Tippingpoint gets security nod

Tippingpoint Technologies Inc. recently earned a security stamp of approval that could make the company's intrusion prevention appliances more attractive to government agencies.

After completing rigorous testing last month, the company's UnityOne high-speed intrusion prevention systems became the first products in this category to earn the highly-regarded Common Criteria security certification, according to TippingPoint officials.

Intrusion prevention systems, an emerging class of security products, block cyberattacks in real-time rather than merely notifying information technology administrators about attacks and recommending actions to take.

Common Criteria certification is a worldwide, standardized testing and approval process for security products, recognized by 16 countries, including the United States. To achieve certification, UnityOne products went through security testing at an accredited lab and were validated by officials from the National Security Agency and Aerospace Corp., according to Gary Swenson, program manager at Tippingpoint.

The certification is "significant because [companies] can't sell [security products] to the U.S. government without Common Criteria designation," said Diann Carpenter, technical director for Common Criteria at Cable & Wireless' testing lab, which performed the UnityOne tests. Cable & Wireless is one of eight labs designated to perform testing in the United States.

The UnityOne systems received Evaluation Assurance Level Two (EAL2) certification. Officials said the company will work to achieve higher levels of certification such as EAL 4 in the future.

The company's UnityOne product line also became the first to obtain certification in all four Protection Profiles — analyzer, sensor, scanner and system — validated by the National Institute of Standards and Technology.

Other intrusion prevention vendors will also make moves to get the Common Criteria stamp of approval, said Eric Ogren, a senior analyst with The Yankee Group, an IT consulting firm. "Tippingpoint is leading the parade," he said.

But it is not an inexpensive process. Becoming certified cost the company a "six-figure" sum, said James Cahill, vice-president of homeland security solutions for Tippingpoint. However, Common Criteria "is a standard with teeth," he said. Companies have to make the investment if they want to undergo the variety of testing.

Featured

  • Cybersecurity
    Shutterstock photo id 669226093 By Gorodenkoff

    The disinformation game

    The federal government is poised to bring new tools and strategies to bear in the fight against foreign-backed online disinformation campaigns, but how and when they choose to act could have ramifications on the U.S. political ecosystem.

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.