Section 508

Dell invests significant resources in ensuring that our solutions and products comply with existing government certifications and mandates.

A Dell security and compliance architect assesses the security capabilities of all our products using a detailed checklist. The architect cross-references those capabilities to the categories specified by National Institute of Standards and Technology (NIST) in publication 800-53. These internal assessments are available upon request to customers who wish to review the security capabilities of a product. Publication 800-53 serves as the basis for most FISMA controls, meaning Dell’s product capabilities also map to FISMA requirements.

 Dell has a long history of working with federal agencies, and it is committed to achieving working government security standards—including the requirements of, FIPS Publications 140/201, FISMA, and other information assurance processes. Dell uses technologies that comply with FIPS 140-2 to protect data and limit system access. It provides documentation to help agencies determine if products meet their unique security requirements, and assists agency efforts to perform Certification & Accreditation (C & A) of Dell Software solutions.

Some of Dell’s products have received Federal Desktop Core Configuration (FDCC) certifications. Others are certified under the Cryptographic Algorithm Validation Program (CAVP). Additionally, Dell’s R&D organization uses NIST-certified Security Content Automation Protocol (SCAP) vulnerability scanning and certification technologies.

Compliance is an ongoing effort in a changing landscape. We commit to staying as current as possible with our certifications so that your organization can confidently leverage our solutions to save time and money across physical, virtual and cloud environments.

Section 508 & VPATs

In recognition and support of the “Electronic and Information Accessibility Standards” defined by Section 508 of the Rehabilitation Act, Dell publishes accessibility self-assessments of our products using Voluntary Product Accessibility Templates (VPATs). The VPAT criteria influence the product roadmaps, and Dell’s Research and Development teams update the VPATs for their products during each major release cycle to reflect accessibility improvements contained in the latest release.

Below you will find VPATs for our software solutions. To request a VPAT for hardware (i.e. a monitor), please contact Dell Regulatory Compliance. If the software VPAT you seek is not listed below, please contact Dell Software.

Active Administrator
ActiveRoles Add-On Manager
Active Roles Language Pack
ActiveRoles Server Add-on for Office 365
Archive Manager
Asset Manager
Authentication Services
Authentication Services for Siebel
Authentication Services for SAP GUI
Backup Reporter
Benchmark Factory for Databases
Big Brother Professional Services
Capacity Manager for SQL Server
Client Profile Updating Utility
Cloud Access Manager
Code Tester for Oracle
Coexistence Manager for GroupWise
Coexistence Manager for Notes
Collaboration Services
Content Migrator for SharePoint
Defender Service
Dell Data Protection|Rapid Recovery
Dell Multi Cloud Manager
Dell One Identity Manager
Dell One Identity Manager Data Governance Edition
Dell One Safeguard
Dell SonicWALL ESA 3300
Dell SonicWALL ESA 4300
Dell SonicWALL ESA 8300
Dell SonicWALL NSA 2600
Dell SonicWALL NSA 3600
Dell SonicWALL NSA 4600
Dell SonicWALL NSA 5600
Dell SonicWALL NSA 6600
Dell SonicWALL NSA 220
Dell SonicWALL NSA250M_250MW
Dell SonicWALL NSA 2400
Dell SonicWALL NSA 5500
Dell SonicWALL NSA E 6500
Dell SonicWALL NSA E 8500
Dell SonicWALL NSA E 8510
Dell SonicWALL SM 9000 Series
Dell SonicWALL SM 9800
Dell SonicWALL SM 10000
Dell SonicWALL SRA EX9000
Dell SonicWALL SRA EX6000
Dell SonicWALL SRA EX7000
Dell SonicWALL TZ105_105W
Dell SonicWALL TZ205_205W
Dell SonicWALL TZ215_215W
Dell Sonicwall TZ300
Dell Sonicwall TZ400
Dell Sonicwall TZ500
Dell Sonicwall TZ600
Desktop Authority
Directory Analyzer for Active Directory
DropThis for SharePoint
Enterprise Reporter
Endpoint Recovery
Enterprise Single Sign-On
Foglight APM for Real User Experience
Foglight APM SaaS Edition
Foglight Cartridge for Application Operations
Foglight Experience Monitor
Foglight Experience Viewer
Foglight for LiteSpeed
Foglight for Storage Management
Foglight for Virtualization (Standard Edition)
Foglight for Virtualization (Enterprise Edition)
Foglight OnDemand for Azure Applications
Foglight OnDemand for SQL Server
Foglight Performance Analysisfor DB2 LUW
Foglight Performance Analysisfor SQL Server
Foglight VOPS Enterprise
GroupWise Migrator for Exchange
JClass DesktopViews
JClass ServerViews
KACE K1000 Systems
KACE 2100
KACE Media Manager
KACE User Interface Web Application
LiteSpeed for SQL Server
Management Console for Exchange
Management Console for Unix
Management Xtensions for System Center Configuration Manager
MessageStats Business Insights
MessageStats for Lync
MessageStats Report Pack for Archive Manager
MessageStats Report Pack for BlackBerry
MessageStats Report Pack for Lotus Notes
MessageStats Report Pack for OCS
MessageStats Report Pack for Microsoft Online
MessageStats Report Pack for OWA
MessageStats Report Pack for Sendmail
MessageStats Report Pack for Windows Mobile
MessageStats Unified Reporting
Migration Manager for Active Directory
Migration Manager for Email Archives
Migration Manager for Enterprise Social
Migration Manager for Exchange
Migration Manager for PSTs
Migration Manager for PSTs Enterprise Edition
Migration Manager for SharePoint
Migration Suite for SharePoint
Migrator for GroupWise
Migrator for Notes to Exchange
Migrator for Notes to Sharepoint
Mobile IT
NetExtender Client
NetVault Backup
NetVault Backup Plug-In for DB2
NetVault Backup Plug-In for Domino
NetVault Backup Plug-In for Encryption Advanced Algorithm
NetVault Backup Plug-In for Encryption Standard Algorithm
NetVault Backup Plug-In for Exchange
NetVault Backup Plug-In for FileSystem
NetVault Backup Plug-In for Hyper-V
NetVault Backup Plug-In for Informix
NetVault Backup Plug-In MySQL
NetVault Backup Plug-In for NDMP
NetVault Backup Plug-In for NetWare
NetVault Backup Plug-In for Oracle
NetVault Backup Plug-In for PostgreSQL
NetVault Backup Plug-In for SAP
NetVault Backup Plug-In for SharePoint
NetVault Backup Plug-In for SnapMirror to Tape
NetVault Backup Plug-in for SnapShot Manager
NetVault Backup Plug-in for SnapVault Manager
NetVault Backup Plug-In for SNMP
NetVault Backup Plug-in for SQL Server
NetVault Backup Plug-in for Sybase
NetVault Backup Plug-In for VaultShare
NetVault Backup Plug-In for VMWare
NetVault Backup Plug-In Thin Client for NetWare
NetVault Backup Thin Client for Netware
NetVault Backup Workstation Client
NetVault Bare Metal Recovery
NetVault FastRecover
NetVault for Teradata
NetVault for MySQL
NetVault SmartDisk
NDS Migrator
Notes Migrator for Exchange
Notes Migrator for SharePoint
OnDemand Migration for Email
One Identity ActiveRoles Add-On for Connectors
One Identity Quick Connect Express for Active Directory
One Identity Quick Connect for Base Systems
One Identity Quick Connect for Cloud Services
One Identity Quick Connect for Lotus Notes
One Identity Quick Connect for PeopleSoft
One Identity Quick Connect for SAP Solutions
One Identity Quick Connect Management Shell
Password Manager
Performance Analysis for Oracle
Performance Analysis for SQL Server
Privilege Manager
Privileged Password Management
Privileged Session Management
Privilege Manager for Sudo
Privilege Manager for UNIX
Quest OnDemand
Quest One ActiveRoles Add-On for Lync Server
Quest One Quick Connect for Base Systems
Quest One Quick Connect for Active Directory
Quest One Quick Connect for Lync
Quest One Quick Connect for RACF
Quest Web Parts for SharePoint
Recovery Manager for Active Directory
Recovery Manager for Active Directory Forest Edition
Recovery Manager for Exchange
Recovery Manager for SharePoint
RemoteScan Enterprise
RemoteScan Enterprise User Edition
RemoteScan for LAN
RemoteScan for TSCX
RemoteScan Universal
Remote Support Center
Secure Copy
Security Explorer
SharePlex for Hadoop
SharePlex for Oracle
SharePlex Manager
Site Administrator for SharePoint
Single Sign-on for Java
Social Migrator for SharePoint
Space Management with LiveReorg
Spotlight® on Active Directory
Spotlight on DB2
Spotlight on Exchange / Spotlight® on Exchange Web Reports
Spotlight on Messaging
Spotlight on Oracle
Spotlight on SQL Server
Spotlight on SAP ASE
Spotlight on SQL Server Enterprise
Spotlight on Sybase
SQL Navigator
SQL Navigator for Oracle
SQL Optimizer for DB2
SQL Optimizer for DB2 zOS
SQL Optimizer for Oracle
SQL Optimizer for SAP ASE
SQL Optimizer for SQL Server
SQL Optimizer for Sybase
Storage Maximizer for SharePoint
Toad Data Modeler
Toad Data Point
Toad Decision Point
Toad for Data Analysts
Toad for DB2
Toad for MySQL
Toad for Oracle
Toad for SAP Solutions
Toad for SQL Server
Toad for Sybase
Toad Intelligence Central
Unified Communications Analytics
Unified Communications Command Suite - Analytics
Unified Communications Command Suite - Diagnostics
Unified Communications Diagnostics
vFoglight Storage
vRanger Pro
vWorkspace Connector for Android
vWorkspace Connector for iPad
vWorkspace Connector for Mac OS X
Workspace Management Expert Assist

This page was last updated on 5/12/2016.

FIPS 140-2 & CAVP

Dell and FIPS 140-2

Dell is committed to product security and assurance. Dell plans on using FIPS 140-2 approved cryptographic modules in its products whenever possible. When this is not a possibility, we will ensure that any Dell product that uses cryptography has support for FIPS 140-2-approved algorithms. These areas of cryptography include symmetric and asymmetric encryption, hashing, keyed hashing, message authentication, and random number generation. We intend to continue our ongoing discussions with our Federal government customers to ensure that we understand the requirements and processes involved to meet the required cryptography standards.

Cryptographic Algorithm Validation Program

In July 1995, NIST and the Communications Security Establishment Canada (CSEC) established the Cryptographic Algorithm Validation Program (CAVP). This program focuses on validation testing for NIST recommended, and FIPS 140-2 approved, cryptographic algorithms. Vendors interested in validating the cryptographic implementations used within their products may select an accredited laboratory to conduct testing of these implementations. Upon successful completion of the testing, vendors get listed on NISTs validation list(s) on their web sites.

Authentication Services
NetVault Backup
Password Manager
Quest One Authorization Policy Server
Quest One Identity Manager
Quest One Privileged Password Manager
Quest One Privileged Session Manager
Quest vWorkspace - MokaFive Suite
Cryptographic Algorithms
AES 256 Bit via .NET Managed CryptoAPI
Triple DES
AES, TripleDES, SHA256
AES, SHA-256, SHA-512


Dell has established a testing environment within our R&D organization to aid with testing and certification of our software products against the USGCB (United States Government Configuration Baseline) and FDCC (Federal Desktop Core Configuration). We will continue to evaluate select product releases against the latest USGCB and FDCC baseline images (from NIST). Development plans will be considered to address discovered non compliant functionality within our products. We will self-certify our products that successfully pass compliance tests for USGCB and/or FDCC.

Please note that this represents our plan as of September 2012, and our development plans and priorities are subject to change, due to numerous factors, availability of resources and other matters common to all independent software vendors.

FDCC Certification Statements

Code Tester for Oracle
Foglight Transaction Recorder
Performance Analysis for Oracle
Quest Backup Reporter for Oracle
Space Manager with LiveReorg
Spotlight on DB2 for LUW
Spotlight on Oracle
Spotlight on SQL Server Enterprise
Spotlight on Sybase ASE
SQL Optimizer for DB2 z/OS
SQL Optimizer for Oracle
SQL Optimizer for SQL Server
SQL Navigator for Oracle
Toad Data Modeler
Toad for Data Analysts
Toad for DB2
Toad for MySQL
Toad for Oracle
Toad for SQL Server
Toad for Sybase

HSPD-12 & OMB 11-11

Homeland Security Presidential Directive 12, or HSPD-12, was issued by President George W. Bush in August of 2004. HSPD-12 calls for common identification standards for federal employees and contractors.

" is the policy of the United States to enhance security, increase Government efficiency, reduce identity fraud, and protect personal privacy by establishing a mandatory, Government-wide standard for secure and reliable forms of identification issued by the Federal Government to its employees and contractors (including contractor employees)."

HSPD-12 calls on executive branch departments and agencies to ensure that their organizations meet those standards. HSPD-12 requires agencies to follow specific technical standards and business processes for the issuance and routine use of Federal Personal Identity Verification (PIV) smartcard credentials including a standardized background investigation to verify employees’ and contractors’ identities. Specific benefits of the standardized credentials required by HSPD-12 include secure access to federal facilities and disaster response sites, as well as multi-factor authentication, digital signature and encryption capabilities.

In 2011, the Office of Management and Budget (OMB) issued OMB Memorandum 11-11, which calls on agencies to accelerate their adoption of PIV credentials, the enablement of applications to use those credentials, and the upgrading of existing physical and logical access control systems to use those credentials.


Certification & Accreditation (C&A) is a requirement for all federal IT systems. C&A applies to complete systems – hardware and software – in a specific environment, associated with specific policies and procedures. Certification is the technical evaluation of the system components as they relate to security, and accreditation is the formal acceptance of that system in its specific environment. 

Since C&A is environment-specific, no software, including solutions from  Dell, can be generically certified and accredited, but must go through that process for each environment in which it is installed. Dell will provide copies of our products and assist organizations as requested in their specific C&A efforts for Dell solutions.