ASHBURN, Va. – May 5, 2014 – Curtiss-Wright Corporation (NYSE: CW) today announced that its Defense Solutions division has successfully completed both FIPS-140-2 and Common Criteria security certifications for its industry leading 3U OpenVPX™ VPX3-685 Secure Network Router (SNR) module, and that the module is now available for use by customers for Information Assurance (IA) applications in the defense and aerospace industry. With these new certifications the VPX3-685 SNR is the first COTS module to deliver industry standard security validation at the same robust level commonly found in data center equipment racks and at a fraction of the size and power previously available for rugged deployed defense and aerospace systems. Curtiss-Wright has also confirmed that the VPX3-685 SNR is unaffected by the recently identified “Heartbleed” security flaw.
“Information Assurance (IA) continues to grow in significance as a critical factor in defense systems worldwide,” said Lynn Bamford, Senior Vice President & General Manager, Defense Solutions division. “We are very pleased to be able to announce that the recent FIPS-140-2 and Common Criteria security certifications of our VPX3-685 Secure Network Router enable our customers to quickly and easily deploy robust data-center level security in small mobile tactical environments".
To expedite the FIPS 140-2 and Common Criteria certifications, Curtiss-Wright partnered with Corsec Security Inc., a consulting firm with over 15 years of validation experience.
“We are excited to have worked with Curtiss-Wright in their pursuit of Common Criteria and FIPS 140-2 validations,” said Matthew Appler, CEO and co-founder, Corsec Security, Inc. “Curtiss-Wright has shown a tremendous commitment to the defense industry by pursuing and achieving these important security certifications.”
The VPX3-685 SNR is Curtiss-Wright’s most advanced 3U VPX rugged switch and router specifically designed to address the increasing need for secure network communications. While the defense industry is increasingly embracing small form factor 3U embedded systems to reduce Size, Weight and Power (SWaP), there is growing awareness of the need to address cyber security concerns. The VPX3-685 SNR uniquely provides a fully-featured Gigabit Ethernet (GbE) Switch and Router with a highly integrated on-board security subsystem in a small, lightweight 3U form factor.
The FIPS standard, mandated by law for cryptographic applications in the U.S. and very strictly enforced in Canada, has achieved worldwide recognition as an important benchmark for third-party validations of cryptographic products of all kinds. The recent FIPS 140-2 validation of the VPX3-685 SNR provides the defense industry with the ability to deploy tactical systems with a high degree of data security, IA assurance, and rugged dependability.
The FIPS 140-2 standard is a joint effort by the National Institute of Standards and Technology (NIST) in the United States, and the Communications Security Establishment Canada (CSEC), under the Canadian government. The Cryptographic Module Validation Program (CMVP), headed by this joint body, provides module and algorithm testing for FIPS 140-2. The standard applies to Federal agencies using cryptographic modules to protect sensitive government data in computer and telecommunication systems. FIPS 140-2 provides third-party assurance of cryptographic modules that have been validated against a set of functional requirements for a product that may be purchased by a government agency.
The VPX3-685 SNR FIPS certification documents can be found at: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2014.htm
NIAP Common Criteria
Common Criteria is an international set of standards (ISO/IEC 15408) that provides a common framework for evaluating security features, capabilities, and product lifecycle processes of Information Technology (IT) security products. Through the Common Criteria Recognition Agreement (CCRA), the evaluations are recognized by 26 participating countries, including the United States, all EU countries, Canada, Australia, Japan and Korea.
The VPX3-685 SNR Common Criteria certification documents can be found at: http://www.commoncriteriaportal.org/products/
About the VPX3-685 Secure Network Router
The VPX3-685 SNR is a rugged OpenVPX®-compliant 3U VPX card. It can be configured with up to 20 GbE interfaces. It also provides up to two (2) 10GbE ports to support switch-to-switch expansion, dual-redundant networks (fail-over), or for architecting high performance 10Gbps network backbones.
The VPX3-685 SNR speeds and simplifies the integration of secure GbE switching and routing into embedded systems designed for harsh environment applications. Targeting highly secure IPv4/v6 Intra-Platform Networks (IPNs), the VPX3-685 is designed to prevent unauthorized access to critical information. It can be used to secure a data storage network, protect critical assets on the network grid, or protect mission critical applications from hostile attacks in the forms of viruses, IP Spoofing, Denial of Service (DoS), and Trojan Horses. The VPX3-685 provides unmatched perimeter defense for critical data at the edge of the network.
For more information on the VPX3-685, please click here.
About Corsec Security, Inc.
Corsec Security, Inc. specializes in helping companies navigate through the complex process of achieving FIPS 140-2, Common Criteria (CC), and UC APL certifications. Corsec delivers unmatched expertise in the areas of security consulting, document creation, and project management, which can be leveraged to streamline the validation process. Corsec partners with companies around the world to achieve U.S. and international certification on a wide range of products. Corsec minimizes the time, effort and money a vendor needs to invest in validation, and performs its services at a firm, fixed price, ultimately maximizing the return on that investment. For further information, please visit www.corsec.com.
Sales inquiries: Please forward all Sales and reader service inquiries to Kavita Williams, Curtiss-Wright Defense Solutions, Tel: (661) 705-1142; Fax: (661) 705-1206; email: [email protected].
For more information about Curtiss-Wright’s Defense Solutions division, please visit www.cwcdefense.com.
About Curtiss-Wright Corporation
Curtiss-Wright Corporation (NYSE:CW) is a global innovative company that delivers highly engineered, critical function products and services to the commercial, industrial, defense and energy markets. Building on the heritage of Glenn Curtiss and the Wright brothers, Curtiss-Wright has a long tradition of providing reliable solutions through trusted customer relationships. The company employs approximately 10,000 people worldwide. For more information, visit www.curtisswright.com.