Cisco believes in the value of, and is committed to, the government product certification process. My name is Gene Keeling, Director, Global Certification Team (GCT). Cisco is a leader in government product certifications. In April alone, Cisco received 10 government product certifications, specifically:
• Three FIPS 140-2 certificates for the Integrated Services Routers – Generation 2.
• Cisco’s Unified Communications Manager 8.0.2 was added to the US Department of Defense (DoD) Unified Capabilities (UC) Approved Products List (APL) as a PBX1. This follows the previous UC APL listing of the product as a Local Session Controller (LSC).
• The Cisco 7206 VXR router was added to the DoD UC APL as a Customer Edge Router (CER).
• The Cisco ISR 3845 router was added to the DoD UC APL as an Edge Boundary Controller (EBC).
• Two FIPS 140-2 certificates and a Common Criteria certificate for the Nexus 7000 data center switch.
• MeetingPlace Express 2.1 was added to the DoD UC APL as a Customer Premise Equipment (CPE).
More information about Cisco’s GCT can be found at www.cisco.com/go/govcerts
Tags: Common Criteria, DoD UC APL, FIPS 140-2, Government Certifications, USGv6
Yes, the question is “Are you really secure?” Now that I’ve asked a loaded question, let me get to the point.
The term “secure” sure has a lot of different meanings depending on the context in which it is used. If we take it from a corporate security perspective, your options are somewhat limited to physical security, as in video surveillance or physical access, or logical security, as in your laptop or data access. But, when you ask a security professional if they are secure, they will most certainly take that in the context of what they can control, and will most likely answer “yes”.
Well, what about the things you cannot control? You can control which products you buy to provide security, you control how they are installed and configured, and you control the processes and procedures that identify how they are managed and updated. But, can you control how they are manufactured?
Read More »
Tags: cloud security, cyber security, cybercrime, data center, information security, network security, privacy, RSA, secure information, secure-id, security, virtualization
There is a new Whitepaper out on the Next-Generation Cryptography called “Suite B” for Government that will enable a new level of secure communications and collaboration.
The Suite B set of cryptographic algorithms has become the preferred global standard for ensuring the security and integrity of information shared over non-trusted networks. This white paper, intended for public sector IT professionals, explains that:
- Suite B combines four well established public domain cryptographic algorithms
- The Internet Engineering TaskForce (IETF) has established open standards for commercial products using Suite B, helping organizations adopt it with confidence
- Cisco has introduced an IPsec-based implementation of Suite B cryptography in its VPN products
There is a nice quote from David McGrew – Cisco Fellow
“Open and freely implementable cryptography standards are indispensable to global information security. By not asserting patent rights with the Galois/Counter Mode of operation, Cisco has taken an active role in helping Suite B standards remain open.”
For an understanding of Suite B, you may download the Whitepaper here.
Tags: Cisco, cryptography, security, suite b
Many people wonder what it takes to be PCI compliant. More importantly, people want to know the difference between PCI, FISMA, DIACAP and STIG. With so much alphabet soup, one has to wonder what it all means, and what is the best way to navigate these waters.
I’m not here to provide you with all the answers, but I can certainly help you to understand where PCI fits into the picture.
Read More »
Tags: compliance, cyber crime, government, pci, privacy, security
I recently reviewed a presentation by McKinsey around urban informatics and how it helps cities improve planning and management, as well as engage and empower citizens. The premise of the work was to determine what progress is being made in the deployment and usage of urban informatics by cities around the world. There were some very interesting findings.
The Queensland University of Technology defines urban informatics as
…the study, design, and practice of urban experiences across different urban contexts that are created by new opportunities of real-time, ubiquitous technology and the augmentation that mediates the physical and digital layers of people networks and urban infrastructures. Read More »