Security is a top priority for our customers, and Citrix has a long history of demonstrating the security of our products and solutions by submitting them for independent Common Criteria security certification. I’m excited to announce the latest addition to our list of certifications: XenServer 7.1 CU2 has been awarded Common Criteria EAL2+ status.
Common Criteria (CC) certification is an essential qualification for government customers in many countries, but non-governmental customers also often regard CC certification as something that makes a product more attractive. Even if the certification doesn’t apply to your industry, the associated security guidance may be helpful for your deployments. Certification is done in approved facilities in one country and is then accepted by the governments of 30 countries around the globe without further testing or certification needed.
Certified products, including Citrix’s XenApp, XenDesktop, NetScaler and XenServer, are listed on the public Common Criteria portal.
What Was Different This Time?
We’ve shifted the XenServer certification process to Canada for the first time after many years of certification in the UK. With the move to Canada, we selected our previous certification partner, DXC Technology as the evaluation facility. DXC also evaluated XenApp and XenDesktop in 2018.
We also updated XenServer to include the FIPS-validated Citrix crypto module.
We kept the EAL 2+ certification level, as in previous XenServer evaluations. Also, with recent changes in Common Criteria, EAL 2+ is now the highest level accepted without a Protection Profile under the new Common Criteria Recognition Arrangement.
As with our other evaluations, for this Common Criteria evaluation we also used automated testing, providing a consistent, well defined, repeatable approach for evaluation of the security requirements. This allowed us to run the tests much earlier, before the release of XenServer 7.1 CU2 itself, and so contribute to the overall product quality.
Congratulations to the Citrix Hypervisor team!
