|
|
| Curtiss-Wright Controls VPX3-685 Secure Router Undergoes Common Criteria Evaluation/Certification |
ASHBURN, VA – May 7, 2012 – Curtiss-Wright Controls Defense Solutions (CWCDS), a business unit of Curtiss-Wright Controls, has announced that the industry leading rugged embedded VPX3-685 Secure Ethernet Router has been accepted for Common Criteria certification under the Communications Security Establishment Canada’s (CSEC) Common Criteria Evaluation and Certification Scheme (CCS). With much of the evaluation already underway, Curtiss-Wright expects to complete the EAL2+ (Evaluation Assurance Level 2) certification in the next three to four months.
“We are excited and proud to have reached this notable milestone in our goal to meet the commercial and financial world’s stringent Common Criteria certification process, bringing the highest level of product security to the embedded COTS defense and aerospace market with our VPX3-685 Secure Ethernet Router,” said Lynn Bamford, senior vice president and general manager of Curtiss Wright Controls Defense Solutions. “This compact, rugged 3U VPX card delivers a very high level of performance and delivers the robust network communications and security demanded by the most sensitive military and government applications”.
Common Criteria establishes Protection Profiles that describe which types of Information Assurance (IA) protections are applicable to different product types. Curtiss-Wright has adopted the Network Device Protection Profile (NDPP) as a network Switch and Router, and will augment this profile with the additional security functionality of an embedded Firewall (FW) and a Network Intrusion Detection System (IDS).
The VPX3-685 is also currently undergoing a FIPS 140-2 government security evaluation process to validate the cryptographic functionality of the product against strict standards. The combination of both FIPS 140-2 and Common Criteria evaluations makes the VPX3-685 a top choice in the rugged embedded market.
About the VPX3-685 Secure Ethernet Router
The VPX3-685 is now listed as a Product in Evaluation on the CSE website: www.cse-cst.gc.ca. The VPX3-685 is a rugged OpenVPX™-compliant 3U VPX module that can be configured with up to 20 gigabit Ethernet interfaces. It also provides up to two (2) 10Gb/s Ethernet ports to support switch-to-switch expansion, dual-redundant networks (fail-over), or for architecting high-performance 10Gb/s network backbones. This compact open standards-based board is incorporates the functionality of a switch, router, firewall, VPN/IPSec encryption device, and an IDS system into a single optimized package. The VPX3-685 is designed and highly optimized for use in environments where Size, Weight and Power/Price/Performance (SWaP3) are of concern, such as land vehicles or airborne systems.
The VPX3-685 simplifies the integration of secure gigabit switching and routing into embedded systems designed for harsh environment applications. Targeting highly secure IPv4/v6 Intra-Platform Networks (IPNs), the VPX3-685 is designed to prevent unauthorized access to critical information. It can be used to secure a data storage network, protect critical data across wireless or wide-area networks, or to protect mission critical applications from hostile attacks in the forms of viruses, IP Spoofing, Denial of Service (DoS), and Trojan Horses. Working with network security industry leaders CWCDS designed the VPX3-685 to incorporate a hardware-accelerated SNORT® engine, the de-facto industry standard for Intrusion Detection and Protection. To optimize the board’s performance, CWCDS provides regular IDS signature updates to counter the latest security threats. The VPX3-685 provides unmatched perimeter defense for critical data at the edge of the network.
VPX3-685 Performance Features:
Comprising a single card Unified Threat Management (UTM) system, the VPX3-685’s advanced security and network features include:
• Support for VLANs and VPN (IPSec/PPTP/L2TP) to protect dedicated networks
• A statefull packet inspection firewall to protect against multiple evasive attacks
• Network Address Translation (NAT) routing for IPv4 masquerading
• Port and protocol-based Access Control Lists (ACL) to prevent unauthorized access
• Broadcast Storm Control to protect against network disruption due to packet flooding
• IPv6 with IPSec tunneling for secure communications channels
• Advanced standards based cryptographic functions (encryption, decryption, and authentication)
• Intrusion Detection and Prevention System (IDS/IPS) protects against malicious attacks
The VPX3-685 Secure Router is the newest addition to CWCDS’ broad family of board and stand-alone switch/router products, including the 683 and 684 series VPX FireBlades, the 680 and 682 series of VME FireBlades, the 3U CompactPCI 681 and the SwitchBox line of fully integrated switch/router subsystems. These networking products complement CWCDS’ extensive range of Single Board Computers, Digital Signal Processors, Graphics and Communications and I/O products.
About Common Criteria
In order to facilitate the rigorous Common Criteria certification process, CWCDS has partnered with Corsec Security, Inc., a leading independent consulting firm with more than fourteen years of security validation experience. “The VPX3-685 Secure Ethernet Router continues to surpass rugged router expectations by pursuing the stringent Common Criteria evaluation process,” said Matthew Appler, CEO, Corsec Security. “Curtiss Wright Controls’ dedication to security standards is clearly exemplified by their diligence throughout this certification effort.”
Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact which was designed to allow Common Criteria evaluations to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 26 countries involved in the CCRA, including the United States and Canadian governments, with others that follow unofficially such as the EU.
Common Criteria certification of security products is mandated by the U.S. government for federal purchases. The National Information Assurance Acquisition Policy, NSTISSP No. 11, requires agencies to purchase only those commercial security products which have met specified third-party assurance requirements and have been tested by an accredited national laboratory.
FIPS Evaluation
Last year, CWCDS announced that VPX3-685 Secure Router is currently undergoing a stringent Federal Information Processing Standard (FIPS) 140-2 Level 2 cryptographic validation at National Institute of Standards and Technology (NIST) under the Cryptographic Module Validation Program (CMVP). For more information on the VPX3-685 validation please visit csrc.nist.gov/groups/STM/cmvp.
Federal agencies, Department of Defense (DoD), industry, and the public rely on cryptography for the protection of information and communications used in electronic commerce, critical infrastructure, and other application areas. Cryptographic modules such as the VPX3-685 process data using sophisticated, secure cryptographic algorithms that provide systems with security services to protect data confidentiality, integrity, and authentication.
Sales & Editorial Contacts
For additional information on CWCDS and its products, please visit: www.curtisswrightds.com.
For editorial information regarding Curtiss-Wright Controls Defense Solutions products or services, contact John Wranovics, public relations director, Curtiss-Wright Controls, Tel: (925) 640-6402; email. [email protected].
Sales inquiries: Please forward all Sales and reader service inquiries to Jerri-Lynne Charbonneau, Curtiss-Wright Controls Defense Solutions, Tel: (613) 254-5112; Fax: (613) 599-7777; e-mail: [email protected].
About Corsec Security, Inc.
Corsec Security, Inc. specializes in helping companies navigate through the complex process of receiving FIPS 140-2 and Common Criteria (CC) certifications. Corsec’s consulting, document creation, and project management services deliver unmatched expertise in achieving government validation efforts at a firm, fixed price. Corsec partners with companies around the world to achieve local and international certification and to add security functionality to a wide range of products. Corsec minimizes the time, effort and money a vendor needs to invest in validation while ultimately maximizing the return on that investment. For further information, please visit www.corsec.com.
About Curtiss-Wright Controls Defense Solutions
Curtiss-Wright Controls Defense Solutions (CWCDS) is a long established technology leader in the development of rugged electronic modules and systems for defense applications. CWCDS serves as a technology and integration partner to its customers, providing a full range of advanced, highly engineered solutions from modular open systems approaches to fully custom optimized solutions. Our unmatched capabilities and product breadth span from industry standard based COTS modules to complete electronic subsystems. The company’s modules and systems are currently deployed in a wide range of demanding defense & aerospace applications including C4ISR systems, unmanned subsystems, mission computing, fire control, turret stabilization, and recording & storage solutions. Additionally, the company’s broad engineering capabilities combine systems, software, electrical, and mechanical design expertise with comprehensive program management and a broad range of life-cycle support services. For more information visit www.curtisswrightds.com.
About Curtiss-Wright Controls, Inc.
Headquartered in Charlotte, NC, Curtiss-Wright Controls is the Motion Control segment of Curtiss-Wright Corporation. With manufacturing facilities around the world, Curtiss-Wright Controls is a leading technology-based organization providing niche motion control products, subsystems and services internationally for the aerospace and defense markets. For more information, visit www.cwcontrols.com.