The New Common Criteria Security Evaluation Scheme and the Windows 2000 Evaluation

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

The following Windows 2000 Target of Evaluation (TOE) has been certified under the Common Criteria (ISO/IEC 15408).


TOE Software Identification – The following Windows 2000 Operating Systems:*

  • Windows 2000 Professional with Service Pack 3 (SP3) with 326886 Hotfix

  • Windows 2000 Server with SP3 with 326886 Hotfix, or

  • Windows 2000 Advanced Server with SP3 with 326886 Hotfix

*The Windows operating system binary files listed in the Appendix B of the Windows 2000 Common Criteria security target are the exact same binary files found on Windows 2000 Datacenter Server with SP3 with 326886 Hotfix running on x86 machines except for a small number of machine specific device drivers.

Evaluation Assurance Level (EAL) – EAL 4, augmented with ALC_FLR.3 (Systematic Flaw Remediation).

This web page currently is being updated to provide customers with technical background materials associated with the Windows 2000 CC evaluation. The final update of this page will occur after NIAP CCEVS creates a Validated Product Entry (VPL) for Windows 2000 under the applicable Information Assurance Product Type areas, and posts the official validation report and the validated Windows 2000 security target on

On This Page

Windows 2000 CC Resources
Common Criteria – An Executive Summary

Windows 2000 CC Resources

The following resources provide specific Windows 2000 CC evaluation information.

Windows 2000 CC Overview White Paper –

Windows 2000 CC User Guide –

Windows 2000 CC Administrator's Guide –

Windows 2000 CC Security Configuration Guide –

The above guides and security configuration templates (in inf format) would be available for download as pdf and inf files after NIAP posts the validated Windows 2000 security target.

Windows 2000 CC Validation Report

Common Criteria – An Executive Summary

The award of Windows 2000 Common Criteria (CC) impacts everyone who uses, deploys, and manages Windows 2000 based infrastructures. Common Criteria provides a certain level of quality assurance by allowing customers to apply a consistent, stringent, and independently verified set of evaluation requirements. It also provides customers with detailed information on enabling higher security in their actual implementation and deployment of Windows 2000. Windows 2000 CC empowers customers to make informed security decisions in several ways:

  1. Comparison of customer's specific requirements against Common Criteria's consistent and universal standards.

  2. Comparison of competing IT products security feature sets based upon detailed reports of the certified products

  3. Customers can depend on Common Criteria evaluations because they are not completed by the vendor, but by independent testing labs

  4. Common Criteria is an international standard that global organisations can use to help choose products that satisfy the local security requirements.

In support of the windows 2000 CC evaluation process three documents have been produced that address specific aspects of the overall evaluation process and provide customers with detailed guidance on how to deploy and operate Windows 2000 in a secure network environment. The documents created are listed below:

  1. Windows 2000 Evaluated Configuration Administrator's Guide

  2. Windows 2000 Common Criteria Security Configuration Guide

  3. Windows 2000 Evaluated Configuration User's Guide

Windows 2000 Evaluated Configuration Administrator's Guide

This document provides reference information to allow an administrator to securely operate Windows 2000 in accordance to the stated requirements in the Windows 2000 Common Criteria Security Target (ST). Two main areas are covered in this document:

  1. Security Administration - this section provides an overview of administrating Windows 2000 securely by summarizing the following areas:

    • Windows 2000 Security Functionality

    • Roles and Privileges

    • Windows 2000 Evaluated Configuration

  2. Administering Windows 2000 Security - This section describes how to operate Windows 2000 according to the Target of Evaluation (TOE) security policy in an IT environment that is consistent with the one described in the Security Target. It describes effective security practices for administering the Windows 2000 in a secure manner. Topics covered in this section include:

    • Operating environment

    • Security management interfaces

    • Security functions

    • Security-relevant events

Windows 2000 Evaluated Configuration User's Guide

This document provides sufficient guidance for Windows 2000 users to securely use the product in accordance with the requirements stated in the Windows 2000 Common Criteria Security Target (ST). This document is specifically targeted at the non-administrative (e.g. non-privileged) user of Windows 2000 and covers the operating environment, security overview, and specific security functions. Security functions covered in this document include:

  • Passwords

  • Computer access

  • Disk quotas

  • Data protection

Windows 2000 Security Configuration Guide

This document provides guidance to allow for the secure installation and configuration of Windows 2000 in accordance with the Windows 2000 ST. This document is targeted at those responsible for ensuring the installation and configuration process results in a secure configuration of Windows 2000. Topics covered in this document include:

  1. Hardware and Software environment

  2. Operating system installation

  3. Secure Configuration - specifically

    • Security policies

    • Additional security configuration interfaces

    • Account policies

    • Local policies

    • Audit log management

    • User and Group Accounts

    • System services

    • File system

    • Registry

    • IPSec Policy

    • Encrypted file system

  4. Security configuration templates – including evaluated configuration security templates that customers can use to implement Common Criteria security settings.


The information included in the Common Criteria guide documents provide an excellent security reference source for all Windows 2000 based infrastructures. However, the Windows 2000 components included in the Common Criteria evaluation and the recommended security configuration settings are specifically targeted at achieving Common Criteria certification. Prior to implementing the recommended settings to achieve Windows 2000 CC compliance the settings should be thoroughly tested against the target Windows 2000 infrastructure.

IT Professionals should use these guides and other security resources available on to produce a security framework that satisfies their company's security requirements.