IBM Tech Certified

IBM's mainframe and Power-based virtualization technologies achieved one of the computer industry's most stringent security certifications

ARMONK, N.Y. -- IBM (NYSE: IBM) today announced the company's mainframe and POWER-based virtualization technologies have achieved one of the computer industry's most stringent security certifications, illustrating IBM's virtualization leadership over offerings from Sun Microsystems and EMC's VMware.

In the security certification - known as the Common Criteria's Evaluation Assurance Level (EAL) - IBM surpassed competitors to achieve one of the highest levels of certification for logical partitioning, IBM's premier virtualization technology used by its servers to run multiple operating systems simultaneously.

IBM's mainframe logical partitioning technology received a Level 5 rating, IBM's POWER-based virtualization received a 4+ rating, and EMC's VMware optional virtualization partitioning software scored Level 2. Sun's virtualization technology called "containers", which help clients virtualize at the operating system level have no published certification on the Common Criteria. The results:

Table 1: Common Criteria certification for virtualization partitioning [1]

Technology Rating
IBM System z9 EC logical partitioning [2] EAL 5
(PR/SM LPAR for the IBM System z9 109)
IBM LPAR for POWER4 pSeries [3] EAL 4+
EMC VMware [4]
(ESX Server 2.5.0 and VirtualCenter 1.2.0) EAL 2

The independent EAL5 ranking provides companies with information that they can run multiple operating systems with applications containing confidential data -- such as payroll, human resources, e-commerce, ERP and CRM systems -- on one System z9 EC divided into partitions that is designed to keep each system's data in a security-rich environment isolated from the others. To receive the certification, IBM System z9 EC logical partitioning (LPAR) has been tested by an independent evaluator.

Virtualization, pioneered by IBM on the mainframe in the 1960s is one of the reasons why mainframes are known as a business engine with many of today's major companies using the technology. The logical partitioning capability of IBM's POWER microprocessor architecture evolved from the IBM mainframe. IBM POWER microprocessors are used in IBM System p and System i servers as well as IBM's TotalStorage DS8000 storage systems.

IBM has built virtualization into the silicon level of its System z and POWER systems to help increase the degree of isolation providing clients resource virtualization. Partitioning and virtualizing workloads have emerged as vitally important in helping clients consolidate workloads and provide security capabilities in an increasingly online world.

Security is increasingly becoming important in a virtualized computer world as clients decide to deploy more virtual machines and enterprise-focused applications on virtualized systems. For example, a bank that is interested in virtualization technology can have a great degree of confidence deploying virtualization on a System z or IBM POWER-based system because it provides hardware enforced isolation. This isolation is designed to help secure applications running side-by-side.

"The superiority of IBM virtualization and logical partitioning in providing security features is in its heritage - it was designed from the beginning to be shared by hundreds of simultaneous users," said Rich Lechner, vice president virtualization, IBM. "That rigorous virtualization design point has resulted in robust security"