The Global Certification Team is proud to collaborate with our colleagues across the globe. Today we have a guest post by Mark Jackson <firstname.lastname@example.org>, Technical Solutions Architect, Cisco UK. Mark will be sharing about the recent PEPAS certification of the Cisco ISR G2 and ASR1000.
The Public Services Network (PSN) is at the heart of the UK Government ICT Strategy and aims to deliver significant cost savings against the current £16.5bn annual ICT spend whilst at the same time providing the foundation to enable the government to transform the way in which it delivers services to the citizen. Maintaining security within the PSN is critical to its success and as such, CESG and the Cabinet Office have laid down a range of technical and information assurance standards against which vendors must comply.
In the UK Government, classified information is protectively marked based on the resulting impact to business should the information be compromised. Often shortened to IL (Impact Level), there are seven levels ranging from IL0 to IL6 where IL6 has the highest impact. The discipline of information assurance (IA) is used to provide confidence that systems systems handling protectively marked information do so in a robust fashion. Effective IA is widely seen as providing an important role in reducing the Nation’s vulnerabilities to cyber attack (Nation Cyber Security Strategy) and takes on a wide range of forms across the domains of technology, people and process. In the technology domain, the use of assured products is a key element in providing confidence that classified information will remain protected in accordance with its IL marking.
Within the context of the PSN, the baseline infrastructure will be assured to protect IL2 information passing in the clear; IL2 is used by many government departments and local authorities. The PSN will also be used extensively to transport IL3 information, more often seen in central government departments and law enforcement. In the PSN, protecting IL3 information requires the use of CESG assured cryptography and historically this has meant CAPS Baseline assured devices. CAPS devices are often criticised for their high cost and complexity of management, requiring customers to deploy two physical devices per site; a situation that is clearly not ideal when the primary goal of the PSN is to reduce cost. The CESG PEPAS assurance scheme was developed specifically to address the information assurance requirements of for using commercial-grade cryptography to deliver large-scale secure network overlay solutions for IL3 information within the PSN.
Cisco are pleased to announce that their ISR G2 and ASR 1000 Series routers have successfully completed and passed CESG PEPAS evaluation and can be used to support the secure transportation of IL3 information in the PSN. This announcement provides our customers and partners with the confidence to deploy Cisco IPsec VPN technology to protect IL3 information, whilst at the same time taking advantage of the wide range of capabilities offered by the ISR G2 and ASR 1000 series platforms. The Cisco ISR G2 and ASR 1000 series deliver an all-in-one solution combining WAN and IPsec VPN termination, whilst at the same time being able to deliver non-encrypted IL2 transport and additional services such as firewalling, application optimisation and voice.