++, etc. These popular languages have taken decades to reach mainstream adoption and will be viable for decades to come.

JBoss AS 5.1 GA has been released. Downloads are looking pretty healthy and it’s good to see almost monthly releases now that the MC / re-architecture work is behind us. Release early, release often

It’s Java One time again, JBoss’ presence this year will probably be larger than last year – we have a lot to talk about and show – so swing by our sessions, our booths and join us at the JBoss Party. See you there – and follow @JBossNews on twitter for the latest Java One updates.

Sun seem to be getting increasingly desperate to build a business around their Java middleware – they’re attacking companies a fraction of a fraction of their size and continuing the fire sale. It’s going to be really interesting when Sun product lines get hit with Larry Ellison’s “fiduciary responsibility” stick. Weblogic wasn’t exactly cheap – and Oracle had to pile on a pretty hefty Tax to bring it in line with Oracle’s cost model. The disparity between Sun and Oracle pricing is *huge* and is going to require something more dramatic than a a mere 30% price increase.

Although Java One hasn’t started yet – for all the folks involved in planning and preparing – the work is (or should be) done. At Red Hat we already have our sight on the biggest Red Hat / JBoss event of the year – the co-located Red Hat Summit and JBoss World 2009 which is in Chicago, Septemer 1st to 4th.

The best $1200 you could spend this year

Posted on by Rich Sharples

Unsurprisingly and from what I’ve seen personally – tech. conference attendance is a little light this year. But if you have some budget for attending tech. conferences – I think the combined JBoss World / Red Hat Summit (Chicago, Sept 1st-4th) could be just about the best investment you make this year.

You’ll learn about all the great tech. that Red Hat and JBoss will be shipping as well as some of the technology still in the labs. But most of all you’ll learn how Red Hat can save you and your organization money – and right now that’s got to be a smart investment.

* travel and accomodation extra