Corsec would like to congratulate our partner, HP Enterprise on successfully completing the Common Criteria certification process for the HPE Asset Manager v9.50 with Connect-It v9.60 build #12154 (AM) and 010 (CIT). The certification was completed at an Evaluation Assurance Level (EAL) 2+ and underscores HPE’s commitment to providing secure and third-party validated products to Federal organizations and global enterprises.
We are pleased and excited to have worked with the HPE team through this process over the past year. The Spanish scheme has issued the certificate on their website and it is available for public viewing.
About Common Criteria
Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 25 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU. The U.S. government mandates Common Criteria certification of security products for federal purchases. The National Information Assurance Acquisition Policy, NSTISSP No. 11, requires agencies to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.
About HPE Asset Manager
AM provides organizations with visibility into their current IT hardware and software inventories, as well as non-IT assets such as office supplies, machines, and tools. AM provides insights into the current status of assets, such as contracts, licensing obligations, and when software is overdeployed for an environment.