Security

In Splunk 6.4, I noticed server.conf.spec has reference to Common Criteria mode. Does Splunk support that yet?

Ellen
Splunk Employee
Splunk Employee

Splunk Enterprise 6.4 release shows some .conf.spec files (eg. server.conf, authentication.conf ...) that has references to Common Criteria mode for some of the attributes.

Is Splunk 6.4 NIAP certified yet and supported?

1 Solution

Ellen
Splunk Employee
Splunk Employee

Splunk has submitted Splunk Enterprise 6.4.0 for Common Criteria evaluation.

Until we are common criteria certified we do not recommend nor support configuring Splunk Enterprise in common criteria mode.

This can also be referenced in the Splunk documentation: About securing Splunk Enterprise

View solution in original post

tchimento_splun
Splunk Employee
Splunk Employee

I am happy to say that the Splunk Enterprise 6.4.5 evaluation has been posted on NIAP’s Product Compliant List (PCL).

The posting can be found at the following URL:
https://www.niap-ccevs.org/Product/Compliant.cfm?pid=10807

0 Karma

tchimento_splun
Splunk Employee
Splunk Employee

When we are officially accepted by NIAP to start the CC certification evaluation, it will be posted to the NIAP website: https://www.niap-ccevs.org/Product/PINE.cfm

dchoi_splunk
Splunk Employee
Splunk Employee

Has there been any progress for the CC certification since then

0 Karma

dchoi_splunk
Splunk Employee
Splunk Employee

How CC certification evaluation goes? Has Splunk Enterprise 6.4.0 got the certification?
It's gone away from NIAP website

0 Karma

tchimento_splun
Splunk Employee
Splunk Employee

We have submitted to NIAP and are awaiting their response. Once accepted we will schedule the testing.

0 Karma

Ellen
Splunk Employee
Splunk Employee

Splunk has submitted Splunk Enterprise 6.4.0 for Common Criteria evaluation.

Until we are common criteria certified we do not recommend nor support configuring Splunk Enterprise in common criteria mode.

This can also be referenced in the Splunk documentation: About securing Splunk Enterprise

doksu
SplunkTrust
SplunkTrust

Is the Protection Profile report available?

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...