Corsec is pleased to congratulate our partner, VMware, on completing the Common Criteria validation for it’s product; vSphere v5.5. This product was tested and validated through the most stringent of security standards receiving a validation under an EAL2+, which underscores VMware’s commitment to helping federal organizations and global enterprises secure products around the world. vSphere is now able to sell into the U.S. DoD, Civilian agencies and IC, as well as other international governments and industries around the world. Corsec is pleased to have helped VMware reach this amazing goal over the last year.
Corsec has been consistently partnering with product vendors worldwide to manage the process of security certifications and validations, including FIPS 140-2, Common Criteria and the UC APL.
About Common Criteria
Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 26 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU. The U.S. government mandates common Criteria certification of security products for federal purchases. The National Information Assurance Acquisition Policy (NIAAP), NSTISSP No. 11, requires agencies to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.
See a larger list of the clients we have helped navigate the process of security certifications here!
Looking towards the 2016 Fed buying cycle? Schedule your assessment today to develop a path forward for your product.