CA Technologies Mainframe Security Management Products Meet Rigorous Requirements of Internationally Recognized Security Standards

CA Top Secret® for z/OS and CA ACF2™for z/OS Earn Common Criteria Certification

ISLANDIA, N.Y., – CA Technologies (NASDAQ: CA) today announced that its Mainframe Security Management products have met the rigorous requirements of Common Criteria, an independent security certification recognized by governments in more than 26 countries, including the United States.

CA ACF2™ r14 SP1 for z/OS and CA Top Secret® r14 SP1 for z/OS received Common Criteria Evaluation Assurance Level 4+ from the National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS). The CCEVS certification standards address product functionality, development environment, documentation and product testing.

“Our customers, particularly government organizations, need to have confidence that our access control products meet the highest published security standards,” said Dayton Semerjian, general manager, Mainframe at CA Technologies. “By participating in the CCEVS evaluation and meeting its rigorous criteria, we are responding to this important requirement.”

Certification is granted when a Common Criteria testing laboratory determines that a product meets a defined measure of security.

Both evaluations were done in Booz Allen Hamilton’s Common Criteria Testing Laboratory (CCTL). The Booz Allen Hamilton lab is one of only nine U.S.-based CCTLs approved by NIAP and meets the Common Criteria Evaluation and Validation Scheme. The Booz Allen CCTL conducts IT security evaluations for conformance to the Common Criteria for Information Technology Security Evaluation, International Standard ISO/IEC 18045:2005.



CA ACF2 and CA Top Secret provide comprehensive access control for IBM® z/OS® resources across operating systems, subsystems, third-party software and databases, which includes externalized security controls for UNIX® System Services (USS) as well as CICS® DB2®, and IMS™ transaction and database management subsystems. Both CA ACF2 and CA Top Secret enable customers to monitor and adjust their security policies, accommodating virtually all organizational structures.

Recent CA Technologies Common Criteria evaluations include CA Federation Manager r12 SP1 deployed on CA SiteMinder* and CA Identity Manager r12.5.

*Formerly named: CA SiteMinder Federation Security Services r12 SP1.

About Common Criteria

The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) established the National Information Assurance Partnership (NIAP) to evaluate IT product conformance to the Common Criteria for Information Technology Security Evaluation, an international standard. The program, officially known as the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) is a partnership between the public and private sectors to help organizations select commercial off-the-shelf information technology (IT) products that meet their security requirements and to help manufacturers of those products gain acceptance in the global marketplace. Twenty-six countries now recognize the Common Criteria as third-party evaluation criteria for IT security procedures.

About CA Technologies

CA Technologies (NASDAQ: CA) is an IT management software and solutions company with expertise across all IT environments – from mainframe and distributed, to virtual and cloud. CA Technologies manages and secures IT environments and enables customers to deliver more flexible IT services. CA Technologies innovative products and services provide the insight and control essential for IT organizations to power business agility. The majority of the Global Fortune 500 relies on CA Technologies to manage evolving IT ecosystems. For additional information, visit CA Technologies at www.ca.com.