Government and defense

Compliant infrastructure built to advance your mission

Federal agencies, defense contractors, and national laboratories operate under requirements that general-purpose infrastructure was never designed to meet: validated cryptography, proactive hardening, predictable long-term stability, large-scale cluster provisioning, and automated compliance at every layer of the stack. CIQ builds the software infrastructure that makes all of it work.

CIQ trusted by:

Use cases

Security and
compliance

RLC Pro ships FIPS 140-3 validated modules on every LTS release (Cert #5117, #5116, #5113, #5095), verifiable in the NIST CMVP database. RLC Pro Hardened adds LKRG kernel runtime protection, hardened memory allocation, privilege boundary controls, and pre-hardened DISA STIG and CIS images.

Supported frameworks: FIPS 140-3 · DISA STIG · CIS · FedRAMP · FISMA · CMMC

HPC and research computing

Warewulf Pro delivers stateless, diskless cluster provisioning for national laboratories and research sites. Every node boots exactly what your team audited: no local state, no drift.

Fuzzball orchestrates HPC and AI jobs across on-prem and cloud. CIQ's LTS commitments align with federal procurement and grant cycles.

IT automation & config management

Ascender Pro delivers configuration management, compliance enforcement, and infrastructure automation. Compatible with existing Ansible playbooks and AWX workflows. Backed by the engineers who maintain the upstream project.

AI and accelerated computing

RLC Pro AI delivers an upstream-current kernel for GPU-acceleratedWarewulf Pro delivers stateless, diskless cluster provisioning for national laboratories and research sites. Every node boots exactly what your team audited: no local state, no drift. workloads, pre-integrated frameworks, and compatibility-tested drivers for NVIDIA, and soon AMD. Supply chain verification and Secure Boot included.

What government and defense teams are saying

"NIST 800‑171 controls are non‑negotiable for funded research; having a supported, compliant OS is critical to staying eligible for grants."
Research laboratory

Products

RLC Pro

Commercially supported Rocky Linux. LTS, FIPS 140-3 validated packages (Cert #5117, #5116, #5113, #5095), direct CVE remediation, signed supply chain, IP indemnification.

RLC Pro Hardened

RLC Pro with LKRG kernel runtime protection, hardened memory allocation, privilege boundary controls, reduced SSH attack surface, and pre-hardened DISA STIG and CIS images. For environments with limited patching windows.

Ascender Pro

IT automation for federal environments. Configuration management, compliance enforcement, infrastructure automation. Ansible-compatible. Backed by upstream maintainers.

Warewulf Pro

Stateless cluster provisioning for HPC. Build and audit node images in a secure enclave before deployment. Used at national laboratories and government research sites.

RLC Pro AI

Rocky Linux for GPU-accelerated AI and HPC workloads. Upstream-current kernel, pre-integrated frameworks, compatibility-tested drivers for NVIDIA, and soon for AMD. Supply chain verification and Secure Boot included.

Technical resources

RLC Pro Hardened solution brief

Covers LKRG, FIPS 140-3 delivery model, DISA STIG and CIS compliance, the full hardening feature set, and the CIQ Linux Security team's approach.

RLC Pro solution brief

Covers Long-Term Support, FIPS 140-3 validated packages, CVE remediation, supply chain security, and support options for regulated environments.

Getting started documentation

Deployment guides, DISA STIG remediation scripts, FIPS enablement steps, LKRG configuration, and Warewulf Pro cluster setup for federal and defense environments.

FAQs

Are the FIPS 140-3 certificates verifiable in the NIST database?

Yes. Certificates #5117, #5116, #5113, and #5095 are listed in the NIST Cryptographic Module Validation Program (CMVP) database and can be provided to auditors directly.

Does RLC Pro Hardened maintain a consistent security baseline across updates?

Yes. Security controls persist across DNF/RPM updates. Your hardening configuration does not reset when packages are updated.

Which compliance frameworks does RLC Pro support?

RLC Pro and RLC Pro Hardened address requirements for FIPS 140-3, DISA STIG, CIS, FedRAMP, FISMA, and CMMC-scoped environments. CIQ can provide remediation scripts and support to customize configurations to your specific requirements.

Does CIQ serve national laboratories and HPC research sites?

Yes. Warewulf Pro is deployed at national laboratories; Fuzzball orchestrates HPC and AI workloads. LTS commitments align with multi-year federal procurement cycles.