Tippingpoint gets security nod

Tippingpoint Technologies Inc. recently earned a security stamp of approval that could make the company's intrusion prevention appliances more attractive to government agencies.

After completing rigorous testing last month, the company's UnityOne high-speed intrusion prevention systems became the first products in this category to earn the highly-regarded Common Criteria security certification, according to TippingPoint officials.

Intrusion prevention systems, an emerging class of security products, block cyberattacks in real-time rather than merely notifying information technology administrators about attacks and recommending actions to take.

Common Criteria certification is a worldwide, standardized testing and approval process for security products, recognized by 16 countries, including the United States. To achieve certification, UnityOne products went through security testing at an accredited lab and were validated by officials from the National Security Agency and Aerospace Corp., according to Gary Swenson, program manager at Tippingpoint.

The certification is "significant because [companies] can't sell [security products] to the U.S. government without Common Criteria designation," said Diann Carpenter, technical director for Common Criteria at Cable & Wireless' testing lab, which performed the UnityOne tests. Cable & Wireless is one of eight labs designated to perform testing in the United States.

The UnityOne systems received Evaluation Assurance Level Two (EAL2) certification. Officials said the company will work to achieve higher levels of certification such as EAL 4 in the future.

The company's UnityOne product line also became the first to obtain certification in all four Protection Profiles — analyzer, sensor, scanner and system — validated by the National Institute of Standards and Technology.

Other intrusion prevention vendors will also make moves to get the Common Criteria stamp of approval, said Eric Ogren, a senior analyst with The Yankee Group, an IT consulting firm. "Tippingpoint is leading the parade," he said.

But it is not an inexpensive process. Becoming certified cost the company a "six-figure" sum, said James Cahill, vice-president of homeland security solutions for Tippingpoint. However, Common Criteria "is a standard with teeth," he said. Companies have to make the investment if they want to undergo the variety of testing.

Featured

  • Defense
    Soldiers from the Old Guard test the second iteration of the Integrated Visual Augmentation System (IVAS) capability set during an exercise at Fort Belvoir, VA in Fall 2019. Photo by Courtney Bacon

    IVAS and the future of defense acquisition

    The Army’s Integrated Visual Augmentation System has been in the works for years, but the potentially multibillion deal could mark a paradigm shift in how the Defense Department buys and leverages technology.

  • Cybersecurity
    Deputy Secretary of Homeland Security Alejandro Mayorkas  (U.S. Coast Guard photo by Petty Officer 3rd Class Lora Ratliff)

    Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce

    The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.

Stay Connected