Solution Registration

Attention CSfC Customers: Solution Registrations will be processed only after all required forms, to include network diagrams, are submitted and validated.

Questions? Email the CSfC team at

To assist their clients, NSA has developed Capability Packages (CPs) that contain information needed to satisfy operational requirements. They are published on the unclassified NSA website as well as on SIPRNet and JWICS. The first step in any client's solution registration is to review these to determine if there is an existing CP that meets their needs.

For information or assistance in determining whether an approved CP satisfies their requirements, a Government client may engage NSA through their designated NSA client advocate. The NSA Client Contact Center can be reached via

Although not mandatory, CSfC strongly encourages working with a Trusted Integrator while designing, building and testing a CSfC-compliant solution based upon one or more of the published CPs. Users of a CP are responsible for obtaining certification and accreditation of its implementation under their organization's established accreditation and approval processes.

Capability Package Solution Registration Process

  1. Involve the CSfC PMO early in the process
    • Before finalizing their design customers are strongly encouraged to email to advise NSA of their plan to register a solution.
    • Obtain a Solution Registration Identification Number from the CSfC PMO.
    • Prior to submitting the AO-signed versions, coordinate the completed registration package (to include the Registration Form, the CP-specific Compliance Checklists and the network diagrams) with the CSfC PMO. This will allow CSfC engineers to review, advise, assist and potentially make recommendations to smooth the formal registration process.
  2. Using CSfC guidance, configure and test the system in a controlled manner
  3. Submit the signed Capability Package to the CSfC PMO, to include:
    • Completed Registration Form, with all fields complete or marked N/A 
    • Completed Compliance Checklist with brief, specific responses explaining how the solution is compliant with the CP
    • Deviation Forms, if applicable, signed by the client's Authorizing Official
    • Network diagrams

Upon verifying compliance, NSA will provide a letter acknowledging the registration for a specific time period.

All CSfC solutions operating on National Security Systems (NSS) or protecting NSS information must be registered with NSA.

By signing the registration form, the Authorizing Official is:

  • Asserting compliance with the published CP and acknowledging and accepting the risk of fielding a CSfC solution; or
  • Acknowledging inclusion of the appropriate CP Deviation Approval signed by NSA and acknowledging and accepting the risk of fielding a CSfC solution.

Please coordinate with the CSfC PMO before emailing any registration packages. Completed Solution Registration packages should be emailed to the CSfC PMO at:

If the forms are classified, please contact the CSfC PMO at the above email address for additional delivery instructions.

Applicable Forms

Mobile Access Solution Registration


Campus WLAN Solution Registration


Multi-Site Connectivity Solution Registration


Data at Rest Solution Registration


Key Management Requirements Annexes 


Enterprise Gray Implementation Requirements Annex 

Attention CSfC Customers: Please ensure that all submitted registration packages contain solution diagrams. If sending .zip files, please follow-up with the CSfC PMO at to ensure the file(s) were successfully received. Also, please advise us when you are deciding to implement a CSfC solution. We would like to ensure your solution can be registered as quickly as possible for approval. However, deviations discovered at the end of the process can be time-consuming for you and resource-intensive for NSA. Please email the CSfC team at