NetApp Data Ontap 8.0 Earns EAL2+ Certification

NetApp, Inc. announced that NetApp Data ONTAP 8.0.0 operating in 7-Mode and Data ONTAP 8.0.1 operating in 7-Mode have completed evaluation for an EAL2+ certification under the Communications Security Establishment Canada‘s (CSEC) Common Criteria Evaluation and Certification Scheme (CCS).

Government and commercial customers alike receive the best possible security solutions from NetApp as the company continues to commit to achieving the highest calibre in IT government security validations.
 
As the first storage vendor to meet Common Criteria Certification standards in 2005, NetApp set the bar in security features across the storage industry.
 
"We are proud to be able to successfully continue to invest in securing our customers against attacks on their valuable data," said Mark Weber, president and general manager of the U.S. Public Sector, NetApp. "It is that commitment to our customers that makes NetApp one of the best storage vendors to do business with in the U.S. Public Sector and in the world."
 
In order to facilitate the prompt completion of the Common Criteria certification, NetApp partnered with Corsec Security, Inc., a consulting, documentation, and project management services firm.

"NetApp’s achievement of Common Criteria certification for Data ONTAP 8.0.0 operating in 7-Mode and Data ONTAP 8.0.1 operating in 7-Mode underscores their dedication to continuously providing security assurance in their technology," said Matthew Appler, CEO, Corsec Security. "We were highly impressed with NetApp’s solution and with their commitment to the evaluation process."

The NetApp security story is broader than achieving common criteria certification. NetApp offers multiple FIPS 140-2 validated data at rest encryption solutions, such as NetApp Storage Encryption using self-encrypting drives and Brocade FC Encryption Switches and blades. Upgraded NAS encryption appliances will be announced soon.

NetApp’s Secure Multi-Tenancy architecture, developed in concert with Cisco and VMware, is a unique service-oriented infrastructure that includes all server, storage, and networking hardware and software to facilitate secure sharing, reuse, and dynamic resource allocation for next-generation data centers and cloud service providers.

NetApp has also achieved ISO/IEC 27001, the global standard for Information Security Management Systems (ISMS). This provides NetApp customers, partners, vendors, and employees with the confidence that information is protected in accordance with the ISO standard .

NetApp demonstrated NetApp Storage Encryption in the OASIS KMIP interoperability demo at the RSA Security Conference in San Francisco.

About Common Criteria
Common Criteria is an internationally set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. Once completed, Common Criteria certifications are mutually accepted by 26 countries through the CCRA (Common Criteria Recognition Agreement), including the United States government. Common Criteria certification of security products is mandated by the U.S. government for all federal purchases.