Oracle is pleased to announce that the Oracle Linux 6 and Oracle Linux 7 have entered evaluation for FIPS 140-2 compliance at Level 1 of the standard. Conformance with the FIPS 140-2 standard provides assurance to government and industry purchasers that products are correctly implementing cryptographic functions as the FIPS 140-2 standard specifies.
FIPS 140-2 is a public sector procurement requirement in both the United States and Canada for any products claiming or providing encryption. The FIPS 140-2 program is jointly administered by the US and Canada. In the US, the program is administered by NIST (National Institute of Standards and Technology) through the CMVP (Cryptographic Module Validation Program). In Canada, the program is administered by the Communications Security Establishment of the Government of Canada (CSEC).
The Oracle Linux operating system is engineered for open cloud infrastructure. It delivers leading performance, scalability, reliability and security for enterprise SaaS and PaaS workloads as well as traditional enterprise applications. Oracle Linux Support offers access to award-winning Oracle support resources and Linux support specialists, zero-downtime updates using Ksplice, additional management tools such as Oracle Enterprise Manager and lifetime support, all at a low cost. Unlike many other commercial Linux distributions, Oracle Linux is easy to download, completely free to use, distribute and update.
For more information on Oracle’s participation in the FIPS 140-2 validation program, please visit the main FIPS 140-2 information page. For a complete list of Oracle products with FIPS 140-2 validations and Common Criteria certifications, please see Oracle’s Security Evaluations website: