Customers Rely on NetApp for the Highest Level of Excellence in Secure Solutions for their Missions

NetApp Data ONTAP 8.0 Earns Internationally Recognized Common Criteria Certification to Meet Stringent Government Standards

SUNNYVALE, Calif. - March 5, 2012 - NetApp (NASDAQ: NTAP) this week announced that NetApp Data ONTAP® 8.0.0 operating in 7-Mode and Data ONTAP® 8.0.1 operating in 7-Mode have completed evaluation for an EAL2+ certification under the Communications Security Establishment Canada's (CSEC) Common Criteria Evaluation and Certification Scheme (CCS). Government and commercial customers alike receive the best possible security solutions from NetApp as the company continues to commit to achieving the highest caliber in IT government security validations.

As the first storage vendor to meet Common Criteria Certification standards in 2005, NetApp set the bar for excellence in security features across the storage industry. Today's Data ONTAP EAL2+ certification is evidence of NetApp's continued commitment to help customers run their missions better, more cost effectively and securely.

"We are proud to be able to successfully continue to invest in securing our customers against attacks on their valuable data," said Mark Weber, president and general manager of the U.S. Public Sector, NetApp. "It is that commitment to our customers that makes NetApp one of the best storage vendor to do business with in the U.S. Public Sector and in the world."

In order to facilitate the prompt completion of the Common Criteria certification, NetApp partnered with Corsec Security, Inc., a consulting, documentation, and project management services firm.

"NetApp's achievement of Common Criteria certification for Data ONTAP® 8.0.0 operating in 7-Mode and Data ONTAP® 8.0.1 operating in 7-Mode underscores their dedication to continuously providing security assurance in their technology," said Matthew Appler, CEO, Corsec Security. "We were highly impressed with NetApp's solution and with their commitment to the evaluation process."

As befits an industry leader, the NetApp security story is much broader than achieving common criteria certification. NetApp offers multiple FIPS 140-2 validated data at rest encryption solutions, such as NetApp Storage Encryption using self-encrypting drives and Brocade FibreChannel Encryption Switches and blades. Upgraded NAS encryption appliances will be announced soon.

NetApp's Secure Multi-Tenancy architecture, developed in concert with Cisco and VMware, is a unique service-oriented infrastructure that includes all server, storage, and networking hardware and software to facilitate secure sharing, reuse, and dynamic resource allocation for next-generation data centers and cloud service providers.

NetApp has also achieved ISO/IEC 27001, the global standard for Information Security Management Systems (ISMS). This provides NetApp customers, partners, vendors, and employees with the confidence that information in the hands of NetApp is protected in accordance with the ISO standard .

NetApp demonstrated NetApp Storage Encryption in the OASIS KMIP interoperability demo at the RSA Security Conference in San Francisco last week.

About Common Criteria
Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. Once completed, Common Criteria certifications are mutually accepted by 26 countries through the CCRA (Common Criteria Recognition Agreement), including the United States government. Common Criteria certification of security products is mandated by the U.S. government for all federal purchases.

About Corsec Security, Inc.
Corsec Security, Inc. specializes in helping companies navigate through the complex process of receiving FIPS 140-2,Common Criteria (CC), and UC APL certifications. Corsec's consulting, document creation, and project management services deliver unmatched expertise in achieving government validation efforts at a firm, fixed price. Corsec partners with companies around the world to achieve local and international certification and to add security functionality to a wide range of products. Corsec minimizes the time, effort and money a vendor needs to invest in validation while ultimately maximizing the return on that investment. For further information, please visit www.corsec.com. Follow us @CorsecSecurity.

Additional Resources

About NetApp
NetApp creates innovative storage and data management solutions that deliver outstanding cost efficiency and accelerate business breakthroughs. Our commitment to living our core values and consistently being recognized as a great place to work around the world are fundamental to our long-term growth and success, as well as the success of our pathway partners and customers. Discover our passion for helping companies around the world go further, faster at www.netapp.com.

Press Contacts:
NetApp
(408) 822-3287
xdl-uspr@netapp.com

NetApp, the NetApp logo, Data ONTAP, are trademarks or registered trademarks of NetApp, Inc. in the United States and/or other countries. All other brands or products are trademarks or registered trademarks of their respective holders and should be treated as such. The use of the terms, "partner", "partnered", or "partnership" does not imply a legal partnership between NetApp and any other company.