Information Assurance Menu

.
Skip Search Box

Commercial Solutions for Classified Program

ATTENTION CSfC CUSTOMERS:
Please advise us when you are deciding to implement a CSfC solution. We would like to ensure your solution can be registered as quickly as possible for approval. However, deviations discovered at the end of the process can be time-consuming for you and resource-intensive for NSA. Please email the CSfC team at csfc_register@nsa.gov.

Background

U.S. Government customers increasingly require immediate use of the market's most modern commercial hardware and software technologies within National Security Systems (NSS) in order to achieve mission objectives. Consequently, the National Security Agency/Central Security Service's (NSA/CSS) Information Assurance Directorate (IAD) is developing new ways to leverage emerging technologies to deliver more timely IA solutions for rapidly evolving customer requirements.

NSA/CSS's Commercial Solutions for Classified (CSfC) Program has been established to enable commercial products to be used in layered solutions protecting classified NSS data. This will provide the ability to securely communicate based on commercial standards in a solution that can be fielded in months, not years.

Click to view Commercial Solutions for Classified Brochure (PDF).

Click to view Commercial Solutions for Classified Factsheet (PDF).


CNSS Advisory Memorandum on CSfC

The Committee on National Security Systems (CNSS) has issued a CSfC Advisory Memorandum that provides guidance to US Government Departments and Agencies as to the responsibilities for maintaining the security posture of National Security Systems using CSfC solutions.
Click here to go to the CNSS website.


What is the Process to get a Commercial Product CSfC-Listed?

Vendors who wish to have their products eligible as CSfC components of a composed, layered IA solution must build their products in accordance with the applicable US Government approved Protection Profile(s) and submit their product using the Common Criteria Process.

The vendor will enter into a Memorandum of Agreement (MoA) with NSA. The MoA specifies that the vendor’s product must be NIAP certified, FIPS certified, and that the vendor agrees to fix vulnerabilities in a timely fashion. The MoA may also reference technology-specific selections for NIAP testing.

Interested vendors must complete and submit the CSfC Questionnaire (PDF) for each product. Please submit completed questionnaires to csfc_components@nsa.gov.

Questions regarding CSfC components may be directed to csfc_components@nsa.gov.


Recommended Acquisition Language for Contracting Officers, Program Managers, Acquisition Officials:

To help ensure commercial component vendors meet CNSS Policy (CNSSP) No. 11 requirements, the following contractual language is recommended for procurements involving commercial technologies: Technologies for [Program X] shall be procured in accordance with CNSSP No. 11, "National Policy Governing the Acquisition of Information Assurance and IA-Enabled Information Technology Products." In addition, technologies shall be procured which have been validated by Common Criteria Testing Labs, in accordance with the National Information Assurance Partnership (NIAP) Protection Profiles (PPs). Where a PP exists but the desired product has not been validated against it, [Program X] shall direct the desired vendor to have their product validated against the appropriate, corresponding PP. For National Security Systems (NSS) where classified data is being protected at rest or in transit by commercial products, technologies from the Commercial Solutions for Classified (CSfC) Components List shall be used, in accordance with NSA's published CSfC Capability Packages. Capability Packages and the CSfC Components List can be found by visiting the CSfC Components List page. NIAP-validated products can be found at the NIAP website on the CCEVS Product Compliant List page.

An Update to the Manufacturer Diversity Requirement

The manufacturer diversity requirement for CSfC layered solutions has been modified to permit, subject to certain conditions, single-manufacturer implementations of both layers. The manufacturer must show sufficient independence in the code base and cryptographic implementations of the products used to implement each layer. To demonstrate this, a manufacturer must document the similarities and differences between the two products, to include cryptographic hardware components, software code base (i.e. operating system), software cryptographic libraries, and development teams. It is a fundamental requirement that the code bases of the two products be significantly different. Additionally, the vendor must document measures taken to ensure that supply chain risk is no greater than would be the case for products from two different vendors. NSA will review the information and determine whether the documentation is sufficient to meet the requirements for independent layers. Manufacturer diversity will continue to be accepted to constitute independent layers.

Vendors who wish to submit a statement may do so at csfc_components@nsa.gov.


CSfC Components List

Click here to download the CSfC Components List. Customers select products from this listing to satisfy the reference architectures and configuration information contained in published Capability Packages. Customers must ensure that the components selected will permit the necessary functionality for the selected architecture.

Components used in prototypes that are not NIAP-approved may be listed on the CSFC Components List provisionally until a US Government approved Protection Profile for the technology is available. Once the Protection Profile is available, a company has six months to enter into a MoA with NSA to remain listed as a CSfC component.

For some technologies, the CSfC program requires specific, selectable requirements to be included in the Common Criteria evaluation validating that the product complies with the applicable NIAP-approved protection profile(s). Some selections, which are not required for the product to be listed on the NIAP Product Compliant List, are mandatory selections for products that are to be listed on the CSfC Components List.

To see the selectable requirements, go to the CSfC Components List and click on the links for IPSec VPN Gateways, IPSec VPN Clients, WLAN Clients, WLAN Access Systems, Certificate Authorities, MDM, SW FDE, Mobile Platforms, SIP Servers and VoIP Applications.

Open source components may be listed, provided they have a responsible sponsor, and an NSA-approved plan for, taking a component through Common Criteria evaluation and sustainment of the component. Customers wishing to use open source components should contact csfc_components@nsa.gov with their evaluation and sustainment plans and the responsible parties for each.

Questions regarding the CSfC Components List may be directed to csfc_components@nsa.gov.


Which Protection Profiles are Published and in Development?

For a current listing of NIAP approved U.S. Government Protection Profiles, go to http://www.niap-ccevs.org/pp/.

For a listing of U.S. Government Protection Profiles currently in development, go to http://www.niap-ccevs.org/pp/draft_pps/.

Additional information about NIAP and the Common Criteria Evaluation and Validation Scheme can be found at http://www.niap-ccevs.org/.


What is a Capability Package?

NSA/CSS is developing sets of Capability Packages in order to provide our customers with ready access to the information needed to satisfy their operational requirements. Capability Packages contain product-neutral information that will allow customers/integrators to successfully implement their own solutions. Using the information in the Capability Package, customers/integrators make product selections while following the guidelines/restrictions to create an architecture with specific commercial products configured in a particular manner.

CSfC Capability Packages will provide sufficient guidance for accreditors to make informed decisions on whether solutions meet their mission and security requirements. Each Capability Package has a classified Risk Assessment associated with it. Customers should contact the Client Contact Center {https://www.nsa.gov/ia/contacts/index.shtml#iccc} to request a copy of the Risk Assessment.


How can Customers/Integrators Implement a CSfC Capability Package?

For information or assistance in determining whether an approved Capability Package satisfies their requirements, U.S. Government customers (e.g., Department of Defense Components, Intelligence Community Organizations, and Federal Agencies) can engage NSA/CSS through the IAD Client Contact Center.

Integrators should coordinate through their U.S. Government customer points of contact.


How do Customers Register a CSfC Solution?

Customers will submit a compliance checklist and registration form to NSA (see below sections for forms specific to each Capability Package). The registration process includes the following steps:

  1. The customer completes the compliance checklist, detailing how their solution complies with the Capability Package, and submits the checklist to the Authorizing Official (AO).
  2. The customer tests the solution.
  3. The AO confirms after testing that the checklist is accurate and signs CSfC registration form.
  4. The AO submits registration form and compliance checklist to NSA.
  5. NSA provides letter acknowledging registration.
  6. The AO provides Authority to Operate (ATO).

NSA recommends that Authorizing Officials use the compliance checklists during their process for granting Interim Approval to Test, and that customers contact csfc_register@nsa.gov early on in the process for a vector check.


Criteria for CSfC Integrators

Click here to download the updated criteria and application for CSfC Integrators. These criteria and processes are defined to provide a common baseline for CSfC solution integrators, enabling NSA, AOs/Designated Approving Authorities (DAAs) to assess the capabilities of solution integrators and accept their results. Interested integrators may submit their application to CSFC_Integrators@nsa.gov. Questions may be submitted to the same email address.

Click here to view the Commercial Solutions for Classified Program Trusted Integrator List

ATTENTION INTEGRATORS: While CSfC encourages industry innovation, trustworthiness of the components is paramount. Customers and their integrators are advised that modifying a NIAP-validated component in a CSfC solution may invalidate its certification and trigger a revalidation process. To avoid delays, customers or integrators who feel it is necessary to modify a component should engage the component vendor and consult NIAP through their Assurance Continuity process to determine whether such a modification will affect the component's certification. In case of a modification to a component, NSA's CSfC Program Management Office will require a statement from NIAP that the modification does not alter the certification, or the security, of the component. Modifications that will trigger the revalidation process include, but are not limited to: configuring the component in a manner different than its NIAP-validated configuration; and modifying the original equipment manufacturers' (OEM's) code (to include digitally signing the code).


The Future

Although NSA/CSS's strategy for protecting classified information continues to employ both commercially-based and traditional Government-Off-The-Shelf (GOTS) IA solutions, IAD will look first to commercial technology and commercial solutions in helping customers meet their needs for protecting classified information while continuing to support customers with existing GOTS IA solutions or needs that can only be met via GOTS.

Updates will be posted to this site as the Commercial Solutions for Classified program continues to progress. If you wish to receive an email notification about updates to this website, please email CSfC at csfc@nsa.gov.


CSfC Customer Handbook

Click here to download the Customer Handbook. This will serve as a guide for CSfC customers on how to use the Capability Packages, CSfC Component Listing, Registration, and Lifecycle Support resources.


General Questions

For general queries about the Commercial Solutions for Classified Program, email CSfC at csfc@nsa.gov.


Capability Packages

Mobile Access Capability Package

The Mobile Access (MA) Capability Package (CP) describes how to protect classified data in Mobile Access Solutions transiting Wired Networks, Domestic Cellular Networks, and Trusted Wireless Networks to include Government Private Cellular Networks and Government Private Wi-Fi networks.

MA CP Version 1.1 provides customer requirements for domestic and international voice, video, and data capabilities from a mobile End User Device. VPN Remote and Local EUD Designs which complied with the VPN CP Version 3.1, dated 11 March 2015, are expected to need only minor changes to comply with the VPN EUD Design of this CP.

To implement Data-at-Rest on an EUD, the DAR solution shall be approved by NSA – either as a tailored solution, or compliant with NSA’s Data at Rest Capability Package (DAR CP) for the protection of information classified at the level of the Enterprise/Red network connected to the EUD. Specifications for DAR solutions can be found in the Data at Rest CP.

Click here to download the approved Mobile Access Capability Package: Mobile Access Capability Package v1.1.

USG Customers: Please contact the Client Contact Center {https://www.nsa.gov/ia/contacts/index.shtml#iccc} link to request a copy of the associated Risk Assessment.

IAD welcomes comments on the approved MA CP Version 1.1, which can be sent to the NSA/IAD Client Contact Center or the MA CP maintenance team at Mobile_Access@nsa.gov.

Updates to this Capability Package will be posted to this site.


Mobile Access Solution Registration

All CSfC Mobile Access solutions operating on National Security Systems (NSS) or protecting NSS information need to be registered with NSA. In order to complete the solution registration form, you will need an assigned ID number. You can request this registration number by sending an email to csfc@nsa.gov.

All customers are required to submit a Mobile Access compliance checklist with their registration form. Please provide brief, specific responses.

Click here to download the Mobile Access CP Compliance Checklist: MA CP Compliance Checklist

Click here to download the Mobile Access Solution Registration form: Mobile Access Solution Registration Form.

By signing the registration form the AO is either: asserting compliance with the published Mobile Access CP and acknowledging/accepting the risk of fielding a CSfC solution; or acknowledging inclusion of a Mobile Access CP Deviation Approval signed by NSA and acknowledging/accepting the risk of fielding a CSfC solution.

CSfC customers are strongly encouraged to utilize the services of an experienced solution integrator.  Click Here for the listing of trusted CSfC Integrators.

Customers are also strongly encouraged to email csfc_register@nsa.gov early on to advise NSA that you plan to register a solution and to get a vector check before procuring equipment or finalizing your design.

After coordinating with the CP solution support office, completed registration forms and compliance checklists should be emailed to: csfc_register@nsa.gov.

If the form is classified, please contact the CSfC PMO for delivery instructions.


Archived Mobile Access Capability Packages

NSA will not accept solution registrations against the following superseded Mobile Access Capability Packages. CSfC customers should use the latest IAD-approved version of the DAR Capability Package.

Archived Capability Package Superseded By
Mobile Access Version 0.8 CP (03 November 2014)
Mobile Access Version 1.0 CP (02 April 2015)
Mobile Access Version 1.1 (19 June April 2015)

Campus WLAN Capability Package

The Campus IEEE 802.11 Wireless Local Area Network (WLAN) Version 1.1 Capability Package, dated 04 March 2014, has been approved by the IA Director. This Capability Package enables customers to meet the demand for commercial End User Devices (i.e., tablet and laptop computers) to access secure enterprise services over a campus wireless network. This Capability Package takes lessons learned from two proof-of-concept demonstrations which included the layered use of COTS products for the protection of classified information. This document is intended to be a living reference that will be reviewed twice a year to ensure that the defined architecture and other instructions still provide the required security services and robustness.
Users of this Capability Package are responsible for obtaining, under their organization's established accreditation and approval processes, certification and accreditation of the user's implementation of this Capability Package. Solutions designed according to this Capability Package must be registered with NSA/IAD. Once registered, a signed IAD Approval Letter will be provided validating that the Campus WLAN Capability Package represents a CSfC solution approved for protecting classified information.
Click here to download the approved Campus WLAN Version 1.1 Capability Package: Campus WLAN Capability Package (PDF)

USG Customers: Please contact the Client Contact Center {https://www.nsa.gov/ia/contacts/index.shtml#iccc} link to request a copy of the associated Risk Assessment.

IAD welcomes comments on the approved Campus WLAN Version 1.1 Capability Package, which can be sent to your NSA/IAD Client Advocate or the Campus WLAN Capability Package maintenance team at Wi-Fi@nsa.gov.

Updates to this Capability Package will be posted to this site. Check back frequently in order to keep up with the dynamic changes.

Campus WLAN Solution Registration

All CSfC Campus WLAN solutions operating on National Security Systems (NSS) or protecting NSS information need to be registered with NSA. In order to complete the solution registration form, you will need an assigned ID number. You can request this registration number by sending an email to csfc@nsa.gov.

All customers are required to submit a Campus WLAN compliance checklist with their registration form.  Please provide brief responses. 
Click here to download the Campus WLAN CP Compliance Checklist: Campus WLAN CP Compliance Checklist

Click here to download the Campus WLAN Solution Registration form: Campus WLAN Solution Registration Form

By signing the registration form the AO is either: asserting compliance with the published Campus WLAN CP and acknowledging/accepting the risk of fielding a CSfC solution; or acknowledging inclusion of a Campus WLAN CP Deviation Approval signed by NSA and acknowledging/accepting the risk of fielding a CSfC solution.

CSfC customers are strongly encouraged to utilize the services of an experienced solution integrator.  Click Here for the listing of trusted CSfC Integrators.

Customers are also strongly encouraged to email csfc_register@nsa.gov early on to advise NSA that you plan to register a solution and to get a vector check before procuring equipment or finalizing your design.

After coordinating with the CP solution support office, completed registration forms and compliance checklists should be emailed to: csfc_register@nsa.gov.

If the form is classified, please contact the CSfC Program Management Office  for delivery instructions.


Archived Campus WLAN Capability Packages

NSA will not accept solution registrations against the following superseded Campus WLAN Capability Packages. CSfC customers should use the latest IAD-approved version of the Campus WLAN Capability Package.

Archived Capability Package Superseded By

Campus WLAN CP Version 0.8 (04 Oct 2012)
Campus WLAN CP Version 0.9 (14 Dec 2012) Campus WLAN CP Version 1.0 (20 Aug 2013)

Campus WLAN CP Version 1.1 (04 Mar 2014)

Virtual Private Network (VPN) Capability Package

Version 3.1 of the VPN Capability Package, dated 11 March 2015, has been approved by the IA Director. Version 3.1 contains corrected language concerning the ESP requirement. This Capability Package enables customers to implement VPNs between two or more sites and VPNs between fixed sites and End User Devices (EUDs). This Capability Package takes lessons learned from four proof-of-concept demonstrations that had implemented a set of Suite B algorithms, modes of operation, standards, and protocols. These demonstrations included a layered use of COTS products for the protection of classified information. This document is intended to be a living reference that will be reviewed twice a year to ensure that the defined architecture and other instructions still provide the required security services and robustness.

Users of this Capability Package are responsible for obtaining, under their organization's established accreditation and approval processes, certification and accreditation of the user's implementation of this Capability Package. Solutions designed according to this Capability Package must be registered with NSA/IAD. Once registered, a signed IAD Approval Letter will be provided validating that the VPN Capability Package represents a CSfC solution approved for protecting classified information.

Click here to download the approved VPN Capability Package v3.1: Virtual Private Network Capability Package v3.1.

USG Customers: Please contact the Client Contact Center {https://www.nsa.gov/ia/contacts/index.shtml#iccc} link to request a copy of the associated Risk Assessment.

IAD welcomes comments on the approved VPN Capability Package v3.1, which can be sent to your NSA/IAD Client Advocate or the VPN Capability Package maintenance team at VPN@nsa.gov.

Updates to this Capability Package will be posted to this site. Check back frequently in order to keep up with the dynamic changes.

VPN Solution Registration

All CSfC VPN solutions operating on National Security Systems (NSS) or protecting NSS information need to be registered with NSA. In order to complete the solution registration form, you will need an assigned ID number. You can request this registration number by sending an email to csfc@nsa.gov.

If the VPN solution has one infrastructure with multiple VPN end user devices, only one VPN registration form will need to be submitted. If the VPN solution is re-used at multiple locations, a separate VPN registration form for each location must be submitted.

All customers are required to submit a VPN compliance checklist with their registration form. Please provide brief, specific responses.

Click here to download the VPN CP Compliance Checklist: VPN CP Compliance Checklist.

Click here to download the VPN Solution Registration form: VPN Solution Registration Form.

By signing the registration form the AO is either: asserting compliance with the published VPN CP and acknowledging/accepting the risk of fielding a CSfC solution; or acknowledging inclusion of a VPN CP Deviation Approval signed by NSA and acknowledging/accepting the risk of fielding a CSfC solution.

CSfC customers are strongly encouraged to utilize the services of an experienced solution integrator.  Click Here for the listing of trusted CSfC Integrators.

Customers are also strongly encouraged to email csfc_register@nsa.gov early on to advise NSA that you plan to register a solution and to get a vector check before procuring equipment or finalizing your design.

After coordinating with the CP solution support office, completed registration forms and compliance checklists should be emailed to: csfc_register@nsa.gov.

If the form is classified, please contact the CSfC PMO for delivery instructions.


Archived VPN Capability Packages

NSA will not accept solution registrations against the following superseded VPN Capability Packages. CSfC customers should use the latest IAD-approved version of the VPN Capability Package.

Archived Capability Package Superseded By
Multi-Site VPN CP Version 0.8 (14 Mar 2012)
Multi-Site VPN CP Version 1.0 (17 Aug 2012)
VPN CP Version 1.08 (04 Mar 2013)
VPN CP Version 2.00 (28 May 2013)
VPN CP Version 2.08 (19 Dec 2013)
VPN CP Version 3.0 (12 June 2014)
VPN CP Version 3.1 (11 March 2015)

Data at Rest Capability Package

The Data-at-Rest (DAR) Capability Package (CP) Version 2.0 is designed to meet the demand for data-at-rest solutions using a Secure Sharing Suite (S3) of algorithms [NSA Suite B]. The goal for the DAR CP Version 2.0 solution is to protect classified data when the EUD is powered off or unauthorized. Unauthorized, in this case, means prior to a user presenting and having their credentials (e.g., password, tokens, etc.) validated by both layers of the DAR solution. Specific data to be protected must be determined by the data owner. Although the DAR solution designs can protect the confidentiality of data and render the EUD unclassified, it does not protect the integrity of an EUD outside of the control of approved users. Therefore, the NSA requires implementing organizations to define the circumstances in which an EUD that is part of the organization's solution is to be considered outside of the positive control of authorized users (i.e., "lost"). Authorizing Officials (AO) will define the circumstances for considering a device "lost" that aligns with the intended mission and threat environment for which the solution will be deployed. This CP is intended to be a living reference that will be updated to keep pace with technology and policies as they change over time, as additional security products and services are developed, and as lessons learned from early adopters of this architecture are applied.

Click here to download the approved DAR Capability Package: Data-at-Rest Capability Package v2.0.

USG Customers: Please contact the Client Contact Center {https://www.nsa.gov/ia/contacts/index.shtml#iccc} link to request a copy of the associated Risk Assessment.

IAD welcomes comments on the approved DAR CP v2.0, which can be sent to the NSA/IAD Client Contact Center or the DAR Capability Package maintenance team at CSFC_DAR_team@nsa.gov.

Updates to this Capability Package will be posted to this site.


Data at Rest Solution Registration

All CSfC DAR solutions operating on National Security Systems (NSS) or protecting NSS information need to be registered with NSA. In order to complete the solution registration form, you will need an assigned ID number. You can request this registration number by sending an email to csfc@nsa.gov.

All customers are required to submit a DAR compliance checklist with their registration form. Please provide brief, specific responses.

Click here to download the DAR CP Compliance Checklist: DAR CP Compliance Checklist

Click here to download the DAR Solution Registration form: DAR Solution Registration Form.

By signing the registration form the AO is either: asserting compliance with the published DAR CP and acknowledging/accepting the risk of fielding a CSfC solution; or acknowledging inclusion of a DAR CP Deviation Approval signed by NSA and acknowledging/accepting the risk of fielding a CSfC solution.

CSfC customers are strongly encouraged to utilize the services of an experienced solution integrator.  Click Here for the listing of trusted CSfC Integrators.

Customers are also strongly encouraged to email csfc_register@nsa.gov early on to advise NSA that you plan to register a solution and to get a vector check before procuring equipment or finalizing your design.

After coordinating with the CP solution support office, completed registration forms and compliance checklists should be emailed to: csfc_register@nsa.gov.

If the form is classified, please contact the CSfC PMO for delivery instructions.


Data at Rest Capability Package Version 2.8 – Seeking Public Comment

This version of the DAR CP is provided to initiate discussions with customers/industry and to solicit feedback.  All feedback received by 11 September 2015 will be considered for inclusion into DAR CP Version 3.0.  When published, Version 3.0 will extend the offerings in Version 2.0 and integrate additional options and use-cases. 

NOTE: Customers cannot register solutions against DAR Version 2.8.  All DAR solution registrations must be against DAR Version 2.0.

Click here to download Data-at-Rest Capability Package v2.8.

Your feedback by 11 September 2015 is welcomed and should be sent to csfc_dar_team@nsa.gov using the comment matrix. Click here to download the DAR CP v2.8 Comment Matrix and Instructions.


Archived DAR Capability Packages

NSA will not accept solution registrations against the following superseded DAR Capability Packages. CSfC customers should use the latest IAD-approved version of the DAR Capability Package.

Archived Capability Packages Superseded By
DAR Version 0.8 CP (03 July 2014) DAR Version 2.0 (02 April 2015)
DAR Version 1.0 CP (15 October 2014)  

Capability Packages
What's in Development
NSA is currently updating and evolving its suite of Capability Packages. Upcoming releases include:

  • Mobile Access CP v1.1 – update to Mobile Access CP to include more user comments and requirements.
  • Campus WLAN  CP v2.0– evolution of Campus Wireless LAN CP; features a shared WPA2 layer. (Estimated date: Feb 2016)
  • Data at Rest v3.0 CP – hardware FDE technology; e.g., Self Encrypting Drives. (Estimated date: TBD 2016)
  • Secure Multisite Connectivity CP– extends VPN v3.1 to include MACsec use cases; enables secure high–speed connectivity. (Estimated date: April 2016)

Updates

Date Item
24 July 2015 Updated the CSfC FactSheet; Updated the MA CP Compliance Checklist
23 July 2015 Updated the Components list;Updated the Trusted Integrator list; Updated the Mobile Access Capability Package; Updated the Archived Mobile Access Capability Packages
06 July 2015 Updated the Mobile Access Capability Package; Updated the Mobile Access CP Compliance Checklist
24 June 2015 Updated the Components list; Added new "Data at Rest Capability Package Version 2.8 – Seeking Public Comment" section to the page
16 June 2015 Updated the Components list
11 June 2015 Updated the Components list
08 June 2015 Updated the Components list; Updated the Archived Components list, Updated the VPN, Mobile Access, WLAN and DAR Registration Forms; Updated the VPN Compliance Checklist
27 May 2015 Updated the Components list
21 May 2015 Updated the Components list; Updated the Trusted Integrator list
21 May 2015 Updated the Components list; Updated the Trusted Integrator list
18 May 2015 Updated the Components list; Updated the VPN Compliance Checklist; Removed the Mobility Program page;
11 May 2015 Updated the Components list; Updated the Trusted Integrator list; Updated the Backround section
29 Apr 2015 Updated the DaR CP portion of the page; Updated the Mobile Access CP portion of the page
23 Apr 2015 Updated the Components list; Updated the DaR Compliance Checklist form; Updated the DAR Registration form; Added new Trusted Integrator; Added new component to the Comoponents list; Removed Non-technical and technical FAQs
02 Apr 2015 Updated the Components list; Updated the VPN Compliance Checklist form ; Added new Trusted Integrator
01 Apr 2015 Updated the CSfC homepage; Updated the Campus WLAN Registration Form; Added new Trusted Integrator
27 Mar 2015 Updated Mobile Platform Selections document; Updated the Trusted Integrator List
20 Mar 2015 Updated the Virtual Private Network section and updated the Components List.
11 Mar 2015 Added new Trusted Integrator; Updated the Components list
04 Mar 2015 Added new Trusted Integrator; Added new section: TLS Software Applications and Updated Components List
18 Feb 2015 Updated Components List
28 Jan 2015 Added new section: Data At Rest Solution Registration ; Updated the Components List
22 Jan 2015 Updated the Data At Rest Capability Package section; Uploaded the Components List; and updated the Trusted Integrator List
08 Jan 2015 Updated the Data At Rest Capability Package section; Uploaded the approved DAR Capability Package; Created a new section "Archived VPN Capability Packages"; Updated the "Capability Packages - What's In Development" section.
23 Dec 2014 Updated the Components List
15 Dec 2014 Updated the CSfC Components List: Updated the Mobile Access Capability Package; and Updated the Encryption Capability Package Specification Document
10 Dec 2014 Updated landing page text; added a new Mobile Access Capability Package section; Updated Components List; and Updated Trusted Integrator List
02 Dec 2014 Updated Components List
25 Nov 2014 Updated Components List
18 Nov 2014 Added updated VPN & Campus WLAN registration forms; Updated Components List; Updated Trusted Integrator List; and updated landing page text
05 Nov 2014 Updated landing page text
27 Oct 2014 Updated Components List
23 Oct 2014 Updated Components List
07 Oct 2014 Established Trusted Integrator List; updated landing page text
01 Oct 2014 Added updated editable Compliance Checklists; updated Components List; established Archived Components List; updated landing page text
15 Sep 2014Updated Components List
04 Aug 2014 Added updated Compliance Checklists; added VPN Ver 3.0 CP; archived VPN Ver 2.0 CP and VPN Ver 2.08 CP; updated landing page text
28 Jul 2014Added Campus WLAN Ver 1.1 CP; updated landing page text
18 Jul 2014Added DAR Ver 1.0 CP; updated landing page text
26 Jun 2014Updated Components List
23 May 2014Updated integrator criteria section and document; updated brochure; updated compliance checklist text.
02 May 2014Added Campus WLAN and VPN Compliance Checklists; updated landing page text regarding registration, MoAs, and Integrator Criteria.
19 Feb 2014Added CSfC Components List Version 1.0; added VPN Version 2.08 CP, Comment Matrix and Instructions; updated landing text
23 Dec 2013Added Campus WLAN Version 1.0 CP; removed older Campus WLAN CP version; added VPN and Campus WLAN Solution Registration forms; updated landing text
05 Nov 2013Added Integrator Criteria; updated landing text
29 Aug 2013Added VPN Version 2.0 CP; removed older VPN CP versions; added Archived VPN section; updated landing text
13 May 2013Added VPN Version 1.08 CP Comment Matrix and Instructions; updated landing text
23 Apr 2013Added VPN Version 1.08 CP; updated landing page text
18 Apr 2013Added Brochure v2-5, Questionnaire v1.2
15 Feb 2013Added Campus WLAN Ver 0.9 CP; updated landing page text
29 Jan 2013Added VPN Version 1.0 CP and Customer Handbook; updated landing page text
05 Nov 2012Added Campus WLAN Ver 0.8 CP; updated landing page text
15 Jul 2012Added FAQ Responses; updated landing page text
15 May 2012Updated Tri-Fold and landing page text
21 Mar 2012Website established
 

Date Posted: Mar 21, 2012 | Last Modified: Jul 24, 2015 | Last Reviewed: Jul 24, 2015

 
bottom