All too frequently, we are reminded that a networked world brings us into contact with the best and the worst that the world has to offer. Today's organisations must counter the ingenuity and determination of criminals and pranksters with equal ingenuity and determination. The increasingly complex world of IT security requires reliable measures of technical qualifications so that organisations can identify the people who are qualified to implement security solutions.

Relevance of RHCSS to the industry External security: Unfortunately, the unfriendly world is just getting more unfriendly, and the stakes are getting higher. Government agencies, particularly those involved in defence, must contend with the threat of cyber-terrorism, sabotage and espionage. Businesses must be on guard for professional intruders who are interested in stealing confidential information.

Internal security: More troubling still, the computers, networks, and Internet access that have made workers more productive have also given the disgruntled or wayward employee new ways to seek revenge and new temptations for misbehaviour. Putting up firewalls to guard against outsiders while leaving internal networks and systems wide open is simply nah/e.

Organisations look increasingly to security certifications to determine who is qualified to truly protect networks and systems. General multiple-choice certifications partially meet the need for such credentials. However, there is a need for a performance-based open source security certification like RHCSS that focuses on technical implementation, rather than policy or theory.

To this end, Red Hat offers the Red Hat Certified Security Specialist (RHCSS), a performance-based security certification that requires advanced skills
using Red Hat Enterprise Linux, SELinux, and Red Hat Directory Server. An RHCSS can help your company meet the security requirements of today's enterprise environment.

Red Hat has long attracted industry notice because of live, performance-based testing in certification programs like Red Hat Certified Technician (RHCT), Red Hat Certified Engineer (RHCE), and Red Hat Certified Architect (RHCA). RHCSS joins this family as a first-of-its kind performance-based security certification.

What's expected of a certified RHCSS?

An RHCSS certified person is one who has demonstrated the expertise on technologies used to secure the Red Hat Enterprise Linux (RHEL) operating system. Those certified have demonstrated skills in setting up a centralised authentication
and user identity management in a heterogeneous environment using Red Hat Directory Server.

As part of the certification process, these specialists will have written Mandatory Access Control policies in SELinux to lock down applications running on RHEL. The RHCSS modules also cover IPA (Identity, Policy, Audit), an integrated security information management solution combining Linux (RHEL), Red Hat Directory Server, MIT Kerberos, NTP and DNS. It consists of a Web interface and command-line administration tools. Currently, it supports identity management with plans to support policy and auditing management.