Press Release:

HP Expands Software Security Efforts via Accelerated National Information Assurance Partnership Certification

WASHINGTON, April 7, 2005

Reinforcing its commitment to IT security for public sector customers, HP today announced it is accelerating its pursuit of National Information Assurance Partnership (NIAP) Common Criteria certification for its operating systems and enterprise management software.

Created in response to increasing threats to network and computer security, NIAP certification is designed to bolster end-user confidence by using cost-effective security testing, evaluation and assessment programs to "gate" software destined for government use.

As the number of federal agencies mandating NIAP certification for all software products steadily increases, the Common Criteria program is expected to benefit other security-conscious customers around the world, including those in healthcare and financial services.

HP is investing millions of dollars in NIAP certification in order to supply the government and other large enterprise customers with software that meets the strict standards of the Common Criteria validation process.

"Government agencies are transforming the way they integrate, access and share information," said Jim Ganthier, worldwide director, Defense, Intelligence and Security Solutions, HP. "As the federal government increases its use of mobility solutions that are securely integrated, the importance of NIAP Common Criteria certification will continue to increase."

To date, HP has earned NIAP Common Criteria certification or is presently certifying software to various Evaluation Assurance Levels (EALs), including:

  • HP-UX 11i (release 11.11) operating system - EAL 4 Controlled Access Protection Profile (CAPP)

  • HP Tru64 UNIX V5.1A operating system -- EAL 1

  • HP ProLiant, HP Integrity and HP carrier-grade servers running Linux, including Red Hat Enterprise 3 update 3 and Novell's SuSE Linux 8 SP3 - EAL 3+

  • HP OpenView Operations for UNIX 8.1 - EAL 2 in progress

  • HP OpenView Network Node Manager 7.5 - EAL 2 in progress

In addition, HP has plans for near-term investments in the Common Criteria certification for other HP OpenView solutions and software in its enterprise management portfolio.

NIAP is a collaborative effort between the National Institute of Standards and Technology and the National Security Agency designed to fulfill their respective responsibilities under the Computer Security Act of 1987. The partnership combines the extensive IT security experience of both agencies to promote the development of technically sound security requirements for IT products and systems and appropriate measures for evaluating them.

As federal agencies continually adapt to new government directives and tightened budgets, HP's Adaptive Enterprise strategy can help them effectively respond to and manage change by deploying solutions that are designed to reduce both IT complexity and cost.

A crucial component of HP's portfolio of security offerings, HP identity management solutions enable government agencies and enterprise-level businesses to strengthen security through improved identity and access management of users and applications. Specifically, HP's solutions enable secure access to network services without manual provisioning and account maintenance and provide web single sign-on and cross-domain identity management.

About HP

HP is a technology solutions provider to consumers, businesses and institutions globally. The company's offerings span IT infrastructure, global services, business and home computing, and imaging and printing. For the four fiscal quarters ended Jan. 31, 2005, HP revenue totaled $81.8 billion. More information about HP (NYSE, Nasdaq: HPQ) is available at

UNIX is a registered trademark of The Open Group. Linux is a U.S. registered trademark of Linus Torvalds.

This news release contains forward-looking statements that involve risks and uncertainties, as well as assumptions that, if they ever materialize or prove incorrect, could cause the results of HP and its consolidated subsidiaries to differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including the expected development, performance or rankings of products or services; statements of expectation or belief; and any statement of assumptions underlying any of the foregoing. Risks, uncertainties and assumptions include the development, performance and market acceptance of products and services and other risks that are described from time to time in HP's Securities and Exchange Commission reports, including but not limited to HP's Annual Report on Form 10-K for the fiscal year ended Oct. 31, 2004. HP assumes no obligation and does not intend to update these forward-looking statements.

About HP

HP Inc. creates technology that makes life better for everyone, everywhere. Through our portfolio of printers, PCs, mobile devices, solutions, and services, we engineer experiences that amaze. More information about HP Inc. is available at