=~ y
CICIN
centro criptoldgico nacional
CERTIFICATE
CCN-CC-8/2024
Microsoft SQL Server 2022 on Linux Database Engine Enterprise
Edition x64 (English) version 16.0.4105.2
Type of product Database ManagementSystem
Conformanceoffunctionality PP Conformancefunctionality
Protection Profile Conformance Collaborative Protection Profile for Database Management
Systems, Version 1.3, March 13, 2023
Evaluation Facility DEKRATesting and Certification S.A.U.
Certification Report CCN-CC/2022-33/INF-4305
Expiration Date See Certification Report
Pursuantto the authority vested in me under Act 11/2002 regulating the National Intelligence Centre,
and underArticle 1 and Article 2.2.c of Royal Decree 421/2004 of March 12th regulating the National
Cryptologic Centre, | hereby:
Certify that the security of Microsoft SQL Server 2022 on Linux Database Engine Enterprise Edition x64
(English) version 16.0.4105.2, requested by Microsoft Corporation, 1 Microsoft Way, Redmond, WA
98052, U.S.A., has been evaluated using Common Methodology for Information Technology Security
Evaluation/CommonCriteria for Information Technology Security Evaluation version 3.1 release 5,:and it
has met the requirements of its Security Target identified as “Microsoft SQL: Server 2022 on Linux
Database Engine CommonCriteria Evaluation (EAL2+) Security Target WE“1,2, 2024-02-
a for
evaluation assurance level EAL2 + ALC_FLR.3. EE ae
Madrid, 10 April 2024
- SecretaryofStateDiréctor
Esperanza Casteleiro Llamazares
This certificate, its scope and validity are subject to the terms, conditions and requirements specified in the
“Reglamento de Evaluación y Certificación de la Seguridad de las T.1.C.” at PRE/2740/2007, September19th.
The above-mentioned Security Target and Certification Report are available at the National Cryptologic Centre.
This certificate will come into effect the following day that the associated certificate resolution signed by
the Secretary of State Director of CCN is published in the Official State Gazette (B.O.E —
https://www.boe.es).
The IT product identifiedin this certificate has been evaluated at an accredited and licensed/approved
evaluation facility using the Common Methodology for Information Technology Security
Evaluation/CommonCriteria for Information Technology Security Evaluation version 3.1 release 5 and
CC SupportingDocumentsaslisted in the Certification Report. This certificate applies only to the specific
version and release of the productin its evaluated configuration and in conjunction with the complete
Certification Report. The evaluation has been conducted in accordance with the provisions of the
Spanish IT Security Evaluation and Certification Scheme, PRE/2740/2007 Septemberthe 19th, and the
conclusionsof the evaluationfacility in the evaluation technical report are consistent with the evidence
adduced. This certificate is not an endorsernent of the IT product by the Spanish Schemeorby any other
organisation that recognises or gives effect to this certificate, and no warranty of the IT product by the
Spanish Scheme orby any. other organisation that recognises or gives effect to this certificate, is either
expressed or implied.