The Common Engineering Critieria is a set of standard criteria that Windows Server Products are measured by. The list below gives the criteria for 2007, 2006, and 2005 year products and as you can see the criteria is evolving to ensure that Windows Server products deliver an evolving set of standard services to a common criteria. The Microsoft homepage for CEC is here. Microsoft measure and report products against the criteria and report this to you.
The 2007 Common Engineering Criteria apply to the following products:
Microsoft System Center Operations Manager 2007
Microsoft System Center Configuration Manager 2007
To facilitate a consistent user experience and improved product quality, all infrastructure server products shall use a standardized model for gathering, acknowledging, and acting upon user feedback.
All infrastructure server products shall support IPv6 as well as IPv4. In addition, all products shall be configurable to run in dual-stack (IPv4 and IPv6) or IPv6-only modes.
Exemptions: Although System Center Operations Manager 2007 supports running on an IPv6-based network, it does not support the discovery of network devices by their IP addresses in that environment. However, the devices can be added by name.
To facilitate interoperability, all new communication protocols between infrastructure server products and client systems shall take advantage of the work that Microsoft and its partners are doing with respect to Web services—specifically, the WS-* specifications, including WS-Management.
To facilitate troubleshooting, all infrastructure server products shall follow consistent guidelines for which events are raised, when those events are raised, and how they are raised. User privacy must be considered when raising an event so that sensitive data is not compromised.
To ensure full compatibility with Active Directory, all infrastructure server products must comply with the requirements listed in the “S1.0 Active Directory” section of the Microsoft Certified for Windows Server 2003 Application Specification.
For requirement S1.3 in Section 2 of the specification, products shall implement the option “Obtain this information directly from Active Directory.”
To facilitate strong security, all infrastructure server products shall include a Security Configuration Wizard for each identified server role.
In addition to the 2005 criteria “64-bit Support,” all infrastructure server products shall support native 64-bit execution on x64 systems (AMD x64 and Intel EM64T) for at least one version of the product.
To make technical information easier to find, all infrastructure server products shall use the same content model for both printed and online documentation.
To facilitate a consistent mechanism for the application of software updates, all general-distribution releases—including security updates and service packs—shall be made available through Microsoft Update.
All Windows Server System products will provide infrastructure built on the Volume Shadow Copy Service to support fast backup and recovery of data. Each Windows Server System product team will develop a Volume Shadow Copy Service writer. Volume Shadow Copy Service is a framework for facilitating communication among applications, storage subsystems, and storage management applications (including backup applications) to define, persist, and exploit point-in-time copies of storage data.
This infrastructure will provide backup/restore to product solution providers to reduce their cost of product development and enable IT administrators to provide their organizations with fast backup and recovery of data at reduced costs.
To provide a consistent and predictable product installation experience, all Windows Server System products will check for product dependencies during installation. Products must follow these rules:
All products must analyze the installation system, detect any missing dependencies or incorrect versions of dependencies, and notify the user. Detection must be run each time the installation utility is run.
If there are missing or invalid components, the installation utility should offer to download Microsoft components for the user or identify where the components can be obtained.
If the user chooses not to download the missing or invalid components, the installation must fail and list those components.
Silent installations should accept Y/N responses for downloading dependent components.
More than 70 percent of enterprise customers in the United States have adopted Microsoft Active Directory directory service as a repository of choice to store user credentials and device information; therefore, all Windows Server System products must write a marker in Active Directory. By querying Active Directory, customers and independent software vendors (ISVs) will be able to find all NT Services running on each of their Windows Servers. This information will enable them to proactively manage NT Services, improving both reliability and security.
Microsoft Exchange Best Practices Analyzer, a free tool available by download, provides customers with the capability to conduct product configuration analysis against a best practices database. This knowledgebase was developed using experiences of Microsoft product and support teams, Microsoft partners, and industry experts.
This tool specifically provides the ability to:
Judge the general health of a Windows Server System deployment
Generate a list of issues, such as suboptimal configuration settings, options that are not supported or not recommended, and recently changed settings that may render a configuration unstable
Help troubleshoot specific problems
Provide detailed online or local documentation about any reported issues, including troubleshooting tips
This criterion will enable customers to reduce the time and resources required to optimize configuration of Windows Server System products in their infrastructure. Customers can download the Exchange Best Practices Analyzer.
To improve IT productivity and reduce the cost of managing IT infrastructure at remote locations, customers are centralizing the management of IT infrastructure. To meet this customer need, Windows Server System requires all Microsoft server products to be capable of being installed and uninstalled using Windows Terminal Services. Windows Terminal Services already provides the capability to remotely manage infrastructure servers, and this requirement further extends this capability.
Customers expect that all Microsoft products provide the same functionality everywhere, be interoperable across diverse regional scenarios, and be available in their native language. To meet these expectations, all Windows Server System products must integrate globalization processes into their product development cycles to ensure geographical and cultural independence of Microsoft products. This criterion provides customers with products that can be localized independent of modifications to the source code.
To reduce complexity and improve consistency of end user licensing agreements, all Windows Server System products will adopt one of the five standard product category licensing models for servers.
To ensure that businesses can connect with employees, customers, and partners using Web services, Windows Server System products will qualify for the .NET Connected logo. Microsoft has developed the .NET Connected logo program in an effort to help customers easily identify products designed to assist their creation of connected solutions. By choosing .NET Connected products, organizations gain the advantage of flexible, standardized ways to integrate systems and collaborate across the value chain from suppliers to customers. For more on the .NET Connected logo program, please see http://www.microsoft.com/net/logo/ready.asp.
To give businesses the ability to take advantage of the improved price/performance of the 64-bit platform, all server products will support one or both of the following:
Fully support 32-bit emulation on 64-bit architectures (Windows on Windows 64 [WOW 64]).
Support X64 native execution in a 64-bit architecture. IA64 support is required for Windows Server and SQL Server only.
With this support built into Windows Server System, businesses gain the flexibility to upgrade to 64-bit hardware as desired. Businesses will be able to take advantage of 64-bit computers' larger address space and improved performance. The result: improved infrastructure productivity and greater value from their IT investment.
Multicore processor technology provides increased computing power from each processor, allowing servers, workstations, and PCs to perform more functions simultaneously. All Windows Server System products will support multicore processor technology, enabling customers to take advantage of this increased computational power. Further, Windows Server System products that are currently licensed on a per-processor model will continue to be licensed per processor, not per core, for hardware that contains multicore processors. This criterion will enable customers to create additional business value by lowering the price/performance ratio of Windows Server System Solutions.
To help organizations put their servers to work creating new business value sooner, all Windows Server System products will make core training available at launch, which generally includes deployment planning as well as basic operational training. Further, a training roadmap will be available at launch, and non-core training will be available 90 days after launch.
To improve the security of Windows Server System products, all products will adopt Microsoft's Trustworthy Computing initiative practices. These practices fortify the development process to include security milestones at every phase of product development, resulting in products that are more secure by design, in development, and in deployment.
Microsoft continues to focus on reducing the number of restarts required when computers are patched. Windows Server System products support "hot patching" technology that can update server software components in place, without requiring a restart for some patches. Although not all fixes can benefit from hot patching, it will further reduce restart scenarios. With the hot patching technology, Microsoft expects customers to be able to install 30 percent of critical updates without restarting their computers.
The support of hot patching technologies in all Windows Server System products will provide customers with a more reliable and secure platform to support uninterrupted business operations.
All Windows Server System products will provide updates in standardized packages, enabling customers to easily keep their IT environments current.
The package will follow consistent naming conventions.
The package will be digitally signed.
Products must add an entry into the Control Panel Add/Remove Program.
Symbols used for the software update must be archived.
Microsoft Security Response Center security update policies must be followed.
To ensure the highest level of quality, all server products will be subject to demanding core scenario testing and implementation in production prior to the product's final release. Where applicable, server products will be implemented in production first within the Microsoft IT department, and then at a minimum of four customer sites prior to final release. These implementations will cover a core scenario to representative scale, and at least one implementation must be outside the United States of America.
To ensure that our server products take full and correct advantage of Windows features, all products will be Windows Logo Certified. Products with Enterprise Editions must obtain the Enterprise level of Certified for Windows Server 2003 certification.
All Windows Server System products will provide the capability to collect customer input to improve product quality. Each of the Windows Server System products must be enabled to capture and send crash analysis data to either a Corporate Reporting Server (CRS) or directly to Microsoft (user configurable during product installation and when enabling feature in product).
Further, products must allow customers to rate the quality of the content and provide suggestions to improve our products. Products will enable customers to join product-related user communities from their management user interface.
To help businesses reduce the cost of managing infrastructure, all server products will have a MOM Management Pack available at launch. The management pack will be serviced on the same schedule as the core product. MOM packs will provide:
Event and performance processing alerts.
Basic views that graphically map performance and event trending information.
State Monitoring view (green/yellow/red) state for managed entities.
To lower the cost of installing and configuring products across an enterprise, Windows Server System products will support command-line scripting and/or be Windows Management Instrumentation (WMI)-enabled. This requirement enables administrators to automate and customize server deployment and operations, enhancing administrative efficiency.
To help customers improve the utilization of hardware resources, all server products will support Microsoft Virtual Server 2005. Each product must be capable of running from within a virtual instance. Exemptions will be granted if:
The operating system required for the product is not supported as guest virtual machine (VM) operating system.
The product requires hardware that is not currently supported in the VM environment.
Core product scenarios fail because of virtualization performance or scaling-related issues.
To provide consistent product installation and Windows/Microsoft Update support, all Windows Server System products will use a standardized installer.
The Windows Installer service must be used for installation and uninstallation.
The MSI package must pass package validation without errors.
All MSI custom actions must have compensating rollback and uninstall custom actions, where possible. Nonreversible actions, such as data conversion, should be clearly documented so that customers know to back up configuration changes that cannot be undone.
Windows Installer 3.0 is not required but recommended for install.
Windows Installer 3.0 must be used for an update (patch).
To enable organizations to plan for product upgrades, product upgrade roadmaps and prescriptive guidance will be available for each Windows Server System product. Further, whenever possible, feature deprecation will be announced and staged over several product releases to minimize customer issues.
To provide a consistent product experience, licensing for all products will be either CPU-based or Server/CAL/Connector-based. For products with more than one edition, a standard set of category names (for example, Express, Workgroup, Standard, and Enterprise) will be applied.