VMware vSphere 4.0 Earns Common Criteria EAL4+ Certification

Industry’s most-widely deployed virtualization solution achieves highest-level security certification

PALO ALTO, Calif., October 28, 2010 – VMware, Inc. (NYSE: VMW), the global leader in virtualization and cloud infrastructure, today announced that VMware vSphere™ 4.0 and VMware vCenter™ Server 4.0 achieved Common Criteria certification at Evaluation Assurance Level 4 (EAL4+) under the Common Criteria Evaluation and Certification Scheme (CCS). Common Criteria is an international set of guidelines (ISO 15408) that provides a common framework for evaluating security features and capabilities of Information Technology (IT) security products, and EAL4+ is the highest assurance level that is recognized globally by all signatories under the Common Criteria Recognition Agreement (CCRA).

“VMware is committed to serving our U.S. federal government customers’ unique requirements by delivering peace of mind to organizations leveraging virtualization as the  foundation for cloud computing, or as the key enabler for server or data center consolidation, telework and Continuity of Operations (COOP) initiatives,” said Aileen Black, vice president public sector, VMware.

As virtualization occupies an increasingly central position within the U.S. federal government’s IT strategy as the cornerstone of modern infrastructures and the foundation for cloud computing, VMware vSphere enables organizations to achieve the benefits of cloud computing while maintaining the security, control and efficiency they require. Achieving EAL4+ certification marks the completion of an intensive effort during which VMware vSphere 4.0 and VMware vCenter Server 4.0 were examined, tested and certified at EAL4+, validating that VMware vSphere is one of the most proven, trusted platforms for modern IT infrastructure.

“VMware has demonstrated a strategic, long-term commitment to the quality of its product development and quality assurance processes,” said Erin Connor, lab director at EWA-Canada. “VMware continues to set the standard for virtualization, and its rigorous efforts ensure that customers can have confidence in the performance and security of their most demanding, mission-critical applications.”

To facilitate the prompt completion of the Common Criteria certification, VMware worked with Corsec Security, Inc., a consulting firm with more than 10 years of validation experience.

"Corsec is delighted to have been able to work with VMware on their latest EAL4+ Common Criteria evaluation," said John Morris, president of Corsec. "This evaluation demonstrates VMware’s consistent commitment to providing its customers proven security products with industry-leading levels of information assurance".

VMware completed the first Common Criteria certification for a virtualization product on x86 hardware in March 2006 with the Common Criteria certification of VMware ESX® Server 2.5 and VMware VirtualCenter 1.2. To date, VMware ESX 3.5, VMware VirtualCenter 2.5, VMware Infrastructure 3, VMware ESX Server 3.0.2 and VMware VirtualCenter™ 2.0.2 have also earned certification at EAL4+ level. VMware most recently entered vSphere 4.1 into evaluation for certification at EAL4+.

For more information on VMware’s Common Criteria EAL4+ Certification visit: www.vmware.com/security/certifications

About Corsec Security, Inc.

Corsec Security, Inc. specializes in helping companies navigate through the complex process of receiving FIPS 140 and Common Criteria (CC) certifications. Corsec's consulting, document creation, and project management services deliver unmatched expertise in achieving government validation efforts at a firm, fixed price. Corsec partners with companies around the world to achieve local and international certification and to add security functionality to a wide range of products. Corsec minimizes the time, effort and money a vendor needs to invest in validation while ultimately maximizing the return on that investment. For further information, please visit www.corsec.com.

About EWA-Canada

EWA-Canada is a premier provider of advanced security services, having established itself as a vendor-neutral, independent centre of excellence in professional IT Security Services, Critical Infrastructure Protection, and testing of products in its IT Security Evaluation and Test Lab. EWA-Canada's solutions, experience and expertise is benefiting businesses in over 25 countries world-wide.  EWA-Canada's Lab is recognized as a world leader for its comprehensive experience with Common Criteria (ISO/IEC 15408) evaluations, conformance testing to FIPS 140 and related cryptographic standards, Security Content Automation Protocol (SCAP) validation testing, and certification of point-of-sale devices and PIN Pads to Payment Card Industry and Interac® Association standards.  EWA-Canada enables companies to efficiently and cost-effectively manage the evaluation and testing process and to ensure their products meet important certification requirements.  Please visit us at www.ewa-canada.com.

About VMware

VMware delivers virtualization and cloud infrastructure solutions that enable IT organizations to energize businesses of all sizes.  With the industry leading virtualization platform – VMware vSphere™ – customers rely on VMware to reduce capital and operating expenses, improve agility, ensure business continuity, strengthen security and go green. With 2009 revenues of $2.9 billion, more than 190,000 customers and 25,000 partners, VMware is the leader in virtualization which consistently ranks as a top priority among CIOs. VMware is headquartered in Silicon Valley with offices throughout the world and can be found online at www.vmware.com

# # #
 

VMware, VMware vSphere, ESX and VMware vCenter are registered trademarks and/or trademarks of VMware, Inc. in the United States and/or other jurisdictions. The use of the word “partner” or “partnership” does not imply a legal partnership relationship between VMware and any other company. All other marks and names mentioned herein may be trademarks of their respective companies.

Forward-Looking Statements

This press release contains forward-looking statements including, among other things, expectations for the role of virtualization in cloud computing infrastructures and in the U.S. federal government’s IT strategy.  These forward-looking statements are subject to the safe harbor provisions created by the Private Securities Litigation Reform Act of 1995. Actual results could differ materially from those projected in the forward-looking statements as a result of certain risk factors, including but not limited to: (i) continuing uncertainty and adverse changes  in general economic or market conditions; (ii) delays or reductions in information technology spending; (iii) competitive factors, including but not limited to pricing pressures, industry consolidation, entry of new competitors into the virtualization and cloud computing markets, and new product and marketing initiatives by our competitors;  (iv) our customers’ ability to develop, and to transition to, new products and computing strategies such as cloud computing; (v) the uncertainty of customer acceptance of emerging technology; (vi) rapid technological and market changes in virtualization software and platforms for cloud and desktop computing; (vii) changes to product development timelines; (viii) our ability to protect our proprietary technology; and (ix) our ability to attract and retain highly qualified employees.  These forward looking statements are based on current expectations and are subject to uncertainties and changes in condition, significance, value and effect as well as other risks detailed in documents filed with the Securities and Exchange Commission, including our most recent reports on Form 10-K and Form 10-Q and current reports on Form 8-K that we may file from time to time, which could cause actual results to vary from expectations. VMware assumes no obligation to, and does not currently intend to, update any such forward-looking statements after the date of this release.