Sydney, Australia – 29 January 2018 – Aruba, a Hewlett Packard Enterprise company (NYSE:HPE), today announced that Aruba ClearPass is the first in the cybersecurity industry to be awarded Common Criteria certification for a network access control (NAC) solution, under both the Network Device collaborative Protection Profile1 and the Extended Package for Authentication Servers2 modules. ClearPass is also the industry’s first NAC solution to receive certification as an authentication server.
With this advanced Common Criteria certification, governed by ISO/IEC standards bodies and awarded by the National Information Assurance Partnership (NIAP), Aruba ClearPass was validated through an independent testing laboratory to ensure it adheres to strict government and defense cybersecurity standards. ClearPass empowers Information Technology teams with the ability to intelligently profile, authenticate, and authorise users, systems, and devices to access network and IT resources. ClearPass allows government agencies and private organisations to rely on Common Criteria certification as assurance for providing a global, independent, and certifiable cybersecurity baseline.
Mobile, cloud, and IoT have imposed new demands on cybersecurity professionals. Aruba ClearPass is designed for this new era of threats and it was awarded Common Criteria certification for the Network Device Collaborative Protection Profile after completing tests focused on a set of demanding security requirements that mitigate a series of well-defined threats. Tests replicate real-world threat situations covering all aspects of access control including encryption, physical security, certificate validation, and processing, along with TLS/SSL processing. NDcPP represents a security baseline for any network-connected device or system.
As an important complement to NDcPP, Aruba ClearPass received Common Criteria certification for the Extended Package for Authentication Servers module. This extended package assesses functionality specific to RADIUS authentication servers, and qualifies ClearPass to appear on the approved product list for the US National Security Agency’s Commercial Solutions for Classified (CSfC) program. US government customers deploying classified communications systems under the CSfC program may use ClearPass to securely authenticate user and device access over wired, Wi-Fi, and remote connections.
Aruba’s certification was granted by the NIAP, which is a United States government initiative that oversees a national program to evaluate commercial off-the-shelf (COTS) information technology (IT) products for conformance to the internationally recognised Common Criteria security testing standards. Tests were performed by Gossamer Security Solutions, one of the world’s most renowned security testing laboratories.
Common Criteria is a global standard to which security products are evaluated on behalf of both government agencies and private sector organisations who are focused on dealing with an increasingly complex and dangerous threat environment. Certifications are universally recognised by 28 nations and products certified in one country are recognised by all other countries. NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and increase efficiencies by avoiding the duplication of efforts. To learn more, visit the NIAP portal.
“Common Criteria validation provides the highest level of security certification an organisation can receive, which elevates Aruba network access control to new levels,” said Jon Green, CTO for Security at Aruba, a Hewlett Packard Enterprise company. “Securing enterprises for the mobile, cloud, and IoT era has never been this challenging. The certification demonstrates Aruba’s commitment to providing customers with the industry’s most secure solutions for multi-vendor, wired, and Wi-Fi network infrastructures, even if it’s not an Aruba network.”
“Government agencies and enterprise organisations alike continue to seek clarity through the chaos caused by the increasingly complex and sophisticated threat landscape,” said Bill Buckalew, vice president of partner sales for Optiv, a Denver-based market-leading provider of end-to-end cybersecurity solutions. “We are pleased Aruba was first to receive certification status for such a well-established security standard like Common Criteria. Efforts like this from our key technology partners, such as Aruba, play an important role in enabling Optiv to perform comprehensive security optimisation—from strategy and planning straight through to implementation and management—for our clients.”
About ClearPass Aruba ClearPass is a proven network access control and policy management cybersecurity solution that can discover, profile, authenticate, and authorise any network access, on wired or wireless networks, including for BYOD and IoT devices. Its position as network gatekeeper enables both secure network access as well as accelerated attack response. It can be integrated with the Aruba IntroSpect UEBA behavioral analytics solution and can also be deployed on any vendor’s network.
Availability Sold as a stand-alone appliance or as software only, ClearPass with the new CC certification is available now.
About Aruba, a Hewlett Packard Enterprise company Aruba, a Hewlett Packard Enterprise company, is a leading provider of next-generation networking solutions for enterprises of all sizes worldwide. The company delivers IT and cybersecurity solutions that empower organisations to serve the latest generation of mobile-savvy users who rely on cloud-based business apps for every aspect of their work and personal lives. To learn more, visit Aruba at http://www.arubanetworks.com. For real-time news updates follow Aruba on Twitter and Facebook, and for the latest technical discussions on mobility and Aruba products visit Airheads Social at http://community.arubanetworks.com. Additional Materials Blog by Jon Green: “Now Common Criteria Certified, ClearPass is Ideal for Highly Secure Environments” NIAP page for Aruba ClearPass’ Common Criteria certification Complete list of Aruba Federal security certifications Aruba ClearPass Solution Brief For more information, please contact: Duyen or Sarah at DEC PR +61 2 8014 5033 and firstname.lastname@example.org - ENDS -
Increasing use of encryption has created new challenges for enterprise security managers. Ever more-sophisticated encryption such as Perfect Forward Secrecy (PFS) protects data and may even boost your Google ranking – but it also provides a haven for malicious code that may use encryption to bypass enterprise security controls.
Why nation-state attacks are everyone’s problem
With so much change all the time, how can executives best prepare their businesses to meet the security challenges of the coming years? CSO Australia, in conjunction with Mimecast, explored this question in an interactive Webinar that looks at how the threat landscape has evolved – and what we can expect in 2019 and beyond.
An interview with CSO's David Braue and Ian Yip, Chief Technology Officer, McAffee.
According to new research conducted by the Ponemon Institute, Australia and New Zealand have the highest levels of data breaches out of the nine countries investigated. This was linked to heavy investment in security detection and an under-investment in security and vulnerability response capabilities