Solaris Common Criteria Certification
Maintenance Addendum for Solaris 10 5/09Solaris 10 5/09 has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Solaris 10 11/06. The modifications made in Solaris 10 5/09 have been reviewed to ensure that their application does not introduce new security vulnerabilities and that the changes are consistent with the original certified Target of Evaluation (TOE).
To order Solaris 10 5/09 software, request the following media kit:
Maintenance Addendum for Solaris 10 5/08 with Trusted ExtensionsSolaris 10 5/08 with Trusted Extensions has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Solaris 10 11/06 with Trusted Extensions. The modifications made in Solaris 10 5/08 with Trusted Extensions have been reviewed to ensure that their application does not introduce new security vulnerabilities, and that the changes are consistent with the original certified Target of Evaluation (TOE).
To order Solaris 10 5/08 which includes the Solaris Trusted Extensions software, request the following media kit:
Maintenance Addendum for Solaris 10 5/08Solaris 10 5/08 has been certified using the Assurance Continuity process based on the certificate received for the evaluation of Solaris 10 11/06. The modifications made in Solaris 10 5/08 have been reviewed to ensure that their application does not introduce new security vulnerabilities and that the changes are consistent with the original certified Target of Evaluation (TOE).
To order Solaris 10 5/08 software, request the following media kit:
Solaris 10 11/06 with Trusted Extensions - Extends Solaris OS securityA Common Criteria Certificate was awarded to Sun Microsystems on June 11, 2008 by the Canadian Common Criteria Evaluation and Certification Scheme. Solaris 10 11/06 with Trusted Extensions is an extension to the proven Solaris 10 security model. It utilizes User and Process Rights Management, Solaris Containers, file systems, and networking and doesn't require a new or separate kernel. Best of all, it doesn't require ISVs to requalify their applications to run them with sensitivity labels. Because it's an extension to the Solaris 10 OS's security policy, Solaris 10 11/06 with Trusted Extensions technology is flexible and quick to deploy: You can add new applications, new users, and more, very quickly, without extensive analysis of each application — and without the need to write complex, error-prone security policies that require a system reboot. Security Features in the Evaluated Configuration include:
Solaris 10 11/06 with Trusted Extensions has being been certified on:
The Solaris 10 11/06 with Trusted Extensions Certified software consists of the Operating Environment and a subset of patches which have been reviewed to ensure that their application introduces no new security vulnerabilities.
To order Solaris 10 11/06 Trusted Extensions software, request the following media kit:
Solaris 10 11/06 Operating EnvironmentA Common Criteria Certificate was awarded to Sun Microsystems on November 6, 2007 by the Canadian Common Criteria Evaluation and Certification Scheme. The Solaris 10 11/06 operating system is conformant with the Controlled Access Protection Profile (CAPP), Version 1.d, October 8, 1999 and with the Role Based Access Control Protection Profile (RBACPP), Version 1.0, July 30, 1998 and is certified for use on SPARC and AMD/Intel based platforms. Solaris 10 11/06 Security Features in the Evaluated Configuration include:
The Solaris 10 11/06 Certified software consists of the Solaris 10 11/06 Operating Environment and a subset of Solaris 10 patches which have been reviewed to ensure that their application introduces no new security vulnerabilities.
To order Solaris 10 11/06 software, request the following media kit:
Solaris 10 03/05 Operating EnvironmentThe Solaris 10 03/05 operating system is conformant with the Controlled Access Protection Profile (CAPP), Version 1.d, October 8, 1999 and with the Role Based Access Control Protection Profile (RBACPP), Version 1.0, July 30, 1998 and is certified for use on SPARC and AMD based platforms. The Solaris 10 03/05 Certified software consists of the Solaris 10 03/05 Operating Environment and a subset of Solaris 10 patches which have been reviewed to ensure that their application introduces no new security vulnerabilities.
To order Solaris 10 03/05 software, request the following media kit:
Solaris 9 08/03 Operating EnvironmentSolaris 9 8/03 has been certified under the Common Criteria at EAL4+ under the Controlled Access Protection Profile and Role Based Access Control Protection Profile for use with Ultra II, Ultra III and Sun Fire servers. The Solaris 9 8/03 Certified software consists of Solaris 9 8/03 Operating Environment (SPARC Platform Edition), and the subset of Solaris 9 patches which have been reviewed to ensure that their application introduces no new security vulnerabilities.
To order Solaris 9 8/03 software, request one of the following media kits:
Trusted Solaris 8 4/01 Operating EnvironmentTrusted Solaris 8 4/01 is a highly configurable, multilevel trusted operating environment based on Sun's Solaris 8 4/01 operating environment. It meets and exceeds the specific security requirements of the Labeled Security, Role-based Access Control, and Controlled Access protection profiles of the Common Criteria. Features include:
The TOE was certified to EAL4 in June 2002. The ALC_FLR.3 augmentation was certified in March 2004. Assurance has now been maintained using the Common Criteria Assurance Continuity process to fully cover version 8 2/04; see the Maintenance Report and updated Security Target for details. You can find further information on certification of the Trusted Solaris 8 4/01 Operating Environment on the UK Information Technology Security Evaluation and Certification Scheme Web site.
To order Trusted Solaris 8 4/01 software, please visit the product website. Supported HardwareSolaris 10 11/06 Operating Environment has been certified on:
Solaris 10 03/05 Operating Environment has been certified on:
Solaris 9 8/03 Operating Environment has been certified on:
Trusted Solaris 8 4/01 Operating Environment has been certified on:
Certification Irrelevant PatchesA certification irrelevant patch is one which does not affect the Common Criteria (CC) certification. A customer can request that a specific patch be reviewed by Sun's Certification Team (click on the "contact us" link under More Information or contact your Sales representative). The determination of the "irrelevant" status of a patch is a Sun-internal process and does not involve the Certification Body. If a patch is found to be certification irrelevant, the patch ID, revision number, and description will be added to the list of approved Certification Irrelevant Patches, which is shown below. The patch can then be applied directly from the SunSolve patch database, and it will not compromise the CC certification of the system. The certification irrelevant patches are not included in the Assurance Continuity (Solaris 9 and newer) or the Certificate Maintenance Scheme (Solaris 8) patch sets, and must be downloaded from the SunSolve database. Later revisions of the certification irrelevant patch must be reviewed before it can be applied to a secure system. Solaris 10 11/06 Certification Irrelevant Patch List
Solaris 10 3/05 Certification Irrelevant Patch List
Solaris 9 08/03 Certification Irrelevant Patch List
Solaris 8 02/02 Certification Irrelevant Patch List
More InformationFor more information on Common Criteria Certifications at Sun Microsystems, contact us. |
| ||
 | |
