Microsoft Windows 7, Windows Server 2008 R2 and SQL Server 2008 SP2 32 & 64 bit Enterprise Edition (English) have completed the Common Criteria (CC) certification process and achieved Evaluation Assurance Level 4 with augmentation (EAL4+), announced Microsoft.
Windows 7 and WS 2008 R2 were certified on March 24, 2011. SQL Server 2008 SP2 was certified on February 11, 2011.
“In order to become certified, all three products had to go through a series of rigorous security testing protocols set forth by the Common Criteria Recognition Arrangement (CCRA). The targets of these evaluations support a rich set of real-world features, roles, and scenarios for customers in the international government, military, and intelligence communities.”
“The evaluation of Windows 7 and WS 2008 R2 was conducted by SAIC as the CC Test Laboratory (CCTL) and the U.S. Department of Defense (DOD) National Security Agency (NSA) National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS). Windows 7 and WS 2008 R2 CC Evaluation and Validation Scheme Validation Report and Security Target are available for download. Windows 7 and WS 2008 R2 were found to be compliant with the “US Government Protection Profile for General-Purpose Operating Systems in a Networked Environment (GPOSPP), version 1.0, 30 August 2010″,” stated Microsoft.
“The evaluation of Microsoft SQL Server 2008 SP2 was conducted by T-ViT as the CCTL and the Bundesamt f’r Sicherheit in der Informationstechnik (BSI), the security certifying department of the German government. SQL Server 2008 SP2 was found to be compliant with the “U.S. Government Protection Profile for Database Management Systems in Basic Robustness Environments, V1.2, July 25, 2007″.” These results are posted on the BSI website as a new certificate,” Microsoft noted.
[source: Bright Sight of Governing bog]