Appendix B: Security : VMware Security Certifications
VMware Security Certifications
Third-party certifications such as Common Criteria (CC), Federal Information Processing Standards (FIPS), and the National Institute of Standards and Technology (NIST) Security Content Automation Protocol (SCAP) provide independent validation of the security of VMware products.
The Common Criteria (CC) certification is an industry recognized standard for computer security certification, which provides a set of requirements used to evaluate and certify the security of a system.
Federal Information Processing Standards (FIPS) is a standard for U.S. Government computer systems used by all nonmilitary agencies. The Federal Information Processing Standards (FIPS) 140 series specifies hardware and software requirements for cryptographic modules.
The Security Content Automation Protocol (SCAP) certification determines the ability of a product to implement the Security Content Automation Protocol for configuration and vulnerability scanning and remediation.
Organizations across a variety of verticals either require or recommend the use of products adhering to validation under Common Criteria (CC), Federal Information Processing Standards (FIPS) and SCAP.
For the latest information on the state of VMware security certifications, go to