Common Criteria (CC)

Common Criteria (CC) is an international standard (ISO/IEC 15408) for evaluating the security of IT products and systems. It provides a framework for specifying security requirements, evaluating security functions, and certifying products to ensure they meet specified security standards.  CC is widely used for security certification of software, hardware, and systems in government, military, and enterprise environments.

In North America, the CC governing body NIAP uses Protection Profiles (PPs) to test functionalities such as firewalls (FW), Virtual Private Networks (VPN), and network devices using Network Device Protection Profile (NDPP). However, other regions, such as Europe, use the EAL numeric rating system from EAL1 to EAL7. Note that the EAL rating of 1 (EAL1) is automatically assigned to each North American certified solution despite its associated PPs such as FW, VPN, or NDPP.

Status Options

In Evaluation: Products undergoing security evaluation by a NIAP-approved laboratory. 

Evaluated: Products that have completed the security evaluation process but may not yet be certified. 

Certified: Products that have successfully passed the security evaluation and meet the specified requirements, resulting in a valid certificate. 

Reviewed: Certifications are reviewed periodically, typically after 2 years, to ensure they still conform to the current assurance maintenance policy. 

Archived: Records of certifications are kept by the CC portal for archived certifications.

Status by Product

Hardware

Software

Status

Date

Review

Next-Generation Firewall 

(all TZ, NSa, NSsp, and NSv Appliances)[1]


7.0.1


Certified


01/08/2025


12/14/2026

Secure Mobile Access (SMA) 7210, 6210, & 8200v

12.4.3

Certified

08/14/2024

08/14/2026

[1] Certified PPs = NDcPP + IPS MOD + FW +VPNGW

Useful Links

Governing Body: NIAP (https://www.niap-ccevs.org/)

Certified SonicWall Solutionshttps://www.niap-ccevs.org/products