###

Corsec would like to congratulate our partner, Hewlett Packard, Inc., on completing the Federal Information Processing Standard Publication 140-3 (FIPS 140-3) validation process on their HP Poly Cryptographic Module. Completion of the FIPS 140-3 validation process provides reassurance and confirmation to users of the protection of sensitive information within their environment.

To achieve this benchmark, HP partnered with Corsec, completing the validation at a Level 1 as seen in certificate #5011. For more information on the validation and to find additional details on the module’s security policy, visit NIST’s validated modules site.

To learn more about engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.

About FIPS 140

FIPS 140-2 / FIPS 140-3 are a joint effort by the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment Canada (CSEC), under the Canadian government. The Cryptographic Module Validation Program (CMVP), headed by NIST, provides module and algorithm testing for FIPS 140, which applies to Federal agencies using validated cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency.

FIPS 140 is mandated by law in the U.S. and very strictly enforced in Canada. FIPS 140 has gained worldwide recognition as an important benchmark for third party validations of encryption products of all kinds. A FIPS 140 validation of a product provides end users with a high degree of product security, assurance, and dependability.

The HP Poly Cryptographic Module is an open-source, general-purpose cryptographic library which provides approved cryptographic algorithms to serve BoringSSL and other user-space applications. The module is intended for use in a variety of environments and any general-purpose environment that requires cryptographic primitives.

###

###

Corsec would like to congratulate our partner, Infinidat, Ltd., on completing the Federal Information Processing Standard Publication 140-3 (FIPS 140-3) validation process on their Infinidat Cryptographic Module. Completion of the FIPS 140-3 validation process provides reassurance and confirmation to users of the protection of sensitive information within their environment.

To achieve this benchmark, Infinidat partnered with Corsec, completing the validation at a Level 1 as seen in certificate #5245. For more information on the validation and to find additional details on the module’s security policy, visit NIST’s validated modules site.

To learn more about engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.

About FIPS 140

FIPS 140-2 / FIPS 140-3 are a joint effort by the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment Canada (CSEC), under the Canadian government. The Cryptographic Module Validation Program (CMVP), headed by NIST, provides module and algorithm testing for FIPS 140, which applies to Federal agencies using validated cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency.

FIPS 140 is mandated by law in the U.S. and very strictly enforced in Canada. FIPS 140 has gained worldwide recognition as an important benchmark for third party validations of encryption products of all kinds. A FIPS 140 validation of a product provides end users with a high degree of product security, assurance, and dependability.

The Infinidat Cryptographic Module is a set of cryptographic libraries that implement TLS, symmetric key generation and encryption/decryption, and SED authentication key derivation for the InfuzeOS™, which is the core component of the InfiniBox and InfiniBox SSA appliances.

The Infinidat Cryptographic Module comes preinstalled on each InfiniBox node.

###

Corsec would like to congratulate our partner, Ericsson Enterprise Wireless, on completing the Federal Information Processing Standard Publication 140-3 (FIPS 140-3) validation process on their Ericsson Cryptographic Module v3. Completion of the FIPS 140-3 validation process provides reassurance and confirmation to users of the protection of sensitive information within their environment.

To achieve this benchmark, Ericsson Enterprise Wireless partnered with Corsec, completing the validation at a Level 1 as seen in certificate #5228. For more information on the validation and to find additional details on the module’s security policy, visit NIST’s validated modules site.

To learn more about engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.

About FIPS 140

FIPS 140-2 / FIPS 140-3 are a joint effort by the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment Canada (CSEC), under the Canadian government. The Cryptographic Module Validation Program (CMVP), headed by NIST, provides module and algorithm testing for FIPS 140, which applies to Federal agencies using validated cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency.

FIPS 140 is mandated by law in the U.S. and very strictly enforced in Canada. FIPS 140 has gained worldwide recognition as an important benchmark for third party validations of encryption products of all kinds. A FIPS 140 validation of a product provides end users with a high degree of product security, assurance, and dependability.

Cradlepoint is now the Enterprise Wireless Solutions division of Ericsson. Their solutions enable organizations to innovate, operate, and grow anywhere — without constraints.

The Ericsson Cryptographic Module v3 is a cryptographic software library, intended for use by U.S. and Canadian Federal agencies and other markets that require FIPS 140-3 validated cryptographic functionality.

###

Corsec would like to congratulate our partner, OPSWAT, Inc., on completing the Federal Information Processing Standard Publication 140-3 (FIPS 140-3) validation process on their OPSWAT Cryptographic Module. Completion of the FIPS 140-3 validation process provides reassurance and confirmation to users of the protection of sensitive information within their environment.

To achieve this benchmark, OPSWAT partnered with Corsec, completing the validation at a Level 1 as seen in certificate #5225. For more information on the validation and to find additional details on the module’s security policy, visit NIST’s validated modules site.

To learn more about engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.

About FIPS 140

FIPS 140-2 / FIPS 140-3 are a joint effort by the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment Canada (CSEC), under the Canadian government. The Cryptographic Module Validation Program (CMVP), headed by NIST, provides module and algorithm testing for FIPS 140, which applies to Federal agencies using validated cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency.

FIPS 140 is mandated by law in the U.S. and very strictly enforced in Canada. FIPS 140 has gained worldwide recognition as an important benchmark for third party validations of encryption products of all kinds. A FIPS 140 validation of a product provides end users with a high degree of product security, assurance, and dependability.

OPSWAT protects critical infrastructure. Their goal is to eliminate malware and zero-day attacks. They believe that every file and every device pose a threat. Threats must be addressed at all locations at all times—at entry, at exit, and at rest. Their products focus on threat prevention and process creation for secure data transfer and safe device access. The result is productive systems that minimize risk of compromise.

The OPSWAT Cryptographic Module is a cryptographic software library, intended for use by U.S. and Canadian Federal agencies and other markets that require FIPS 140-3 validated cryptographic functionality.

###

###

###

###

Corsec would like to congratulate our partner Guntermann & Drunck GmbH (G&D) on completing the Common Criteria certification process for their G&D KVM-over-IP matrix system with: ControlCenter-IP series with firmware 1.7, ControlCenter-IP-XS series with firmware 1.1, RemoteAccess-IP series with firmware 1.3, Vision-IP series with firmware 2.4, Vision XS-IP series with firmware 1.5. G&D and Corsec worked together to complete this custom security target EAL2+ Common Criteria evaluation under the Italian Scheme.

For more information on the evaluation and to find additional details on their Security Target (ST), visit the Common Criteria Certified Products List.

Need help meeting Federal and regulated industry security requirements? Schedule time to speak to a Corsec engineer.

About Common Criteria

Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory.

The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 36 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU.

The U.S. government mandates Common Criteria certification of security products for federal purchases. The National Information Assurance Acquisition Policy, NSTISSP No. 11, requires agencies to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.

G&D’s KVM-over-IP matrix system enables the remote control of computers via an IP network. It is ideal for complex IT infrastructures and provides efficient management and access to multiple systems from a central point. The system consists of:

• At least one ControlCenter-IP(-XS) matrix switch
• Multiple VisionXS-IP series console and computer modules
• Multiple Vision-IP series console and computer modules
• Multiple RemoteAccess-IP series computer modules

Empowering control rooms across the globe, G&D works alongside VuWall and TRITEC as part of the Panoptec Technologies Group to deliver fully integrated, end-to-end solutions. Their interoperable systems simplify complex environments, ensure critical operations run smoothly, and enable operators to focus on what matters most.

For more information, visit the G&D website here.

For more than 28 years, Corsec has assisted companies through the IT security certification process for FIPS 140-2 / FIPS 140-3, Common Criteria (CC), CSfC, and the DoD (STIGs, DoDIN APL, UC APL). We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

###