Citrix has made an announcement that it has reached an achievement of Common Criteria certification for Citrix XenApp and XenDesktop 7.6. This validates the ability to provide secure access to virtual Windows applications and desktops to workers on any device and any location. With this certification, Citrix offers the industry’s only end-to-end application and desktop delivery solution that meets Common Criteria evaluation standards including strict security requirements of many enterprises and government agencies, including the US Department of Defense.
Common Criteria is an internationally recognized set of guidelines (ISO 15408) which define a common framework for evaluating security features and capabilities of Information Technology (IT) security products.
Common Criteria certification provides government agencies and Global 1000 corporations with the assurance that they are utilizing secure and reliable solutions that have been evaluated against the industry’s highest standards. In order to become certified, XenApp and XenDesktop products were put through a series of security tests and were evaluated based on real-world scenarios for customers in Government, Military and Intelligence communities. With this certification, customers can be assured the evaluation has been performed to high standards, allowing them to deploy these Citrix products with confidence.
Tom Simmons, Area vice president – US Public Sector at Citrix says that “With the certification of XenApp and XenDesktop, Citrix is now the only vendor to offer an end-to-end application and desktop delivery solution that is Common Criteria certified. This milestone provides our customers in the Federal space with the flexibility to design a Software-Defined Workplace with the assurance of having a fully compliant, fully secure solution that mobilizes their workforce, without compromising user experience or productivity.”
FIPS 140-2 Compliance
With XenApp and XenDesktop 7.6, Citrix continues as the only end-to-end app and desktop delivery solution available that meets Common Criteria Certification, and native FIPS 140-2 compliance. Government agencies and enterprise companies require strict adherence to high encryption standards such as FIPS 140-2. XenApp and XenDesktop 7.6 introduced native FIPS 140-2 compliance of Citrix’s award-winning HDX protocol to provide the highest level of data access security in virtual environments. This ensures all user connections to virtualized Windows apps and desktops are encrypted using NIST mandated FIPS 140-2 validated modules. Additionally, Citrix NetScaler can be integrated into the solution to provide FIPS 140-2 Level 2 compliance, providing an even higher level of information assurance with a hardened appliance.
Further information can be found in the Citrix FIPS 140-2 vendor guidance report, which provides an overview of FIPS 140-2 compliant deployment models for XenApp and XenDesktop designed to meet the needs of Government and Military organizations.