Security Advisories are the official notification of security-related vulnerabilities and issues impacting VMware products. Security Advisories outline complete information on how to protect impacted systems. Each advisory contains a detailed description of the security vulnerability, affected systems, threat severity, risk mitigation techniques for fixing the vulnerability and securing the system.
Security Certifications & Validations
Common Criteria Evaluation & Validation (CCEVS)
- VMware vShield v5.0 is undergoing Common Criteria Certificationat EAL4+ In-Evaluation.
- VMware ESXi v5.0 and VMware vCenter v5.0 is undergoing Common Criteria Certificationat EAL4+ In-Evaluation.
-
VMware ESX 4.1,
ESXi 4.1
and vCenter Server 4.1have achieved
Evaluation Assurance Level 4+ (EAL4+) certification in December 2010.
ESX and vCenter Server:
View Maintenance Report
ESXi and vCenter Server:
View Maintenance Report
-
VMware ESX 4.0, ESXi 4.0 and vCenter Server 4.0 have achieved
Evaluation Assurance Level 4+ (EAL4+) certification in October 2010.
ESX and vCenter Server:
View certificate
View completion letter
View certification listing
ESXi and vCenter Server:
View certificate
View completion letter
View certification listing -
VMware ESX Server 3.5 and VMware vCenter 2.5 have both achieved
Evaluation Assurance Level 4+ (EAL4+) certification in February 2010.
View certificate
View completion letter -
VMware ESX Server 3.0 and VMware VirtualCenter 2.0 have both achieved
Evaluation Assurance Level 4+ (EAL4+) certification in May 2008.
View EAL4+ Validation for VMware ESX 3.0 and VMware VirtualCenter -
VMware ESX Server 2.5 and VMware VirtualCenter 1.2 have both achieved
Evaluation Assurance Level 2 (EAL2) certification in March 2006.
View EAL2 Validation for VMware ESX Server 2.5 and VMware VirtualCenter 1.2
Federal Information Processing Standards (FIPS)
- PCoIP Display Protocol for VMware View™: VMware received FIPS-140-2 certification for the "PCoIP Cryptographic Module for VMware View" (December 2011).
-
FIPS 140-2: VMware ACE files are encrypted with the AES 128-bit algorithm. VMware has received approval from the US Department of Commerce to export VMware ACE internationally. FIPS 140-2 compliance testing has been completed and final certification is currently in-process.
The PCoIP display protocol with VMware View™ 5.0 provides end users with secure access to virtual desktops, dramatic improvements in user experience and bandwidth optimization across the LAN and WAN for demanding environments.
National Institute of Standards and Technology (NIST) certificate #1644
Security Policy
