Splunk Enterprise 6.4 release shows some .conf.spec files (eg. server.conf, authentication.conf ...) that has references to Common Criteria mode for some of the attributes.
Is Splunk 6.4 NIAP certified yet and supported?
Splunk has submitted Splunk Enterprise 6.4.0 for Common Criteria evaluation.
Until we are common criteria certified we do not recommend nor support configuring Splunk Enterprise in common criteria mode.
This can also be referenced in the Splunk documentation: About securing Splunk Enterprise
I am happy to say that the Splunk Enterprise 6.4.5 evaluation has been posted on NIAP’s Product Compliant List (PCL).
The posting can be found at the following URL:
https://www.niap-ccevs.org/Product/Compliant.cfm?pid=10807
When we are officially accepted by NIAP to start the CC certification evaluation, it will be posted to the NIAP website: https://www.niap-ccevs.org/Product/PINE.cfm
Has there been any progress for the CC certification since then
How CC certification evaluation goes? Has Splunk Enterprise 6.4.0 got the certification?
It's gone away from NIAP website
We have submitted to NIAP and are awaiting their response. Once accepted we will schedule the testing.
Splunk has submitted Splunk Enterprise 6.4.0 for Common Criteria evaluation.
Until we are common criteria certified we do not recommend nor support configuring Splunk Enterprise in common criteria mode.
This can also be referenced in the Splunk documentation: About securing Splunk Enterprise
Is the Protection Profile report available?