SolarWinds IT Management Solutions Tested for Common Criteria Certification
December 2015 by Marc Jacob
SolarWinds announced that SolarWinds(R) Log & Event Manager completed assurance maintenance under the Common Criteria for Information Technology Security Evaluation, an internationally recognized standard for computer security achieved through independent laboratory testing and evaluation, and 11 other IT management products are under evaluation for certification.
Common Criteria for Information Technology Security Evaluation
Common Criteria is an international program among 25 nations in which IT products are certified against standard specifications, specifically to ensure they meet an agreed-upon security standard for government deployments.
SolarWinds Log & Event Manager 6.2.0 has completed assurance maintenance under Common Criteria to Evaluation Assurance Level (EAL) 2 augmented with ALC_FLR.2.
The SolarWinds Orion(R) Suite v1.1, comprising the below solutions, is currently undergoing Common Criteria evaluation at Evaluation Assurance Level (EAL) 2+:
SolarWinds Network Performance Monitor 11.5.2 - network monitoring that quickly detects, diagnoses, and resolves network performance problems and outages
SolarWinds Server & Application Monitor 6.2.1 - comprehensive application and server monitoring for alerting, reporting, and management
SolarWinds Network Configuration Manager 7.4 - automated network configuration and change management
SolarWinds NetFlow Traffic Analyzer 4.1.1 - real-time network utilization and bandwidth monitoring
SolarWinds IP Address Manager 4.3 - centralized management for DHCP, DNS and IP addresses
SolarWinds User Device Tracker 3.2.2 - automated device tracking and switch port management
SolarWinds VoIP & Network Quality Manager 4.2.2 - proactive VoIP and WAN performance monitoring and troubleshooting
SolarWinds Web Performance Monitor 2.2 - website performance monitoring for internal and customer facing applications
SolarWinds Storage Resource Monitor 6.1.1 - storage monitoring and capacity management
Enterprise Operations Console 1.6 - unified management for distributed enterprise networks
Failover Engine 6.7.0 - SolarWinds platform server monitoring
Previous versions of SolarWinds Orion Suite and SolarWinds Log & Event Manager have been certified for Common Criteria, more details are available here.
Electronic Warfare Associates - Canada, Ltd. (EWA-Canada), a Common Criteria Testing Laboratory (CCTL) accredited by the Standards Council of Canada and approved by Canada’s Communications Security Establishment (CSE), evaluated SolarWinds software to determine that it meets all of the requirements of this security certification. EWA-Canada, in conjunction with its partner lab in the Spanish Common Criteria Scheme, is carrying out the evaluation of the SolarWinds Orion Suite v1.1. EWA-Canada is recognized for its extensive experience with Common Criteria evaluations, enabling companies to manage the process and ensure their products meet important certification requirements.
SolarWinds Solutions for Government
SolarWinds software is available through numerous channel partners and systems integrators worldwide as well as the U.S. General Services Administration (GSA(R)) Schedule, Department of Defense ESI, United Nations Global Marketplace (UNGM), Crown Commercial Service (CCS), United Nations Atlas.
Government certifications and approvals include Army CoN, Air Force APL, Navy DADMS; and Technical Requirements include FIPS compatibility, DISA STIGs, and National Institute of Standards and Technology (NIST) compliance, Section 508 VPATs, in addition to the Good Practice Guide 13 (U.K.).
SolarWinds also has hundreds of built-in automated compliance reports, which meet requirements of major auditing authorities, including DISA STIG, FISMA, NIST, and more.
SolarWinds’ thwack(R) online user community provides a number of out-of-the-box compliance templates for the Payment Card Industry Data Security Standards (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) and other standards.