Product Compliance

Certifications

ISO 27001

ISO 27017

ISO 27018

SOC 2 Type 1

SOC 2 Type 2

SOC 3

FIPS

FedRAMP

Common Criteria

FedRAMP

Xi Government Cloud is FedRAMP In Process

FedRAMP In Process means that the service is in the process of being reviewed for a JAB P-ATO or Agency ATO. This designation puts the Nutanix Xi Government Cloud one step closer to achieving FedRAMP Moderate Authorization, which will provide public sector customers with a more unified fabric that enables them to extend workloads across different cloud environments used by federal agencies. 

Services: Xi Frame and Xi Beam

SOC Certifications

SOC 2 Type 1

Services: Xi Leap, Xi Frame, Xi Beam

SOC 2 Type 2

Services: Xi Frame, Xi Beam

SOC 3

Services: Xi Frame

SOC 3

Services: Xi Beam

ISO Certifications

ISO 27001

Services: Xi Leap,* Xi Beam, Xi Frame, Xi Epoch, Xi IoT

* Xi Leap Region EU Italy (Sparkle) is not included in this certification

ISO 27017

Services: Xi Leap,* Xi Beam, Xi Frame, Xi Epoch, Xi IoT

* Xi Leap Region EU Italy (Sparkle) is not included in this certification

ISO 27018

Services: Xi Leap,* Xi Beam, Xi Frame, Xi Epoch, Xi IoT

* Xi Leap Region EU Italy (Sparkle) is not included in this certification

ISO 28000

Products: Management of Nutanix supply chain including hardware cybersecurity in supporting NX products. This Security Management System excludes distribution and installation.

FIPS Certifications

The Cryptographic Module Validation Program (CMVP) is a joint effort between NIST in the United States and the Canadian Centre for Cyber Security (CCCS), a branch of the Communications Security Establishment (CSE). The CMVP validates cryptographic modules to Federal Information Processing Standards (FIPS) 140-2, Security Requirements for Cryptographic Modules, and other FIPS cryptography-based standards.

Federal Agencies in the United States and Canada may acquire active FIPS 140-2 cryptographic modules listed in the CMVP database of validated modules for the protection of sensitive information.

Certificate #3541

Certificate #3473

Certificate #3472

Certificate #3460

Common Criteria

Common Criteria is an international security certification that is recognized by many countries around the world.  When a product achieves certification in one country, the product is recognized as CC certified in all 31 participating nations that participate in the Common Criteria Recognition Agreement (CCRA) and recognized across Europe through the SOG-IS agreement. The Common Criteria standard is also an ISO standard, ISO 15408.   Nutanix’s AOS and AHV products are included in the scope of the Common Criteria EAL2+ evaluation.

 

Nutanix is currently listed as officially “In-Evaluation”.  When the CC certification is complete it will be listed on the Common Criteria Portal.

Common Criteria

In-Evaluation Listing

If you have any questions regarding compliance, please reach out to us.