EMC Corporation announced that a broad portfolio of their products have been awarded Common Criteria certification for meeting the security requirements defined by the Common Criteria for Information Technology Security Evaluation.
The Common Criteria is an internationally recognized ISO standard (ISO/IEC15408) used by governments and other organizations to assess the security and assurance of technology products. Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard manner. In the United States, federal agencies mandate that all IT products purchased by the U.S. Government for national security systems, which handle classified and some non-classified information, are required to be Common Criteria certified. Security-conscious customers such as government agencies utilize Common Criteria certification as a determining factor when making purchasing decisions.
The following products from EMC and RSA have received Common Criteria certification:
- EMC SMARTS Service Assurance Management Suite, IP Management Suite and Storage Insight for Availability.
- EMC CLARiiON FLARE with Navisphere running on CX3 series storage systems.
- EMC Celerra Network Server.
- EMC ControlCenter.
- EMC Symmetrix Access Controls, Enginuity with EMC Solutions Enabler.
- EMC Disk Library.
- EMC Documentum platform.
- RSA(R) Certificate Manager.
To gain compliance, a product’s security features are evaluated by an accredited commercial testing lab using Common Evaluation methodology. This is followed by an independent validation of evaluation results via Common Criteria authorized schemes, assessing the results of security evaluations conducted by licensed, independent labs. The resulting certification and validation report demonstrates conformance to Common Criteria.