NIAP Certification And Common Criteria For IT Security Products
The National Information Assurance Partnership (NIAP) was originally created as a partnership between the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA). It is now operated by the NSA and is a U.S. government initiative aimed at meeting the security testing needs of both IT consumers and providers.
NIAP serves as the Common Criteria Evaluation and Validation Scheme (CCEVS) validation body. It this capacity, NIAP is responsible for implementation of the Common Criteria (CC) within the United States and ensuring that IT companies adhere to these strict international standards. NIAP takes a collaborative approach to evaluating and testing IT technology by employing international representatives from related industries, governmental agencies, consumers and academic experts to create international standards for IT products and solutions. NIAP evaluates products against the rigorous international Common Criteria using accredited third-party laboratories.
NIAP certification is important to government agencies, enterprise customers and individual consumers alike, as it means that a manufacturer’s claims for security features and capabilities have been evaluated and confirmed by a neutral third party.
Protect Private Data With NIAP-Certified Technology
The Common Criteria is a set of guidelines and specifications for information security products that were established to ensure the products meet the strong security standards designated for consumers, enterprises and government agencies. Silent Circle’s GoSilent Client and GoSilent Server are currently under review with NIAP for four Common Criteria Protection Profiles.
- Generic Network Device – Client Firmware updates including OS, VPN, captive portal bypass and web management interface. Security feed updates, rules and signatures, updates for Advanced Threat Protection, Intrusion Prevention System, L7 Application firewall and edge intelligence. SIEM integration to Splunk Forwarder, Elasticsearch Filebeat, etc.
- Firewall – Stateful firewall with traffic matching active connection initiated by a user can pass. Layer 7 Application Firewall.
- VPN Gateway – IPSec IKEv1 with pre-shared keys and Suite B Top Secret (TS) level cryptography. User obfuscation and captive portal protection.
- IDS/IPS (intrusion prevention system) – Inspect all traffic for a wide range of threats, supports SNORT signatures/syntax.
Permit Data Access To Qualified Users With Captive Portal Bypass
When a user selects and connects to a WiFi network, the GoSilent Client detects the existence of a captive portal on that WiFi network and automatically redirects the user to the GoSilent captive portal bypass webpage. The Captive Portal bypass webpage displays screenshots from an isolated browser in which the user can authenticate with the Captive Portal. In this way, qualified users are able to access captive portals without the risk of malware, tracking cookies and advertising.
Third Party Evaluation And Validation