ICSA Labs Announces Results of IPSec Certification Program.

Business Editors/High-Tech Writers

HERNDON, Va.--(BUSINESS WIRE)--May 12, 2004

Fifteen IPSec Products are the First to Pass ICSA See TruSecure. Labs'

Exhaustive 1.0D Testing Criteria

ICSA Labs(R), a division of TruSecure(R) Corporation, announced today that fifteen products have met the requirements to attain certification in the new ICSA Labs IPSec 1.0D product testing program. The 1.0D criteria builds upon the previous 1.0B testing process, but goes further in requiring that products demonstrate and adhere to adhere to
verb 1. follow, keep, maintain, respect, observe, be true, fulfil, obey, heed, keep to, abide by, be loyal, mind, be constant, be faithful

2. standardized logging and stricter interoperability behavior. This multi-vendor interoperability-testing milestone enables customers to know that the ICSA Labs-certified products they buy are interoperable across vendor product lines and provide confidentiality, data integrity and authentication.

The fifteen IPSec products are manufactured by Draytek, Enterasys (Nasdaq: ETS ETS Educational Testing Service (nonprofit private educational testing and measurement organization)
ETS Emergency Telecommunications Service
ETS Electronic Trading System
ETS Engineering (&) Technical Services ), Netscreen Technologies Inc. (Nasdaq: NSCN NSCN National Socialist Council of Nagalim
NSCN Norwegian Society for the Conservation of Nature
NSCN Navy Satellite Control Network ), Novell (Nasdaq: NOVL NOVL Novell, Inc. (stock abbreviation, AMEX) ) and Secure Computing For the general concept, see .

Secure Computing Corporation, or SCC, is a public company (NASDAQ: SCUR) that develops and sells computer security products, such as:

Firewalls including Sidewinder, SnapGear and CyberGuard TSP

Corporation (Nasdaq: SCUR).

"DrayTek is very happy that the Vigor3300 multi-service security router series has been certified by ICSA Labs in the IPSec 1.0D Product testing program," said Arthur Cheng, president of DrayTek. "Obtaining ICSA certification proves the outstanding talent of our R&D teams and demonstrates to our customers that we strive to provide them with the best possible security products."

ICSA Labs' 1.0D criteria testing is the culmination of lessons learned from testing thousands of IPSec products over the past six years. These tests are broken into three main categories:

-- Functional Tests--determine that the product performs in

accordance with published technology standards, most notably

those of the Internet Engineering Task Force (c/o Corporation for National Research Initiatives (CNRI), Reston, VA, www.ietf.org) Founded in 1986, the IETF is a non-membership, open, voluntary standards organization dedicated to identifying problems and opportunities in IP data networks and proposing technical solutions to the (IETF See Internet Engineering Task Force.

IETF - Internet Engineering Task Force ).

-- Cryptographic Tests--determine if the VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. products correctly

implement and set up encrypted secure tunnels for data

transfer.

-- Interoperability Tests--exercise the product's ability to work

in conjunction with other ICSA Labs Certified Products within

multiple environments and configurations. To attain

certification, a product must demonstrate interoperability

with a minimum of ten other products.

"Interoperability is a key issue for customers, but there are so many claims made in this industry that it's hard to sort fact from fiction," said Ed Reed For other persons of the same name, see Edward Reed.
Edward Earl Reed, Jr. (born September 11, 1978 in St. Rose, Louisiana) is an American football player who currently plays free safety for the Baltimore Ravens of the NFL. , Novell Security Tzar. "IPSec certification through a trusted third party In cryptography, a trusted third party (TTP) is an entity which facilitates interactions between two parties who both trust the third party; they use this trust to secure their own interactions. TTPs are common in cryptographic protocols, for example, a certificate authority (CA). like ICSA Labs provides customers with the confidence that they can deploy certified products and have them work together. Novell fully supports the delivery of open standards Specifications for hardware and software that are developed by a standards organization or a consortium involved in supporting a standard. Available to the public for developing compliant products, open standards imply "open systems;" that an existing component in a system can be replaced and interoperability so that companies can choose the solutions that work best for their unique challenges."

ICSA Labs' rigorous testing process allows a customer to know that the IPSec 1.0D Certified products:

-- Interoperate with other version 1.0D products;

-- Meet a baseline set of industry-recognized requirements for

Internet Key Exchange Internet key exchange (IKE) is the protocol used to set up a security association (SA) in the IPsec protocol suite. Overview
IKE is defined in RFC 2407, RFC 2408 and RFC 2409. IKEv2 is defined in RFC 4306. (IKE version 1) and IPSec protocols that

deliver entity authentication, data integrity and

confidentiality;

-- Meet the added stringent requirements of the ICSA Labs

Cryptography Certification Criteria.

1.0D Certified IPSec VPN product peer authentication is accomplished via pre-shared secrets (passwords or phrases). For those products that also support X.509 Digital Certificate authentication, subsequent testing is available in the ICSA Labs 1.1D IPSec Testing Program.

"ICSA Labs is pleased with the number of successful candidates in this latest round of IPSec product security testing Security Testing: (The) Process to determine that an IS (Information System) protects data and maintains functionality as intended.

The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorisation, ," said George Japak, vice president of ICSA Labs. "What makes ICSA Labs unique is that these products are under a continuous state of rigorous testing even after achieving certification. Our goal is to work with vendors to provide end users with the highest level of assurance for functionality and security they can rely upon when selecting their VPN solution."

Support of strong 3DES encryption and SHA-1 authentication algorithms is required to pass 1.0D Certification testing. This revision of the testing criteria was also the first to test the AES Encryption Algorithm A formula used to turn ordinary data, or "plaintext," into a secret code known as "ciphertext." Each algorithm uses a string of bits known as a "key" to perform the calculations. The larger the key (the more bits), the greater the number of potential patterns can be created, thus making in products where it was supported. The products must also demonstrate proper support for ESP-NULL, mismatched SA lifetimes, IP fragmentation Breaking an IP datagram (packet) into pieces in order to be sent across a transmission link with a frame size smaller than the datagram. Performed in a router, the header of the original IP packet is replicated with minor changes to each of the fragments. handling, replay protection and Perfect Forward Secrecy In an authenticated key-agreement protocol that uses public key cryptography, perfect forward secrecy (or PFS) is the property that disclosure of the long-term secret keying material that is used to derive an agreed ephemeral key does not compromise the secrecy of agreed . All ICSA Labs 1.0D certified products are currently available for purchase by the general user community.

"Even with the advent of the renewed interest in the scalability of IPSec VPNs that accept digital certificates, there will be an industry demand and need for VPN products that employ pre-shared-secrets for the foreseeable future," said Mark Zimmerman, IPSec/Cryptography technical program manager at ICSA Labs. "The 1.0D IPSec Testing program that tests IKE Version 1 and pre-shared-secret authentication will parallel other testing programs now being created as a result of IKE Version 2 (IKEv2) and related draft documents entering the standards bodies' 'last call' or final review process."

About ICSA Labs

ICSA Labs, a division of TruSecure Corporation, offers vendor-agnostic testing and certification of security products. Hundreds of the world's top security vendors submit their products for testing and certification at ICSA Labs. The end-users of security technologies rely on ICSA Labs to authoritatively set and apply objective testing and certification criteria for measuring product compliance and reliability. The organization tests products in key technology categories such as anti-virus, firewall, IPSec VPN, cryptography, intrusion detection, PC firewall, content security, SSL-VPN and Wireless LAN. For more information about ICSA Labs, please visit: http://www.icsalabs.com.

About TruSecure Corporation

TruSecure is the leading provider of intelligent risk management, products, and services. TruSecure dramatically improves security and reduces risk by helping organizations make better security decisions and maximizing the effectiveness of existing security people, processes, and products. Leveraging TruSecure's vast security knowledge and intelligence-gathering resources -- including ICSA Labs(R), the global leader in information security product certification -- as well as innovative technology and time-tested processes, our customers can predict which vulnerabilities present real risk, prioritize remediation efforts, quickly adapt to changes in the security threatscape, measure progress in improving their security posture, and document compliance with applicable security policies, standards and regulations.

Headquartered in Herndon, VA, TruSecure Corporation has offices in North and Central America, Europe, and the Asia-Pacific region. Our customer-proven solutions are used by more than 700 organizations worldwide.

TruSecure, ICSA, and ICSA Labs are registered trademarks of TruSecure Corporation. All other trademarks and service marks mentioned herein are property of their respective owners.

COPYRIGHT 2004 Business Wire
No portion of this article can be reproduced without the express written permission from the copyright holder.

Reader Opinion

Article Details
Printer friendly Cite/link Email Feedback
Publication:	Business Wire
Geographic Code:	1USA
Date:	May 12, 2004
Words:	989
Previous Article:	DocuTech Names New Chief Technology Officer; Software Technology Veteran, Kirk Reese, Joins Compliance Services and Documentation Technology Provider.
Next Article:	Xicor Announces Precision 2.5V FGA Voltage References; New X60008-25 Family Features +/-0.5mV Accuracy, 3 ppm/degrees C Temp-Co and 500nA ISUPPLY.
Topics:	Computer software industry Software industry

Related Articles
VPNet VSU Series of VPN Gateways Awarded IPSec Certification From ICSA Labs.
ICSA Labs Announces First Certification to Use Digital Certificates for Interoperable IPSec Products; Four Products Pass Interoperability Testing...
REPEAT/ ICSA Labs Announces First Certification to Use Digital Certificates for Interoperable IPSec Products; Four Products Pass Interoperability...
Secure Computing Sidewinder G2 Firewall Recognized for VPN Technical Excellence with Highest ICSA Labs' IPSec Certification Available.
ICSA Labs Announces 3rd Quarter 2003 Product Certifications; Twenty-Five Products Pass ICSA Labs' Rigorous Testing Criteria.
ICSA Labs Release Configuration and Troubleshooting VPN Interoperability Guidelines.
ICSA Labs Announces 1st Quarter 2004 Product Certifications; Thirty Products Pass ICSA Labs' Rigorous Testing Criteria.
F5 Networks' FirePass Controller achieves independent certification from ICSA Labs.
ICSA Labs Announces 2nd Quarter 2004 Product Certifications; Thirty-One Products Pass ICSA Labs' Rigorous Testing Criteria.
ICSA Labs Announces 3Rd Quarter 2004 Product Certifications; Seven Vendors Pass ICSA Labs' Rigorous Testing Criteria.