Caymas Systems Access Gateways First to Achieve Stringent FIPS 140-2 Level 2 Government Validation; Certificates 567 and 568 Issued for Groundbreaking Products.SAN JOSE, Calif. -- Caymas Systems, the leader in Identity-Driven Access Gateways, today announced the Caymas 318 and Caymas 525 Identity-Driven Access Gateways have achieved Federal Information Processing Standard Federal Information Processing Standards (FIPS) are publicly announced standards developed by the United States Federal government for use by all non-military government agencies and by government contractors. (FIPS (Federal Information Processing Standards) A series of publications issed by the U.S. National Institute of Standards and Technology (NIST) that specifies information security guidelines for federal government departments and agencies. ) 140-2 Level 2 validation--a requirement for security devices deployed in U.S. and Canadian government networks. The Caymas 318 and Caymas 525 are the first and only Access Gateways with integrated clientless SSL (Secure Sockets Layer) The leading security protocol on the Internet. Developed by Netscape, SSL is widely used to do two things: to validate the identity of a Web site and to create an encrypted connection for sending credit card and other personal data. VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. functionality to successfully complete the FIPS 140-2 validation. Caymas was awarded NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. CMVP CMVP Cryptographic Module Validation Program (NIST/CSE) CMVP Certified Measurement and Verification Professional Validation certificate numbers 567 and 568 for the Caymas 318 and the Caymas 525 Identity-Driven Access Gateways, respectively. Identity-Driven Access Gateways provide access control and network security based on a comprehensive set of criteria including the identities of users, devices, locations and client configurations. Caymas gateways are commonly deployed at the perimeter for SSL VPN remote access and business partner extranets, on the LAN (Local Area Network) A communications network that serves users within a confined geographical area. The "clients" are the user's workstations typically running Windows, although Mac and Linux clients are also used. for network admission control and internal guest/contractor access, and in the data center for regulatory compliance, reduced and single sign on, and the PKI (Public Key Infrastructure) A framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of enablement of applications. "The United States and Canada have set high standards for security and reliability for Federal networks," said Joe Howard, Director of Federal for Caymas Systems. "We're proud to be the first product in our category to achieve this validation, and we expect it to help us build on the considerable success we've had in government markets." The FIPS 140-2 standard is a joint effort by the National Institute of Standards and Technology National Institute of Standards and Technology, governmental agency within the U.S. Dept. of Commerce with the mission of "working with industry to develop and apply technology, measurements, and standards" in the national interest. (NIST) in the United States, and the Communications Security Establishment Noun 1. Communications Security Establishment - Canadian agency that gathers communications intelligence and assist law enforcement and security agencies CSE international intelligence agency - an intelligence agency outside the United States (CSE (Certified Systems Engineer) See Microsoft certification. ), under the Canadian government. FIPS 140-2 is also currently being reviewed by ISO (1) See ISO speed. (2) (International Organization for Standardization, Geneva, Switzerland, www.iso.ch) An organization that sets international standards, founded in 1946. The U.S. member body is ANSI. to become an international standard. The standard provides third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency. The FIPS standard is mandated by law in the U.S., and is also very strictly enforced in Canada. With other recent homeland security initiatives becoming the focal point for companies everywhere, FIPS 140-2 is gaining worldwide recognition as an important bench mark for third party validation of encryption products of all kinds. FIPS 140-2 validation of Caymas platforms provides entities with a high level of integrated assurance, security, and dependability. Caymas Systems partnered with Corsec Security, Inc., a consulting firm with more than eight years of validation experience, in order to facilitate the review and completion of the FIPS 140-2 validation process. "Caymas's clientless SSL VPN functionality combined with full FIPS 140-2 validation of the cryptography and security engineering in their appliance is leading the industry," said John Morris, president and co-founder of Corsec Security. "This is an important milestone for companies seeking to do business with Federal agencies, and Corsec is proud to have aided Caymas in their validation efforts." FIPS validation extends the market for the most powerful and secure access gateways in the industry. The Caymas 318 and the Caymas 525 Identity-Driven Access Gateways are purpose built, hardware accelerated access gateways and the only solutions that support hundreds to thousands of internal and remote users, devices and resources on a single platform. Caymas uses its unique, patent pending Identity Tagging Architecture to tie all access control and security decisions to the identity of users, devices and resources. Government regulations create strict security and privacy mandates for many businesses, all of which require identity-based monitoring for audits and compliance. Caymas gateways provide both SSL VPN and IPSec VPN functionality, perform network level admission control (including integrated endpoint integrity checking) and application level access control with complete identity-based monitoring of both users and resources. Full application level security is integrated specifically for authorized users and across encrypted sessions. About Caymas Systems Caymas Systems allows organizations to control access and control their business with the world's first Identity-Driven Access Gateways. Caymas offers the only access gateways that leverage the Identities of users, devices and resources to connect the right user to the right resource every time, dramatically improving enterprise access control and security. Caymas delivers the only ASIC-based appliances that harness the power of Identity to provide a universal access solution--a single platform for network admission and application access control, and for both remote and internal users, with centralized access policy. For more information visit www.caymas.com. |
|
Printer friendly
Cite/link
Email
Feedback
Reader Opinion