- 8 January 2013 21:18
Certes Networks Encryption Solution Achieves Common Criteria EAL4+ Certification
Pittsburgh, PA, January 8, 2013 Certes Networks, a leading developer of scalable network and cloud encryption solutions announced today that its Encryption Policy and Key Management System (TrustNet Manager v3.4) as well as its full line of Variable Speed, Multi-Layer encryption appliances (CEP v2.1.1 Firmware) have earned Common Criteria certification at Evaluation Assurance Level 4 augmented (EAL4+).
Common Criteria is an international set of guidelines for verifying security features and capabilities of IT solutions. EAL4+ is the highest internationally recognized assurance level available for a software product under the Common Criteria Recognition Agreement (CCRA). This certification is mandated for all IT solutions purchased by the U.S. federal government and is favored by many government agencies and businesses in more than two dozen other countries.
To facilitate the successful achievement of the Common Criteria certification, Certes Networks worked with Corsec Security, Inc., and CGI's accredited Common Criteria lab to complete the evaluation.
"Certes Networks continues to develop new and innovative Network and Cloud Encryption solutions and surpass security expectations by achieving Common Criteria at an EAL4+," said Matthew Appler, CEO of Corsec Security. "Certes Networks certification strategy clearly demonstrates their commitment to serving the market for government security solutions."
Certes Networks' innovative policy and key management solution enables scalable group encryption that is transparent to network performance and reliability. Their industry leading family of Variable Speed Encryption (VSE) appliances allows bandwidth customizable tunnel-less data protection for Layer 2, Layer 3, and Layer 4 networks. The VSEs deliver line rate full-duplex encryption at 15 standardized rates ranging from 3Mbps to 10Gbps using the AES-256 encryption algorithm and SHA-256 hashing for per-packet authentication and integrity.
"The addition of the Common Criteria certification at EAL4+ validates the security capabilities of our products and solutions to government organizations around the world," said Tom Gill, CEO, Certes Networks. "Undergoing this rigorous certification process confirms the quality of our Network Encryption solution and our dedication to helping organizations protect their data."
About Certes Networks Certes Networks protects data in motion. The company provides advanced data protection solutions for both physical and virtual networks that enable secure connectivity over any infrastructure without compromising performance or availability. Customers rely on Certes Networks to protect data and reduce the cost of compliance by enabling secure data flows over any network infrastructure. Certes Networks has been recognized by several industry groups and analysts including being named as a Cool Vendor in Cloud Security by Gartner in 2012. Learn more about Certes Networks by visiting www.Certesâ€‹Networks.câ€‹om.
About Corsec Security, Inc. Experts in FIPS 140-2 validation, Common Criteria certification, and UC APL and more than 280 certificates completed for national and international customers, Corsec is the largest, most experienced independent validation consultancy in the IT security industry today. Corsec makes product development, evaluation, certification, and validation faster, easier and more efficient. Our unrivaled expertise with a diverse range of security products, proven project management processes and industry relationships help companies receive certification in less time, at reduced cost and without tying up internal resources, allowing for a faster return on investment. For more information, visit www.corsec.com
Sign up now »
Run your mission-critical applications in a secure and compliant virtual datacenter, or private cloud.
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.