Win 2000 gets Level 4 Common Criteria OK

Win 2000 gets Common Criteria OK

Microsoft Windows 2000 Server and desktop operating systems today received a Level 4 Common Criteria certification from the National Security Agency. The designation, recognized by 15 countries, took three years of evaluation and cost Microsoft "many, many millions of dollars," chief technology officer Craig Mundie said. "It is a Herculean task to put a product of the complexity of Windows through the process."

Windows XP and .Net Server products also will undergo Common Criteria evaluation, Mundie said at the Federal Information Assurance Conference at the University of Maryland. The evaluations are carried out by third-party commercial laboratories, and certified products receive preference in U.S. government purchases.

"There is a movement, accelerated in the post-Sept. 11 environment, where government procurements may require evaluated products for a significant class of systems," Mundie said. "We think this will expand the range of applications to which Windows 2000 can apply."

The certification covers Win 2000 components in addition to the OS kernel. They include Active Directory, virtual private networking capability, the encrypted file system, the network and desktop management mechanisms, and the flaw remediation process.

Mundie said Win 2000 shares some features with Win XP and .Net Server, which will speed up their Common Criteria evaluations.

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • Pushing cybersecurity for counties

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group