Novell IntranetWare, YES Tested Products Granted Class C2 Rating by National Computer
Security Center
Novell Provides Customers with the First and Only Class C2 Certified Network and
Network Architecture; YES Program Provides Security Certification for Novell Partner
Products
BALTIMORE, MD -- October 7, 1997 -- The National Computer Security Center
(NCSC) announced today that Novell NetWare 4.11, the server operating system included in IntranetWare,
has certified as Class C2 Red Book compliant and is now approved for use in government branches and
agencies requiring secure network solutions. Included in the certification is a component of Novell's YES
Program, which certifies partners' products as Class C2 certified when deployed as part of IntranetWare
networks. The announcement was made at the 20th National Information Systems Security Conference in
Baltimore, MD.
"With this certification, Novell delivers to both private sector and government customers the only Class C2
approved, off-the-shelf client/server solution," said Mike McLaughlin, Novell vice president of major
markets. "Organizations such as the IRS, branches of the military, the Federal Reserve, most United States
intelligence agencies, and a number of commercial organizations all require the use of Class C2 certified
products. We look forward to helping the government continue its network evolution, together with our
partners, by providing the functionality, security, and reliability customers have come to expect from
Novell."
"Quality security is needed in the commercial products used in the information infrastructure. The Trusted
Product Evaluation Program is an example of government and industry partnership to fulfill that need,"
said Stephen Barnett, Deputy Director of the National Computer Security Center.
"The Novell evaluation is a milestone in the Trusted Product Evaluation Program (TPEP)," Barnett
continued. "While Product Evaluations to the C2 Level of Trust have provided assurance to our customers
for many years, this evaluation demonstrates the first application of the Orange Book principles taken
together with those of the Trusted Network Interpretation (TNI) Red Book in order to evaluate a client
server component system architecture. The system is defined by a Network Security Architecture
Document (NSAD) and allows for components to be replaced or added without further need to evaluate the
composite system as long as each new component has been evaluated individually and found to meet the C2
requirements of the NSAD."
"The certificates awarded to the Novell NetWare server, release 4.11, the Cordant Assure EC Workstation,
release 4.11, and Novell NetWare 4 network system are a recognition of a very significant achievement in
the availability of evaluated commercial products," Barnett concluded. "We are pleased to add these
products to our Evaluated Products List and congratulate Novell and Cordant for their
accomplishment."
Other products have received lesser Class C2 Orange Book certification, which does not include
networking components or file sharing capabilities. However, NetWare is the only network system to
achieve Class C2 Red Book certification for an entire network solution from client to the server and all the
pieces between while offering customers a choice of brand name hardware components.
"The achievement of Class C2 certification is the fulfillment of Novell's commitment to open security
architecture," said Dr. Roger Schell, Development Manager, Novell Network Security Products. "From the
outset, it was not enough for us to achieve a limited certification. Our focus has always been on a fully
secure environment for our network architecture, which includes current and future versions of
IntranetWare and our partners' connections to the network as tested and certified through Novell's YES
Program."
Novell chose several IBM PC products as the hardware platforms on which the Class C2 certification
testing of NetWare was performed.
"As a result of our efforts with Novell and after having completed the YES Program Enhanced Security
Server test, IBM's desktop and PC server systems are the first to receive the Class C2 security rating," said
Trey Smith, chief technology officer, IBM PC Company. "Network security is an increasingly critical
issue, and IBM shares Novell's commitment to providing customers with a secure networking
environment."
As part of Novell Labs' testing procedures, the YES Program ensures full compatibility with Novell
networks. All current and future Novell partners who meet the YES Program's Enhanced Security Server
testing requirements by passing the evaluated version of the YES server certification tests are also included
in the Cass C2 evaluated configuration with NetWare. This saves partners time and money by eliminating
the need for separate Class C2 evaluations. More than 75 companies have file servers that are currently
YES tested and approved for full compatibility with NetWare 4.11 and IntranetWare and meet Class C2
certification standards. For a list of products completing YES Program requirements, go to
http://developer.novell.com/prodcert/.
Founded in 1983, Novell (NASDAQ: NOVL) is the world's leading provider of network software. The
company offers a wide range of network solutions for distributed networks, Internet/intranet and small-
business markets, as well as groupware and management solutions and the network computing industry's
most comprehensive education and technical support programs. Information about Novell and its complete
range of products and services can be accessed on the World Wide Web at
http://www.novell.com.
Novell and NetWare are registered trademarks and IntranetWare is a trademark of Novell, Inc. All other
registered trademarks and trademarks are the property of their respective holders.
Press Contacts:
Novell Technical Services
Mark J. Carpenter
Phone: 801-861-5513
Internet: majcarpenter@novell.com
Novell Platform Services Group
Jason Werner
Phone: 801-861-4009
Internet: jwerner@novell.com
|