Citrix apps on Common criteria path

Two application delivery products from Citrix Systems have been accepted for Common Criteria Certification, a leading international security standard accepted by governments worldwide.

Common Criteria are a set of functional and assurance security requirements developed to provide a common international evaluation baseline for information technology products and systems. The Defense Department, international government entities and many global corporations require Common Criteria certification to ensure IT products have been independently verified to meet their security claims.

The Citrix products up for consideration include Citrix NetScaler, a Web application delivery system that integrates application acceleration, security and high-availability capabilities; and Citrix Access Gateway Enterprise Edition, the company's Secure Sockets Layer virtual private network solution for secure application access. Both products have been accepted for strict, independent evaluation for Common Criteria Certification Evaluation Assurance Level 2 (EAL2) verification from the certification body of the U.K. Information Technology Security Evaluation and Certification Scheme.

The Communications-Electronics Security Group will independently evaluate Citrix NetScaler and Access Gateway Enterprise Edition. Citrix expects to receive examination results by the end of the year.

If the products earn certification, users can be assured that Web applications delivered and protected by Citrix application networking solutions meet strict government requirements ' including the policies and recommendations of DOD Wireless Directive 8100 and Instruction 8500.2; Office of Management and Budget Memorandum M-04-04 (E-authentication Guidance for Federal Agencies), and National Institute of Standards and Technology Special Publication 800-63 (Electronic Authentication Guidance) ' for features such as security functionality, identity management and the handling of vulnerabilities, Citrix officials said.

Citrix Presentation Server 4.5, the company's flagship Windows application delivery system, received EAL-2 certification in July, while Citrix Password Manager, a single sign-on product, earned EAL-2 certification in August.

About the Author

Rutrell Yasin is is a freelance technology writer for GCN.


  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.