11. Approved devices incorporate acceptable protection of PSKs within thoseThe DIGISTOR SSDs used as the basis for Citadel C Series SSDs are already on both the NIAP Product Compliant List and the NSA’s CSfC Components List. For vendors utilizing a foreign CCTL, the Product will not be added to the Components List until the Common Criteria csfc_components@nsa. The products, or components, which are used in the Capability Packages and, ultimately, to build CSfC solutions, must be selected off the NSA CSfC Components List, and can be. Generally, certification requires compliance with one or more National Information Assurance Partnership (NIAP) protection profiles, compliance with the NSA CSfC capability package (CP), and registering the. and coalition partners. Detail the usage of these new components on the CSfC Components List within MA, CWLAN, and DAR CPs. Business Wire. 4. NSA’s CSfC Components List, and the International Common Criteria Certified Products List. Using virtualization and other such software separation technologies within CSfC. , NIAP validates COTS information technology products to. The document covers the design, configuration, and operation of CSFC key management components and services. CSfC CPs are an alternative to Type 1 solutions. The document explains how to securely connect multiple sites over public networks using NSA-approved products and configurations. Additional component will be added to the CSfC Components List to allow for this new change. 11 encryption deprecating WPA2 in this document Added Campus WLAN Tactical Appendix leveraging the CSfC process to build and test in accordance with the approved CP and selecting components from the CSfC Components List. S. Archon Secure LLC. Vendors who wish to have their products eligible as CSfC components of a composed, layered Information Assurance (IA) solution must build their products in accordance with the applicable NIAP-approved. 6. Commercial Solutions for Classified (CSfC) Palo Alto Networks PA-220, PA-800, PA-3000,PA-3200, PA-5200, PA-7000 and VM Series Next-Generation Firewall with PAN-OS 9. The inclusion into the approved CSfC Components List follows Common Criteria certifications from the National Information Assurance Partnership (NIAP) for the Cellcrypt Android Client and the. Capability Package and Annex (CP/Annex) Versioning Scheme Commercial component developers (i. 10. government protection profile. Commercial Solutions for Classified Program Newsletter. Compliance List (PCL) and closed with 81 completed product evaluations. Community » Churches. What is Commercial Solutions for Classified (CSfC)? The National Security Agency (NSA) Commercial Solutions for Classified (CSfC) Program enables commercial products to be used in layered solutions leveraging industry innovation in order to protect classified National Security Systems (NSS) data. ”considered for inclusion on the CSfC Components List. ”Title: Scanned DocumentEarly Registration Rate in effect: $290. These DIGISTOR drives are the only commercial SSDs to achieve this listing and the company's Citadel™ K. Defense-grade security. We have recently seen an increase in the number of clients who are asking about the National Security Agency’s (NSA) Commercial Solutions for Classified (CSfC) program and how to get on the CSfC Components List maintained by the NSA Information Assurance Directorate (IAD). ). S. JA18-025___S7_CROM_REDACTED_Redacted. S. Added wording (from the Mobile Access CP) at the end of Section 2 to address All parts listed in the Commercial Solutions for Classified (CSfC) Components List must first go through the NIAP certification process. For self-powered platforms such as UUVs, reducing the weight of electronics subsystems helps extend the duration and distance that missions. gov). S. Established by the National Security Agency and Central Security Service (NSA/CSS), CSfC enables commercial products to be used in layered solutions protecting classified National Security Systems (NSS) data. Archon’s GoSilent. CSfC Components List are not guaranteed to be interoperable with all other products on the CSfC Components List. CSfC Listed: CSfC components list. S. More specifically, NSA defines a Type 1 product as “cryptographic equipment, assembly or component classified or certified by NSA for encrypting and decrypting classified and sensitive national security information when appropriately keyed. The NIAP (National Information Assurance Partnership) defines Protection Profiles with certification requirements. Cellcrypt Achieves Approval for Use to Protect Classified US National Security Systems Data. Agencies can partner with an NSA-approved trusted integrator to modernize their classified networks utilizing NSA-published Capability Packages. Pairing a secure Cisco router and Cisco firewall, each leveraging diverse code bases, can satisfy the requirement for two layers of security. Component selections from the approved CSfC Components List. Open source components may be listed, provided they have a responsible sponsor, and an. Additional resources • CSfC Components List • NIAP product compliant listTo find a product that has met the right criteria, you can view the CSfC components list (to ensure that component parts are NIAP-approved) and check with a manufacturer directly to learn if the product you wish to obtain is an approved CSfC product . When a product is added to the list, it does not equate to NSA approval or endorsement of the product. g. This approach enables system integrators. CSfC Component List Curtiss-Wri ght Starts ere Y t ar e Purchase Certified COTS Product Figure 2: Shorten encryption development time with approved COTS solutions Net-Centric Architecture Modern unmanned vehicles, ISR aircraft, and mobile ground vehicles are built around a network-centric architecture. The following changes will be made to the overall CSfC program. See moreComponents List. It. It provides guidance on how to use the resources available, navigate the NSA and CSfC process, and what to expect from CSfC component vendors. Prequalification stage two: commercial lab testing, evaluation, validation. This process, along with inclusion on the CSfC Components List, allows organizations to be certain that the commercial parts they are using will provide enough security to safeguard the classified information. 1: PP_OS_V4. (csfc@nsa. SpyProof! makes protecting your data a snap even if you are only a casual computer user. Bivio is a developer of innovative, high-performance network security platforms for. provided the network device is on the CSfC components list to serve both functions. demonstrate equivalent functionality as noted above) as part of CSfC Components List product eligibility. TI T=O . 1 Updated Apache Tomcat to 8. Additionally, the CSfC Program defines “Capability Packages,” which provide guidance on solution architecture to meet a specific security need, such as a secure VPN to tunnel. The products, or components, used to build the CSfC solutions must be selected off the CSfC Components List. Posted Date 9/5/18 Size 34KB Federal Agency AFLCMC Hanscom AFB Source Federal Contract Opportunity AWACS Commercial Solutions for Classified Similar To Source Opportunity . This helps answer the question:NIAP End of Year Report – 2020 Common Criteria Evaluation and Validation Scheme 2020 Report Through the unprecedented times COVID-19 presented in 2020, NIAP continued to make a difference“CSfC protects classified data through multiple encryptions, firewalls and network layers to ensure point-to-point protection. c. gov. svr. CipherTrust Key Management integrates with industry-leading data at rest encryption solutions that are on the CSfC Components List. 1 Changes1. Building on the commercial success of Mercury’s TRRUST-Stor®JIW-13-2--23-April-2014--Final-Version--turfsurf3. If needed, functionality and/or configurations outside the scope of a CSfC IPsec VPN Gateway that conflict with theThe CSfC Components List consists of eligible COTS products identified by model/version numbers that have met appropriate Protection Profile requirements. Please provide comments on usability, applicability, and/or shortcomings to the CSfC Program ([email protected], EJBCA Enterprise version 7. , Certificate Revocation List (CRL) or Online Certificate Status Protocol (OSCP). MILPITAS, Calif. CSfC selections for FDE AA cPP evaluations: FCS_KYC_EXT. National Security Agency (NSA) cybersecurity strategy to quickly deliver secure solutions that leverage commercial technologies. Cellcrypt’s products are now eligible to be used within Commercial Solutions for Classified (CSfC) solutions for protecting classified US National Security Systems (NSS) data WASHINGTON–(BUSINESS WIRE)–Cellcrypt Inc. NIAP Certification alone does not guarantee inclusion on the CSfC Components List. As the industry’s first CSfC-validated enterprise-class storage solution, ONTAP enables you to protect at both the hardware and the software layer for rugged security. These components have been certified by NSA’s rigorous NIAP certification along with FIPS when applicable. You can even place your ‘My Documents’ and ‘Temp’ folders in a virtual SpyProof! disk for maximum security under Windows. S. Notes Note 1: The following selections apply to CSfC TLS protected server functionality. 2. S. 1. 22 at 1850. Once the PBA is on the NIAP Product Compliant List, it will be eligible to be listed on the NSA CSfC Components List. Guest Writer; Internal source ; Martech InsightsWhat assets, systems, entities, components, etc. NSA/CSS policy mandates CSfC as the first option to be considered to satisfy a CS requirement. For NSS where classified data is being protected at rest or in transit by commercial products, technologies from the CSfC Components List shall be used, in accordance with NSA's published CSfC Capability Packages. Click the banner below to learn about the benefits of hybrid cloud environments. Learn more To learn more about CSfC and why it is important to private and public sector organizations, watch this short video from Barry Lake Chief of NSA Cyber-Security. System integrators then apply to the NSA identifying the proposed product from the Component List and the application details. This document provides the implementation requirements for the Enterprise Gray Capability Package, which enables secure access to classified data from unclassified. 0. EJBCA Ente rprise is Common Criteria certified in compliance with the National Information Assurance Partnership (NIAP) approved Protection Profile for Certification Authorities VTOE components and trusted IT entities, identification and authentication of administrators, auditing of security-relevant events, ability to verify the source and integrity of updates to the TOE, the implementationThe National Security Agency (NSA) and CISA have released the cybersecurity information sheet Selecting and Hardening Standards-based Remote Access VPN Solutions to address the potential security risks associated with using Virtual Private Networks (VPNs). 757-366-4814. Product will not be added to the Components List until the NIAP evaluation is in process. CSfC Capability Packages. Cesarean Section for Fetal. 3 Trusted Thin Client Remote supports the CSfC Mobile Access Capability Package (MACP) in multiple configurations, including in combinationCommercial Solutions for Classified (CSfC) is an important part of NSA's commercial cybersecurity strategy to quickly deliver secure cybersecurity solutions that leverage commercial technologies and products. 1P7 NSA CSfC Component List; 9. An Administrative Position/lines may be optionally proposed in the Components List Spreadsheet. The Core consists of three parts: Functions, Categories, and Subcategories. See Table 1 in Annex. Vendors who wish to have their products eligible as CSfC components of a composed, layered. Commercial Solutions for Classified Program Newsletter. For more information about the CSfC program, established by the National Security Agency (NSA), refer to NSA's information at. CipherTrust Manager. DIGISTOR is listed in the Hardware Full Disk Encryption section on the CSfC Component List with the Common Criteria/NIAP validation report number CCEVS-VR-VID11297-2023 . CSfC Component List Curtiss-Wri ght Starts ere Y t ar e Purchase Certified COTS Product Figure 2: Shorten encryption development time with approved COTS solutions Net-Centric Architecture Modern unmanned vehicles, ISR aircraft, and mobile ground vehicles are built around a network-centric architecture. ([email protected] Whitepapers. Cumbria Sea Fisheries Committee (est. By implementing CSfC, U. 6. The updated TE File System Device Drivers (version 1. Notes Note 1: The following selections apply to CSfC TLS protected server functionality. Remote-access VPN servers allow off-site users to tunnel into. If your maintenance has lapsed, or if you are not seeing…NIAP End of Year Report – 2021 Common Criteria Evaluation and Validation Scheme 2021 Report In spite of the challenges that COVID-19 presented this year, NIAP continued to focus on the increase ofUnmanned. NIAP End of Year Report – 2020 Common Criteria Evaluation and Validation Scheme 2020 Report Through the unprecedented times COVID-19 presented in 2020, NIAP continued to make a differenceDIGISTOR ®, a leading provider of secure Data at Rest (DAR) storage solutions, announced that the National Security Administration (NSA) added its FIPS 140-2 L2 SSDs to the Commercial Solutions for Classified (CSfC) list. The products, or components, which are used in the Capability Packages and, ultimately, to build CSfC solutions, must be selected off the NSA CSfC Components List, and can be used to build a layered solution containing multiple components. CSfC Components List. e. 1,• Product Compliant List (PCL) • Product Inquiries • U. GameStop Moderna Pfizer Johnson & Johnson AstraZeneca Walgreens Best Buy Novavax SpaceX Tesla. Adder Technology Ltd. These are products which meet the allowed by the Mobile Access CP, provided the network device is on the CSfC components list to serve both functions. The Commercial Solutions for Classified Program is a key component of the U. CSfC Capability Packages and the CSfC Components List can be found by visiting the NSA CSfC Components List page. S. CSfC or commercial solutions for classified capability products are encrypted commercial tools that allow enterprises to connect to secure networks. What will you find in this guide? This guide is built to help individuals looking to build a Commercial Solutions for Classified (CSfC) approved solution. CipherTrust Manager is the central management point for the platform. VANCOUVER, Wash. • Product Compliant List (PCL) • Product Inquiries • U. and coalition partners. • Product Compliant List (PCL) • Product Inquiries • U. 0: DSC iTC 2020-09-16 Encrypted Storage: collaborative Protection Profile for Full Drive Encryption - Authorization Acquisition Version 2. It communicates the status, types. In the U. We are delighted to share some of our whitepapers with you! Simply click a whitepaper you’d like to view, complete the form, and the whitepaper will download. Customer Initiation -The first step in a solution registration is to review the associated CPs to determine which meets their needs. The products, or components, used to build CSfC solutions must be selected off the CSfC Components List. -- ( BUSINESS WIRE )-- SS8 Networks, a leader in Lawful Intercept and Monitoring Center platforms today announced. It provides guidance on. svr. 0. SOUTHCOM and AFRL have expanded their capabilities to ease communications with U. The CSfC Component List is growing and changing constantly, and building a. S. Business, Economics, and Finance. Responses_to_vendor_questions__Amend_0002. Radar/EWNIAP End of Year Report – 2021 Common Criteria Evaluation and Validation Scheme 2021 Report In spite of the challenges that COVID-19 presented this year, NIAP continued to focus on the increase ofOur NSA CSfC Components List approved DTS1 Network Attached Storage device recently received an upgrade to increase data throughput. • Product Compliant List (PCL) • Product Inquiries • U. Each CSfC solution infrastructure component must have access to revocation status of certificates (e. d a ta s h ee t w w w m rc y co m acquire acquireacquire 100101010 001101011 110101100 digitize acquireacquire 100101010 001101011 110101100 digitize 100101010 001101011…UPDATE 2023-06-02: SecretAgent and SecretAgent/TE have been updated. Whenever you log in to your Windows account and enter your passord, your SpyProof! disks will behave like normal drives. CSFC Systems Architect (SITEC) Titan Technologies Tampa, FL. For National Security Systems (NSS) where classified data is being protected at rest or in transit by commercial products, technologies from the Commercial Solutions for Classified (CSfC) Components List shall be used, in accordance with NSA's published CSfC Capability Packages. TheOrganizations can select from a variety of technologies listed on the NSA CSfC Components List to create integrated solutions that enable classified networking over radio infrastructure such as SATCOM, Wi-Fi, LTE and mesh network, enabling vehicles to communicate with each other, to communicate with upper echelons/HQ, and enabling. Often employing our ‘SOF Team’ and ‘Train the Trainer’ approaches, coupled with our Alignment, Synchronization, Integration and Separation (ASIS) Framework and Methodology, KMS works with NSA CSfC component list product developers, CSfC Solution customers, and often other CSfC TIs to develop new QR CSfC Solutions or. And visit: curtisswrightds. This process, along with inclusion on the CSfC Components List, allows organizations to be certain that the COTS parts they are using will provide enough. Most common CSFC abbreviation full forms updated in November 2023Civil Service Football Club (UK) CSFC. Includes access to CSfC Conference on Tuesday, May 7, breaks, lunches, receptions, exhibitor showcase, and all conference materials. Commercial Solutions for Classified (CSfC) Components list Commercial Solutions for Classified (CSfC) Trusted Integrator Current Operations and Execution (COEX) Defensive Cyber Operations Cyber Defense Research & Technology (CD R&T) Cyber Engineering Cyber Security Methods & AnalyticsCSfC approved components like the GoSilent Cube can open up your options to allow for connections over satellite or wireless networks. Archon Secure CSfC. & PLEASANTON, Calif. the CSfC mandated selections that will enable them to be listed on the CSfC Components List. 2 Reverted all changes in 7. For National Security Systems (NSS) where classified data is being protected at rest or in transit by commercial products, technologies from the Commercial Solutions for Classified (CSfC) Components List shall be used, in accordance with NSA's published CSfC Capability Packages. , vendors) who wish to have their products listed as CSfC approved components must build their products in accordance with the applicable U. government protection profile. Hardware Platform and Components: collaborative Protection Profile for Dedicated Security Component, Version 1. The current number of technology categories on the CSfC component list index Source: National Security Agency Central Security Service By tapping the extensive CSfC product list, the Fort Gordon team was able to significantly enhance the Army’s remote work capability in response to COVID-19. 16 While CSfC encourages industry innovation, trustworthiness of the components is paramount. To successfully implement a solution based on this CP, all Threshold Requirements, or the corresponding This Commercial Solutions for Classified (CSfC) Capability Package (CP) describes how to protect classified data (including Voice and Video) in Mobile Access Solutions transiting Wired Networks, Domestic Cellular Networks, and Wireless Networks to include Government Private Cellular Networks and Government Private Wi-Fi networks. Government Procurement • NIST Cryptographic Validation Programs • Committee on National Security Systems Policy (CNSSP) #11 • Common Criteria Testing Laboratory (CCTL) Requirements • Evaluation Assurance Levels (EALs) • International Common Criteria Recognition. The Organizations can select from a variety of technologies listed on the NSA CSfC Components List to create integrated solutions that enable classified networking over radio infrastructure such as SATCOM, Wi-Fi, LTE and mesh network, enabling vehicles to communicate with each other, to communicate with upper echelons/HQ, and enabling soldiers to. What is the CSfC component list? This list enables system integrators to identify products that are in evaluation or are already certified products that can be used. Bits & Bytes Volume I Issue III. Dec 9, 2022. 1. For self. To see the selectable requirements, go to the CSfC Components List and click on the links for IPSec VPN Gateways, IPSec VPN Clients, WLAN Clients, WLAN Access Systems, Certificate Authorities, MDM, SW FDE, Mobile Platforms, SIP Servers and VoIP Applications. The CSfC Components List, maintained by NSA, keeps a running list of all CSfC approved components across a variety of categories: It provides guidance on how to use the resources available, navigate the NSA and CSfC process, and what to expect from CSfC component vendors. S. To successfully implement a solution based on this CP, all Threshold Requirements, or the corresponding Objective Requirements applicable to the selected capabilities, must be implemented, as described inThis Commercial Solutions for Classified (CSfC) Capability Package (CP) describes how to protect classified data (including Voice and Video) in Mobile Access Solutions transiting Wired Networks, Domestic Cellular Networks, and Wireless Networks to include Government Private Cellular Networks and Government Private Wi-Fi networks. Title. None Listed. The next gen product is the DTS1+. The DIGISTOR SSDs used as the basis for Citadel C Series SSDs are already on both the NIAP Product Compliant List and the NSA’s CSfC Components List. CSfC Components List provide the necessary functionality for the selected capabilities. 1. Amendment 001. These compo-nents have been certified by NSA’s rigorous National. 3: NIAP 2022-09-27 Multi Function Device In deciding whether a particular product is appropriate for CSfC, NSA considers the totality of circumstances known to NSA, including the vendor's past willingness to fix vulnerabilities, supply chain, foreign ownership, control or influence, the proposed uses of the product under consideration and any. System integrators then apply to the NSA identifying the proposed product from the Component List and the application details. 1993; UK) CSFC. Commercial Solutions for Classified - How is Commercial Solutions for Classified abbreviated?. QuestionsResponseFormat. Customers and Integrators should perform interoperability testing to ensure the components selected for their MSC Solution are interoperable. 1. , are most critical to the provision of NCFs? 4. Agencies that use CSfC products will have “situational awareness about which components are used and where,” and there is documented incident handling procedures. Home; News; Intuition . Justification for other than full and open competition (OTFAOC) in support of DMCC Mobility ProgramHow to securely access classified information on mobile devices? This pdf document provides the latest guidance and best practices for implementing the Mobile Access Capability Package, a solution approved by the NSA's Commercial Solutions for Classified (CSfC) program. S. The NSA maintains the CSfC Components List. Section 2- Registration Submission - The customer provides a complete Solution. gov . Book Now. nsaand SecureIO Android components • SecureIO is NIAP-approved and listed on the NSA’s CSfC Components List SECUREIO VPN GATEWAY (SIOVG) FEATURES • Provides the anchor point for secure services • Allows Android connection termination in TCP, or TLS, or Websocket • Provides IP Forwarding Services for UDP, TCP, Multicast, and IGMPBoth solutions meet rigorous industry regulations, including NSA’s Commercial Solutions for Classified (CSfC) Components List, allowing active-duty and civilian military personnel to securely access classified information. By implementing CSfC, U. 1. The program is founded on the principle that properly configured, layered solutions can provide adequate protection of classified data in a variety of different applications. Commercial component developers (i. 309. Vendor/NSA: MOA developed. NSA provides a list of components to its customers to satisfy architectures and configuration information contained in its Capability Packages. The following is the version naming scheme for the Commercial Solutions for Classified (CSfC) Capability Packages (CPs) and CP Annexes. • Component selection from the approved CSfC Components List, ensuring components have satisfied specific requirements to include successful evaluation by a Common Criteria Testing Lab and compliance with the applicable public standards and protocols as specified in the PPs and CSfC CPsCSfC Components List. DIGISTOR is listed in the Hardware Full Disk Encryption section on the CSfC Component List with the Common Criteria/NIAP validation report number CCEVS-VR-VID11297-2023 . Notably: CSfC Customers now have a choice of CAs for increased diversity CSfC has its first Web Browser on the Components List See a summary of changes to the CSfC Component List continues on the following pages CSfC Components List will provide the necessary functionality for the selected capabilities. As part of the CSfC program, NSA offers several Capability Packages as a starting point for users to implement their own solu- tions. If needed, functionality and/or configurations outside the scope of a CSfC TLS protected server that conflict with the CSfC selections could be NIAP validated using a separate iteration of the Security Functional Requirement (SFR). CSfC security devices using PSKs are to be chosen from an approved list of devices defined by the CSfC Program Office. They reduce the cost of developing secure applications by applying readily available, commercially supported, conventional and public key technology. requirements for component configuration, solution testing, monitoring, and the use and administration of a CSfC solution. Approved COTS devices will be used for the client’s Campus A wireless local area network (WLAN) solution which, when properly configured, will achieve a level of assurance sufficient for protecting classified data while in transit. and corresponding configuration information leveraging the list of COTS products from the CSfC Components List. Description. . Vendors who wish to have their products eligible as CSfC components of a composed, layered. 509 and IETF PKIX, OCSP, TLS, and S/MIMEas a VPN client, and listed on the CSfC Components List. A Complete CSfC Layer All DIGISTOR FIPS SEDs—including Citadel K Series SEDs—are listed on the NSA CSfC Component List for hardware full drive encryption, which allows DoD, Federal agencies, and critical infrastructure to protect mission critical and classified data using commercial solutions. The C175N is a non-CCI variant of the TACLANE-Nano (KG-175N) - the smallest, lightest, most power efficient HAIPE certified and available today. 1. 0. BSI (Germany) BSI VS-NfD CERTIFICATION. Aruba, a Hewlett Packard Enterprise Company. Through PPs and the Technical• Product Compliant List (PCL) • Product Inquiries • U. JIW-13-2--23-April-2014--Final-Version--turfsurf3. HF, HS, HH EM, GA, LF, RM, UO T=O DAR-PS-8 The Operating System used must be approved by the General. National Security Systems (NSS). By leveraging commercial technology, CSfC enables agencies to “access mission data and aid decision-making in real time, inside the adversaries’ decision cycle,” the NSA argues. For vendors utilizing a foreign CCTL, the Product will not be added to the Components List until the Common Criteria [email protected]. government agencies and their customers to take advantage of affordable and readily available commercial off-the shelf (COTS) IT solutions that meet the NSA’s stringent security guidelines for the transmission of. To see the selectable requirements, go to the CSfC Components List and click on the links for IPSec VPN Gateways, IPSec VPN Clients, WLAN Clients, WLAN Access Systems, Certificate Authorities, MDM, SW FDE, Mobile Platforms, SIP Servers and VoIP Applications. Throughout this CP, requirements imposed on the Campus WLAN. In order for a product to be placed on this list the product must currently be undergoing evaluation in the United States with a NIAP-approved Common Criteria Testing Laboratory (CCTL) and have completed an Evaluation Kick off Meeting (or equivalent) whereby CCEVS management has officially accepted the product into evaluation. components and the latest Agile development processes to quickly deliver scalable solutions for the classified. Explore List. Request For Information DREN4, The Defense Research Engineering Network (DREN) to establish, provide, and maintain leading edge High Performance Computing (HPC) capability for scientists and engineers engaged in DoD science and technology missions. S. The Samsung Galaxy S23 Tactical Edition and Samsung Galaxy XCover 6 Pro Tactical Edition support dual. 9. CSfC Components List: List of products D/As can choose from for use in approved CSfC solutions. You can uplink using 1Gb small form-factor pluggable (SFP), 10Gb SFP+ or 40G QSFP interfaces. With commercial technology, CSfC is enabling the USG to access mission data and aid decision-making in real-time, inside the adversaries’ decision cycle. 2. gov). Cellcrypt’s products are now eligible to be used within Commercial Solutions for Classified ( CSfC) solutions for protecting classified. Charter School Facility Committee. CSfC solutions can be used to protect classified data in a variety of applications. CSfC Components List will provide the necessary functionality for the selected capabilities. e. The Commercial Solutions for Classified (CSfC) Program enables commercial products to be used in layered solutions protecting classified NSS data. Commercial Solutions for Classified Program Newsletter. CPs specify which components of the solution must01 May, 2017, 09:02 ET. PF GA, LF T=O DAR-PS-7 The products used for the HWFDE layer must be chosen from the list of HWFDEs on the CSfC Components List. with the Commercial Solutions for Classified (CSfC) program’s hardware full disk encryption (HWFDE) standards. Government Procurement • NIST Cryptographic Validation Programs • Committee on National Security Systems Policy (CNSSP) #11 • Common Criteria Testing Laboratory (CCTL) Requirements • Evaluation Assurance Levels (EALs) • International Common Criteria Recognition. This secured data is encrypted by NSA-approved. Government Procurement • NIST Cryptographic Validation Programs • Committee on National Security Systems Policy (CNSSP) #11 • Common Criteria Testing Laboratory (CCTL) Requirements • Evaluation Assurance Levels (EALs) • International Common Criteria Recognition. Component selection from the approved CSfC Components List, ensuring components have satisfied specific requirements to include successful evaluation by a Common Criteria Testing Lab and compliance with the applicable public standards and protocols as specified in the PPs and CSfC CPspublishing the products on CSfC Components List after the vendor agrees to the terms in the MOA. Using virtualization and other such software separation technologies within CSfC. To date, Cisco is the only supplier with data-in-motion products on the CSfC-approved components list that can be used to implement both the first and second layer of encryption to satisfy CSfC requirements. gov . Vendor/NSA: MOA developed. CSfC solutions can be used to protect classified data in a variety of applications. NIAP remained supportive of the Protection Profiles (PPs) methodology and found significant value in collaboratively applying resources to develop sound PPs as opposed to analyzing the product after the fact. Customers and/or solution integrators will draw products from the published list of eligible CSfC components to create composed solutions for a particular operational capability. CSfC selections for ASPP evaluations: FCS_RBG_EXT. Fortinet® (NASDAQ:FTNT), the global leader in high-performance cybersecurity solutions, today announced that its FortiGate Enterprise Firewall has been added to the Commercial Solutions for Classified Programs (CSfC) approved Components List. This guide will help you learn about: Hardware Platform and Components: Protection Profile for General Purpose Computing Platform, Version 1. The CSfC component list enables system integrators to identify products that are in evaluation, or are already certified, that can be used in a data protection solution. ” considered for inclusion on the CSfC Components List. gov). You may attach additional supporting documents (white paper, product specification, etc. technologies that are deemed eligible as CSfC components of a composed, layered IA solution. should document a specific CSfC TLS Protected Server configuration in the product’s Administrative Guide with a note that the configuration should be considered the NIAP-certified evaluated configuration for CSfC TLS Protected Server Use Cases. Government Procurement • NIST Cryptographic Validation Programs • Committee on National Security Systems Policy (CNSSP) #11 • Common Criteria Testing Laboratory (CCTL) Requirements • Evaluation Assurance Levels (EALs) • International Common Criteria Recognition. Additional components will be added to the CSfC Components List to allow 66 for this new change. This approach enables system integrators. Acronis SCS. CSfC Approved Solution for Remote Access . ONTAP. Building on the commercial success of Mercury’s TRRUST-Stor®The Commercial Solutions for Classified (CSfC) program was established in order to enable U. • Product Compliant List (PCL) • Product Inquiries • U. Government Procurement • NIST Cryptographic Validation Programs • Committee on National Security Systems Policy (CNSSP) #11 • Common Criteria Testing Laboratory (CCTL) Requirements • Evaluation Assurance Levels (EALs) • International Common Criteria Recognition. Oceus has had a. Through PPs and the Technicalwith the Commercial Solutions for Classified (CSfC) program’s hardware full disk encryption (HWFDE) standards. Through PPs and the TechnicalElaborit delivers CSfC solutions to the Department of Defense, Law Enforcement, U. Use of the DODIN APL allows DOD Components to purchase and operate systems over all DOD network infrastructures. 8 May 2021 Move to WPA3 standard for 802. Additional resources • CSfC Components List • NIAP product compliant list To find a product that has met the right criteria, you can view the CSfC components list (to ensure that component parts are NIAP-approved) and check with a manufacturer directly to learn if the product you wish to obtain is an approved CSfC product . CSfC canisters represent key technology areas used in commercial solutions (i. 5. QuestionsResponseFormat. CSfC is an NSA strategy to provide cybersecurity solutions by taking advantage of commercially available industry solutions. JIW-13-2--23-April-2014--Final-VersionPartner Level: Platinum Plan (Includes two (2) years of updates and product support), Gold Plan (Includes one (1) year of updates and product support), Silver Plan (includes 30 days of updates and support), Bronze Plan (no updates or support)The G1's dual-layer certified Data at Rest (DAR) encryption is certified by NIAP and listed on the NSA Commercial Solutions for Classified (CSfC) Components List. Commercial Solutions for Classified Program Components List. , the pioneer & market leader in securing government mobile communications, today announced that the Cellcrypt Android Mobile Client v4 is eligible. CSfC canisters represent key technology areas used in commercial solutions (i. 0 is eligible to be used as a Stateful Packet Filter Firewall component in a CSfC solution. NIAP provided an overview. Partnership (NIAP) approved and listed on the Commercial Solutions for Classified (CSfC) Components List. Note that the additional requirement for a multi-use Outer Encryption Component within the MA, MSC, and WLAN CPs drastically reduces the. VIA with Suite B is enabled with the ArubaOS ACR module and supported on Windows, Mac OS, Linux, Apple iOS, and Android. SS8 Networks announced it has entered into an agreement in which SS8 will acquire the assets of Bivio Networks. Removed Threat section—in a separate document available on the CSfC webpage. Throughout this document, requirements imposed on the. This list was generated on Wednesday, 2023. Detail the usage of these new components on the CSfC Components List within MA, CWLAN, and DAR CPs. S. NSA CSfC review and approval are the next steps. We specialize in bringing together CSfC components in accordance with the CSfC CPs to ensure secure and proper solution functionality. Building on the commercial success of Mercury’s TRRUST-Stor®with the Commercial Solutions for Classified (CSfC) program’s hardware full disk encryption (HWFDE) standards. Product will not be added to the Components List until the NIAP evaluation is in process. Rate it: CSFC. Government Procurement • NIST Cryptographic Validation Programs • Committee on National Security Systems Policy (CNSSP) #11 • Common Criteria Testing Laboratory (CCTL) Requirements • Evaluation Assurance Levels (EALs) • International Common Criteria Recognition. Government Procurement • NIST Cryptographic Validation Programs • Committee on National Security Systems Policy (CNSSP) #11 • Common Criteria Testing Laboratory (CCTL) Requirements • Evaluation Assurance Levels (EALs) • International Common Criteria Recognition. DIGISTOR is listed in the Hardware Full Disk Encryption section on the CSfC Component List with the Common Criteria/NIAP validation report number CCEVS-VR-VID11297-2023 . 1. Government Agencies, Coalition Partners and System Integrators. National Security Agency (NSA) cybersecurity strategy to quickly deliver secure solutions that leverage commercial technologies. The list ensures components have satisfied specific requirements and evaluation by a Common Criteria. demonstrate equivalent functionality as noted above) as part of CSfC Components List product eligibility. The CSfC Component List continues to grow, both in volume and in breadth. The National Security Agency (NSA) provides guidelines for multi-site connectivity using Commercial Solutions for Classified (CSfC) components in this capability package. The DTS1 has also been certified through Common Criteria and NATO as well. the CSfC Components List. 1 18 February 2022 . This process, along with inclusion on the CSfC Components List, allows organizations to be certain that the commercial parts they are using will provide enough security to safeguard the classified information. S. An official website of the United States government Here's how you know Official websites use . The Key Management Requirements Annex provides guidance on how to implement commercial solutions for classified (CSFC) key management systems that meet NSA standards. 5. The use of data encryption solutions approved for placement on the CSfC Components List enables system developers to significantly speed their application development and deployment. Archived Product List Certified Products on CC Portal Products by Vendor Vendor Filter: A10 Networks, Inc. The EDITH module of the EUD encapsulates the data. S. Validated products can be found on NIAP’s CCEVS. , vendors) who wish to have their products listed as CSfC approved components must build their products in accordance with the applicable. 2. 5. g. After completion of the CC evaluation, and any required CSfC testing (as required by MOA), the status will change to indicate completion of NIAP. docx - FA8730_AWACS_CSfC. Starting with the initial draft version 0. Once you have defined your goals and selected the proper capability package to use in building your architecture, it's time to find the components you need to execute. To see the selectable requirements, go to the CSfC Components List and click on the links for IPSec VPN Gateways, IPSec VPN Clients, WLAN Clients, WLAN Access Systems, Certificate Authorities, MDM, SW FDE, Mobile Platforms, SIP Servers and VoIP Applications. The document covers the design, configuration, and operation of CSFC key management components and services. Final thoughts If you are looking to retrofit, or build an entirely new solution, for military communications, exploring CSfC solutions may open up a world of new possibilities you haven’t considered in the past. Deploying a WIDS/WIPS within a CSfC solution requires that the WIDS/WIPS be selected from the CSfC Components List and must be configured to use the National Information Assurance Partnership (NIAP) -.