Corsec would like to congratulate our partner Rubrik, Inc. on completing the Common Criteria certification process for their Rubrik Security Cloud – Private (SC-P) v2.3 product.  Rubrik and Corsec worked together to complete this custom security target EAL2+ Common Criteria evaluation under the Australian Scheme.

For more information on the evaluation and to find additional details on their Security Target (ST), visit the Common Criteria Certified Products List.

Need help meeting Federal and regulated industry security requirements? Schedule time to speak to a Corsec engineer.

About Common Criteria

Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 31 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU. The U.S. government mandates Common Criteria certification of security products for federal purchases. The National Information Assurance Acquisition Policy, NSTISSP No. 11, requires agencies to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.

The Rubrik Security Cloud – Private (RSC-P) permits administration and management of multiple Rubrik clusters through a single web UI. A Rubrik cluster is a collection of objects that includes sources from where data is getting backed up, targets where backups are stored, and security principals, the users and service accounts, that manages the cluster.

Rubrik Security Cloud – Private (RSC-P) provides a global management view of the daily operations of the connected Rubrik clusters. RSC-P apps monitor the protection and compliance status of Rubrik clusters. Generate reports and charts using current and historical data about the health, protection and compliance status of all of the objects that the Rubrik clusters protect.

For more information on Rubrik, visit their website.

For more than 26 years, Corsec has assisted companies through the IT security certification process for FIPS 140-2 / FIPS 140-3, Common Criteria (CC), CSfC, and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

###

###

###

Corsec would like to congratulate our partner, Hughes Network Systems, LLC, on completing the Federal Information Processing Standard Publication 140-2 (FIPS 140-2) validation process on their HT Satellite Terminal (HT2010) and HT Satellite Terminals (HT2300, HT2500, HT2550, HT2650Z).

To achieve this milestone, Hughes partnered with Corsec, completing two validations, one at a Level 1 as seen in certificate #4580 and the other at a Level 2, as seen in certificate #4581. For more information on the validation and to find additional details on the module’s security policy, visit NIST’s validated modules site.

For more information on engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.

About FIPS 140

FIPS 140-2 / FIPS 140-3 are a joint effort by the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment Canada (CSEC), under the Canadian government. The Cryptographic Module Validation Program (CMVP), headed by NIST, provides module and algorithm testing for FIPS 140, which applies to Federal agencies using validated cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency.

FIPS 140 is mandated by law in the U.S. and very strictly enforced in Canada. FIPS 140 has gained worldwide recognition as an important benchmark for third party validations of encryption products of all kinds. A FIPS 140 validation of a product provides end users with a high degree of product security, assurance, and dependability.

Hughes is a global leader in broadband satellite technology and managed network services for home and office. Hughes’ broadband satellite systems enable operators and enterprises to deliver a comprehensive range of services including broadband Internet access, cellular backhaul, communications on the move, and VoIP telephony.

The Hughes’ Jupiter System is a broadband satellite system designed to support high-throughput satellite communications and offers a range of operations for optimized traffic capacity, terminal performance, gateway (GW) design, and network management. It consists of satellite terminals, single rack or multi rack Jupiter GWs (facilities used to host the equipment providing uplink and downlink connectivity to the satellite), and the capabilities to manage these devices over the network. The Hughes Terminals is the indoor unit (IU), which connects the client workstation to the outdoor unit (ODU) over an inter-facility link (IFL). For more information on Hughes and their Terminal products, visit their website here.

For two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2 / FIPS 140-3, Common Criteria (CC), CSfC, and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

###

###

Corsec would like to congratulate our partner, Hughes Network Systems, LLC, on completing the Federal Information Processing Standard Publication 140-2 (FIPS 140-2) validation process on their Networks IPsec IP Gateway Server.

To achieve this milestone, Hughes partnered with Corsec, completing a Level 1 validation as seen in certificate #4448. For more information on the validation and to find additional details on the module’s security policy, visit NIST’s validated modules site.

For more information on engineering your product to meet Federal and regulated industry security requirements, schedule time to speak to a Corsec engineer.

About FIPS 140

FIPS 140-2 / FIPS 140-3 are a joint effort by the National Institute of Standards and Technology (NIST) in the United States and the Communications Security Establishment Canada (CSEC), under the Canadian government. The Cryptographic Module Validation Program (CMVP), headed by NIST, provides module and algorithm testing for FIPS 140, which applies to Federal agencies using validated cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency.

FIPS 140 is mandated by law in the U.S. and very strictly enforced in Canada. FIPS 140 has gained worldwide recognition as an important benchmark for third party validations of encryption products of all kinds. A FIPS 140 validation of a product provides end users with a high degree of product security, assurance, and dependability.

Hughes is a global leader in broadband satellite technology and managed network services for home and office. Hughes’ broadband satellite systems enable operators and enterprises to deliver a comprehensive range of services including broadband Internet access, cellular backhaul, communications on the move, and VoIP telephony.

The Hughes JUPITER™ System is a broadband satellite system designed to support high-throughput satellite communications and offers a range of operations for optimized traffic capacity, terminal performance, Gateway (GW) design, and network management. It consists of VSAT satellite terminals, single rack or multi rack JUPITER GWs (facilities used to host the equipment providing uplink and downlink connectivity to the satellite), and the capabilities to manage these devices over the network. The IPsec IPGW is a JUPITER GW component that can reside either on the JUPITER GW or outside the JUPITER GW in a customer data center. It is used to provide Internet access for associated terminals, perform IP acceleration and routing of packets between terminals and the Internet, and encrypt user traffic between itself and HT Satellite Router terminals via IPsec tunnels.

For two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2 / FIPS 140-3, Common Criteria (CC), CSfC, and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

###

Corsec would like to congratulate our partner Qumulo, Inc. on completing the Common Criteria certification process for their Qumulo Core v5.1.1 solution.  Qumlo and Corsec worked together to complete this custom security target EAL2+ Common Criteria evaluation under the Italian Scheme.

For more information on the evaluation and to find additional details on their Security Target (ST), visit the Common Criteria Certified Products List.

Need help meeting Federal and regulated industry security requirements? Schedule time to speak to a Corsec engineer.

About Common Criteria

Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 31 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU. The U.S. government mandates Common Criteria certification of security products for federal purchases. The National Information Assurance Acquisition Policy, NSTISSP No. 11, requires agencies to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.

Qumulo Core is a file data platform that is highly scalable to store files of all sizes. Qumulo Core is run with multiple nodes to provide data redundancy and system resiliency along with file backup and recovery. It uses real-time analytics to provide instant visibility into data and users. Qumulo software assigns aggregation of real-time metadata to all data as they are ingested, giving users real-time insight into their system without performance degradation or long file system scans. The hybrid cloud file storage provides a single namespace, exposed across protocols, that provides a vast number of users centralized access to files whether the data is on-prem, multi-site, or in the cloud.

For more information on Qumulo, visit their website.

For two decades Corsec has assisted companies through the IT security certification process for FIPS 140-2 / FIPS 140-3, Common Criteria (CC), CSfC, and the DoD’s APL. We are a privately owned company focused on partnering with organizations worldwide to assist with the process of security certifications and validations. Our certification methodology helps open doors to new markets and increase revenue for clients with products ranging from mobile phones to satellites. Our broad knowledge safeguards against common pitfalls and thwarts delays, translating to a swift and seamless path to certification. Corsec has created the benchmark for providing business leaders with fast, flexible access to industry knowledge on security certifications and validations.

###

###

###

###