Congratulations to HPE for successful completion of the Common Criteria evaluation for Cloud Service Automation v4.10; CSA has completed Common Criteria at an EAL 2+ level, and is a trusted option for governments and industries who have stringent security requirements for protecting and securing data. The product provides an environment that can be used by cloud service provider personnel to design templates for demanded services, and by their consumers to automatically broker the provisioning of these services among available resources. HPE’s active participation in the Common Criteria evaluation process emphasizes their dedication to providing clients with a proven and trusted product. You can learn more about the validation of CSA here.
Cloud based services are not only one of the fastest growing industries but also alleviate hardware and resource constrains across organizations. As the cloud is more heavily utilized, protection and security must also evolve to meet these new platforms for technology. Corsec’s demonstrated expertise in the cloud domain ensures companies like HPE have a shortened go to market cycle. Corsec has been working with companies to help secure cloud based solutions under various security certifications.
About Common Criteria
Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 25 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU. The U.S. government mandates common Criteria certification of security products for federal purchases. The National Information Assurance Acquisition Policy, NSTISSP No. 11, requires agencies to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.
About HPE’s CSA
HPE’s CSA is a software-only solution designed to help cloud service providers by automating their ability to broker cloud services to their customers. HPE CSA integrates and leverages the strengths of several HPE datacenter management and automation products, adding resource management, service offering design, and a customer portal to create a comprehensive service automation solution.
Review the larger list of the clients we have helped navigate the process of security certifications.
There is still time to prepare for the 2016 Fed buying cycle: Talk to our experts today to plan and develop a path forward for your product.