Back to Top

Commercial Solutions for Classified Program (CSfC)

Attention CSfC Customers: Please ensure all submitted registration packages contain solution diagrams. Also, please advise us when you are deciding to implement a CSfC solution. We would like to ensure your solution can be registered as quickly as possible for approval. However, deviations discovered at the end of the process can be time-consuming for you and resource-intensive for NSA. Please email the CSfC team at csfc_register@nsa.gov.

Components List

Skip to Components List Index

Customers select products from this listing to satisfy the reference architectures and configuration information contained in published Capability Packages. Customers must ensure that the components selected will permit the necessary functionality for the selected architecture.

Non NIAP-approved components used in solutions may be listed on the CSfC Components List provisionally until a US Government approved Protection Profile for the technology is available. Once the Protection Profile is available, the company has six months to enter into a Memorandum of Agreement with NSA to remain listed as a CSfC component.

For some technologies, the CSfC program requires specific, selectable requirements to be included in the Common Criteria evaluation validating that the product complies with the applicable NIAP-approved protection profile(s). Some selections, which are not required for the product to be listed on the NIAP Product Compliant List, are mandatory selections for products that are to be listed on the CSfC Components List.

To see the selectable requirements, go to the CSfC Components List and click on the links for IPSec VPN Gateways, IPSec VPN Clients, WLAN Clients, WLAN Access Systems, Certificate Authorities, MDM, SW FDE, Mobile Platforms, SIP Servers and VoIP Applications.

Open source components may be listed, provided they have a responsible sponsor, and an NSA-approved plan for, taking a component through Common Criteria evaluation and sustainment of the component. Customers wishing to use open source components should contact csfc_components@nsa.gov with their evaluation and sustainment plans and the responsible parties for each.

Questions regarding the CSfC Components List may be directed to csfc_components@nsa.gov.

Which Protection Profiles are Published and in Development?

For a current listing of NIAP approved U.S. Government Protection Profiles, go to http://www.niap-ccevs.org/pp/.

For a listing of U.S. Government Protection Profiles currently in development, go to http://www.niap-ccevs.org/pp/draft_pps/.

Additional information about NIAP and the Common Criteria Evaluation and Validation Scheme can be found at http://www.niap-ccevs.org/.

What is the Process to get a Commercial Product CSfC-Listed?

Vendors who wish to have their products eligible as CSfC components of a composed, layered IA solution must build their products in accordance with the applicable US Government approved Protection Profile(s) and submit their product using the Common Criteria Process.

The vendor will enter into a Memorandum of Agreement (MoA) with NSA. The MoA specifies that the vendor's product must be NIAP certified and that the vendor agrees to fix vulnerabilities in a timely fashion. The MoA may also reference technology-specific selections for NIAP testing.

Interested vendors must complete and submit the CSfC Questionnaire (PDF) for each product. Please submit completed questionnaires to csfc_components@nsa.gov.

An Update to the Manufacturer Diversity Requirement

The manufacturer diversity requirement for CSfC layered solutions has been modified to permit, subject to certain conditions, single-manufacturer implementations of both layers. The manufacturer must show sufficient independence in the code base and cryptographic implementations of the products used to implement each layer. To demonstrate this, a manufacturer must document the similarities and differences between the two products, to include cryptographic hardware components, software code base (i.e. operating system), software cryptographic libraries, and development teams. It is a fundamental requirement that the code bases of the two products be significantly different. Additionally, the vendor must document measures taken to ensure that supply chain risk is no greater than would be the case for products from two different vendors. NSA will review the information and determine whether the documentation is sufficient to meet the requirements for independent layers. Manufacturer diversity will continue to be accepted to constitute independent layers.

Vendors who wish to submit a statement may do so at csfc_components@nsa.gov.


Components List Index


Authentication Server

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Aruba Clearpass Policy Manager 6.6.8 NIAP Validation Completed (at Gossamer)
Cisco Identity Services Engine v2.2 ADE-OS v2.4 NIAP Validation Completed (at Acumen)


Certificate Authority

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Information Security Corporation CertAgent 7.0 NIAP Validation Completed (at DXC Technology)


E-mail Clients

Click for Selections


File Encryption

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Dell Data Protection Encryption Personal Edition 8.14.0 NIAP Validation Completed (at EWA Canada)
KeyW Corp. KeyW BlackBerry Suite B Data at Rest Version 1.2.2.1 NIAP Validation Completed (at Gossamer)
Monkton, Inc. Monkton IA Docs Reinforced by Rebar iOS 10.0.0 NIAP Validation Completed (at Acumen)
Trivalent Android Data Protection SDK Version 2.13 NIAP Validation Completed (at Gossamer Security Solutions)
Trivalent Trivalent Protect for Android Version 2.6 NIAP Validation Ongoing (at Gossamer Security Solutions)


Hardware Full Drive Encryption

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Mercury Systems ASURRE-Stor Solid State Self-Encrypting Drive Version 3.0 NIAP Validation Completed (at UL Verification Services)


IPS

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Cisco FirePOWER Version 6.1 NIAP Validation Completed (at Gossamer)
Cisco FirePOWER (FPR 7010, FPR7020, FPR 7030, FPR 7050, FPR 7110, FPR 7115, FPR 7120, FPR 7125, FPR 8350, FPR 8370, FPR 8390, FMC 750, FMC 2000, FMC 4000, FMCv and NGIPSv) Version 6.1 NIAP Validation Completed (at Gossamer)
Cisco Firepower Threat Defense v6.2 and FX-OS v2.2 on the 4k and 9k Families (FPWR 4110, FPWR 4120, FPWR 4140, FPWR 4150, FPWR 9300 SM-24, FPWR 9300 SM-36 and FPWR 9300 SM-44) FX-OS v2.2 NIAP Validation Ongoing (at Gossamer)
Cisco Firepower Threat Defense v6.2 and FX-OS v2.2 on the 2k Families (FPWR 2110, FPWR 2120, FPWR 2130, FPWR 2140) FX-OS v2.2 NIAP Validation Ongoing (at Gossamer)
Fortinet FortiGate UTM Appliances (50E, VM, 90D, 100D, 200D, 300D, 500D, 600D, 900D, 1000D, 1200D, 1500D, 3000D, 3200D, 3700D and 50001D) FortiOS 5.4.2 NIAP Validation Completed (at BAE Systems)
IBM Security Network Protection (XGS models 3100, 4100, 5100 and 7100) Version 1.0 NIAP Validation Ongoing (at COACT)
Juniper SRX Product Series: SRX100, SRX110, SRX210, SRX220, SRX240, SRX550, SRX650, SRX1400, SRX3400, SRX3600, SRX5400, SRX5600 and SRX5800 JUNOS 12.3x48-D30 NIAP Validation Completed (at BAE Systems)
Juniper SRX Product Series: SRX300, SRX320, SRX340, SRX345, SRX550M, SRX5400, SRX5600 and SRX5800 JUNOS 15.1x49-D60 NIAP Validation Completed (at BAE Systems)
Juniper SRX Product Series: SRX300, SRX320, SRX340, SRX345, SRX550M, SRX5400, SRX5600 and SRX5800 JUNOS 17.4R1 NIAP Validation Ongoing (at BAE Systems)
Juniper SRX Product Series: SRX1500, SRX4100 and SRX4200 JUNOS 17.4R1 NIAP Validation Ongoing (at BAE Systems)
SonicWall SonicWall NSA Network Security Appliances (2600, 3600, 4600, 5600, 6600, SM9200, SM9400, SM9600) SonicOS 6.2 NIAP Validation Ongoing (at EWA-Canada)
SonicWall SonicWall TZ Network Security Appliances (300/W, 400/W, 500/W, 600) SonicOS 6.2 NIAP Validation Ongoing (at EWA-Canada)


IPSec VPN Client

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Apple iOS 11 VPN Client on iPhone and iPad Devices (using the A7, A8, A8X, A9, A9X, A10, A10X and A11 processors as validated on the iPhone 5s, iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X, iPhone SE, iPad mini 3, iPad mini 4, iPad Air 2, iPad Pro 12.9", iPad Pro 9.7", iPad, iPad 10.5) iOS 11 NIAP Validation Completed (at Acumen)
Aruba Remote Access Point RAP-108 and RAP-109 families) Version 6.5.0 NIAP Validation Completed (at Leidos)
Aruba Remote Access Point RAP-205-H Version 6.5.0 NIAP Validation Ongoing (at Leidos)
Aruba VIA Version 3.0 NIAP Validation Completed (at Gossamer)
Blackberry Blackberry Smartphones 10.3.3 NIAP Validation Completed (at EWA Canada)
Cisco 1000V Cloud Services Router IOS XE 3.16 NIAP Validation Completed (at CGI IT Security Labs)
Cisco AnyConnect Secure Mobility Client for Android 6 Version 4.0 NIAP Validation Completed (at Gossamer)
Cisco AnyConnect Secure Mobility Client for Apple iOS Version 4.6 NIAP Validation Completed (at Gossamer)
Cisco AnyConnect Secure Mobility Client for Windows 10 Version 4.3 NIAP Validation Completed (at Gossamer)
Cog Systems D4 Secure, HTC A9 Version 1.0 NIAP Validation Completed (at Gossamer)
Microsoft Windows Server 2016 NIAP Validation Completed (at Leidos)
Microsoft Windows VPN Client Windows 10 NIAP Validation Completed (at Leidos)
Oceus Networks Oceus VPN Client Android 5.1-6 NIAP Validation Completed (at Gossamer)
Oceus Networks Xiphos TMD SafeMove Android 6 In Contracting Phase
Samsung Research America Galaxy Note®4 Android 6.0.1 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Note®5 Android 6.0.1 and Android 7.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Note®8 Android 7.0 and 8.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Note Edge Android 6.0.1 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy S6 Android 6.0.1 and Android 7.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy S6 Edge Android 7.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy S7 Android 7.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy S8 Devices Android 7.0 and 8.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Tab Active 2 Android 7.1 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Tab S2 Android 6.0.1 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Tab S3 Android 7.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Samsung Galaxy S9 Devices Android 8.0 NIAP Validation Completed (at Gossamer)
Unisys Federal Systems Stealth Solution Version 3.0 and 3.3 NIAP Validation Completed (at Leidos)


IPsec VPN Gateway

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Architecture Technology Corporation Compact Rugged Router CRR-1000 V1.0 NIAP Validation Ongoing (at UL Verification Services)
Aruba Virtual Mobility Controller NIAP Validation Completed (at CSC Australia)
Aruba 600 Series Mobility Controllers Aruba OS 6.5-FIPS NIAP Validation Completed (at CSC Australia)
Aruba 3000 Series Mobility Controllers Aruba OS 6.5-FIPS NIAP Validation Completed (at CSC Australia)
Aruba 6000 Series Mobility Controllers Aruba OS 6.5-FIPS NIAP Validation Completed (at CSC Australia)
Aruba 7000 Series Mobility Controllers Aruba OS 6.5-FIPS NIAP Validation Completed (at CSC Australia)
Brocade Communications Systems ICX 7450 Router V8.0.7.0 NIAP Validation Completed (at Gossamer)
Cisco 1905, 1921, 1941, 2901, 2911, and 2921 Integrated Services Routers 15.5(3)M IOS NIAP Validation Completed (at Leidos)
Cisco 2951, 3925, and 3945 Integrated Services Routers 15.5(3)M IOS NIAP Validation Completed (at Leidos)
Cisco 3925E and 3945E Integrated Services Routers 15.5(3)M IOS NIAP Validation Completed (at Leidos)
Cisco 4351, 4331, 4321 Integrated Services Routers IOS XE 3.13.2 NIAP Validation Completed (at CGI)
Cisco ASA 5500 Series (5506-X, 5506H-X, 5506W-X, 5508-X, 5512-X, 5515-X, 5516-X, 5525-X, 5545-X, 5555-X, 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40, 5585-X SSP-60 and ASA-SM) v9.6 NIAP Validation Completed (at Gossamer)
Cisco ASAv running on ESXi 5.5 or 6.0 on the UCS B22 M3, B200 M3, B200 M4, B230 M2, B260 M4, B420 M3, B420 M4, B440 M2, B460 M4, C22 M3, C24 M3, C220 M3, C240 M3, C240 M4, C260 M2, C420 M3, C460 M2, C460 M4 and ASAv running ESXi 5.5 or 6.0 on the E140S M1, E140S M2, E140D M1, E160D M2, E160D M1, E180D M2, E140DP M1 and E160DP M1 installed on ISR v9.6 NIAP Validation Completed (at Gossamer)
Cisco ASA 5500 Series (5506-X, 5506H-X, 5506W-X, 5508-X, 5516-X, 5525-X, 5545-X, 5555-X and ASA on FPWR 1000, 2110, 2120, 2130, 2140, 4110, 4120, 4140, 4150, 9300 SM-24, 9300 SM-36, and 9300 SM-44) v9.8 NIAP Validation Ongoing (at Gossamer)
Cisco ASAv (ASAv5, ASAv10, ASAv30, ASAv50) running ESXi 5.5 or 6.0 and NFVIS 3.5.1 on the UCS B200-M4, B200-M5, C220-M4S, C220-M5, C240-M5, C240-M4SX, C240-M4L, C460-M4, C480-M5, E140S-M2/K9, E160S-M3 and E180D-M2K9 installed on ISR and ASAv running on NFVIS 3.5.1 on the ENCS 5406, 5408 and 5412 v9.8 NIAP Validation Ongoing (at Gossamer)
Cisco ESR 5900 Series (5915, 5921, 5940) 15.7M NIAP Validation Completed (at Acumen)
Cisco NGFW running ASA v9.8 and FX-OS v2.2 on the 4K and 9K families (FP 4110, FP4120, FP 4140, FP 4150, FPWR 9300 SM-24, FPWR 9300 SM-36, FPWR 9300 SM-44) FX-OS v2.2 NIAP Validation Ongoing (at Gossamer)
Cisco NGFW running ASA v9.8 and FX-OS v2.2 on the Firepower 2100 Series (2110, 2120, 2130 and 2140) FP v6.1 NIAP Validation Completed (at Gossamer)
Cisco ASR 1000 Product Series (1001-X, 1001-HX, 1002-X, 1002-HX, 1006, 1006-X, 1009-X and 1013) IOS v16.3 NIAP Validation Completed (at Acumen)
Cisco Firepower 4100 9.6 and 9300 9.6 FX-OS 2.0 NIAP Validation Completed (at Gossamer)
Cisco Firepower Threat Defense v6.2 and FX-OS v2.2 on the 4k and 9k Families (FPWR 4110, FPWR 4120, FPWR 4140, FPWR 4150, FPWR 9300 SM-24, FPWR 9300 SM-36 and FPWR 9300 SM-44) FX-OS v2.2 NIAP Validation Ongoing (at Gossamer)
Cisco Firepower Threat Defense v6.2 and FX-OS v2.2 on the 2k Families (FPWR 2110, FPWR 2120, FPWR 2130, FPWR 2140) FX-OS 2.2 NIAP Validation Ongoing (at Gossamer)
Cisco ISR 1100 Product Series: 1111, 1112, 1113, 1114, 1115, 1116, 1117 and 1118 IOS-XE 16.6 NIAP Validation Completed (at Acumen)
Cisco ISR 4000 Product Series (4321, 4331, 4351, 4431 and 4451) IOS v16.3 NIAP Validation Completed (at Acumen)
Fortinet FortiGate UTM Appliances (50E, VM, 90D, 100D, 200D, 300D, 500D, 600D, 900D, 1000D, 1200D, 1500D, 3000D, 3200D, 3700D and 50001D) FortiOS 5.4.2 NIAP Validation Completed (at BAE Systems)
General Dynamics C4 Systems Fortress Mesh Point ES210, ES520, ES820, ES2440 Product Series Rev 5.4.3.1608 NIAP Validation Completed (at InfoGard)
Information Assurance Specialists NGFW running ASA v9.8 and FX-OS v2.2 on the Firepower 2100 Series (2110, 2120, 2130 and 2140) FP v6.1 NIAP Validation Ongoing (at Gossamer)
Information Assurance Specialists Stand Alone Routers (PICO and Graphite) IASRouter-2.2.0 NIAP Validation Completed (at UL Verification Services Inc)
Information Assurance Specialists VPN Gateway Modules (COMPACT, NANO and NANO Plus) IASRouter-2.2.0 NIAP Validation Completed (at UL Verification Services Inc)
Juniper SRX Product Series: SRX100, SRX110, SRX210, SRX220, SRX240, SRX550, SRX650, SRX 5400, SRX5600 and SRX5800 JUNOS 12.3x48-D30 NIAP Validation Completed (at BAE Systems)
Juniper SRX Product Series: SRX300, SRX320, SRX340, SRX345, SRX550M, SRX5400, SRX5600 and SRX5800 JUNOS 15.1x49-D60 NIAP Validation Completed (at BAE Systems)
Juniper SRX Product Series: SRX300, SRX320, SRX340, SRX345, SRX550M, SRX5400, SRX5600 and SRX5800 JUNOS 17.4R1 NIAP Validation Ongoing (at BAE Systems)
Juniper SRX Product Series: SRX1500, SRX4100 and SRX4200 JUNOS 17.4R1 NIAP Validation Ongoing (at BAE Systems)
Klas Telecom Government Klas Voyager Version 1.0 NIAP Validation Completed (at UL Verification Services Inc)
Palo Alto Networks Next Generation Firewall (PA-200, PA-220, PA-500, PA-820, PA-850, PA-2050, PA-3020, PA-3050, PA-3060, PA-5020, PA-5050, PA-5060, PA-5220, PA-5250, PA-5260, PA-7050, PA-7080) PAN-OS 8.0.6 NIAP Validation Completed (at Leidos)
Palo Alto Networks VM-50, VM-100, VM-200, VM-300, VM-500, VM-700 and VM-1000-HV when installed using VMWare ESXi 5.5, KVM, Microsoft Hyper-V and Intel Xeon processor based on Ivy Bridge, Broadwell or Haswell microarchitectures, which implement Intel Secure Key either on Dell PowerEdge R730 and PacStar PS451 servers or equivalent platforms; i.e, Intel Ivy Bridge, Broadwell or Haswell-based processor with Broadcom or Intel Networks Interface Controllers supported by the server. The VM-series virtual appliance must be the only guest running in the virtual environment. PAN-OS 8.0.6 NIAP Validation Completed (at Leidos)
SonicWall SonicWall SM Network Security Appliances (9200, 9400, 9600) SonicOS 6.2 NIAP Validation Ongoing (at EWA-Canada)
SonicWall SonicWall NSA Network Security Appliances (2600, 3600, 4600, 5600, 6600) SonicOS 6.2 NIAP Validation Ongoing (at EWA-Canada)
SonicWall SonicWall TZ Network Security Appliances (300/W, 400/W, 500/W, 600/W) SonicOS 6.2 NIAP Validation Ongoing (at EWA-Canada)


MACSEC Ethernet Encryption Devices

Vendor Model Version (or later) CNSSP-11 Compliance
Cisco ASR 1000 Product Series (1001-X, 1001-HX, 1002-X, 1002-HX, 1006-X, 1009-X and 1013) IOS v16.3 NIAP Validation Completed (at Acumen)
Cisco ASR 9000 Product Series (9004, 9006, 9010, 9912 and 9922) 6.1 NIAP Validation Completed (at Acumen)
Cisco Catalyst 3650 and 3850 Series Switches IOS-XE 16.3 NIAP Validation Completed (at Acumen)
Cisco Catalyst 9300 and 9500 Series Switches IOS-XE 16.6 NIAP Validation Completed (at Acumen)
Cisco ISR 4000 Product Series (4321, 4331, 4351, 4431 and 4451) IOS v16.3 NIAP Validation Completed (at Acumen)


MDM

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Apple iOS 11 (iPhone and iPad devices using the A7, A8, A8X, A9, A9X, A10 Fusion, A10X Fusion and A11 Bionic processors as validated on the iPhone 5s, iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X, iPhone SE, iPad mini 3, iPad mini 4, iPad Air 2, iPad Pro 12.9, iPad Pro 9.7, iPad and iPad Pro 10.5) iOS v.11.2 NIAP Validation Completed (at ATSEC)
Blackberry Blackberry Enterprise Service (BES) 12   NIAP Validation Ongoing (at EWA Canada)
Samsung SDS Co, LTD. Enterprise Mobility Management Version 1.5.1 NIAP Validation Completed (at Gossamer)
VMware AirWatch Enterprise Mobility Management Version 9.x NIAP Validation Completed (at BAH)


Mobile Platform

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Apple iOS 11 (iPhone and iPad devices using the A7, A8, A8X, A9, A9X, A10 Fusion, A10X Fusion and A11 Bionic processors as validated on the iPhone 5s, iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X, iPhone SE, iPad mini 3, iPad mini 4, iPad Air 2, iPad Pro 12.9, iPad Pro 9.7, iPad and iPad Pro 10.5) iOS v.11.2 NIAP Validation Completed (at ATSEC)
Blackberry Blackberry Smartphones 10.3.3 NIAP Validation Completed (at EWA Canada)
Cog Systems D4 Secure, HTC A9 Version 1.0 NIAP Validation Ongoing (at Gossamer)
Getac Technology Corp. MX50 Mobile Device Android 5.1.1 NIAP Validation Completed (at Gossamer))
Microsoft Windows 10 with Surface Pro 3, Surface Pro 4, Surface Book and Dell Latitude 5580 Windows 10 NIAP Validation Completed (at Leidos)
Samsung Research America Galaxy Note®8 Android 7.0 and 8.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy S6® Android 6.0.1 and Android 7.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy S6 Edge® Android 6.0.1 and Android 7.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy S7® Android 6.0.1 and Android 7.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy S8 Devices Android 7.0 and 8.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Tab Active 2 Android 7.1 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Tab S3 Android 7 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Note®4 with KNOX 2 Android 6.0.1 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Note®5 Android 6.0.1 and Android 7.0 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Tab S2 Android 6.0.1 NIAP Validation Completed (at Gossamer)
Samsung Research America Galaxy Note® Edge with KNOX 2 Android 6.0.1 NIAP Validation Completed (at Gossamer)
Samsung Research America Samsung Galaxy S9 Devices Android 8.0 NIAP Validation Completed (at Gossamer)


Session Border Controller

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Cisco Expressway Series X8.11 NIAP Validation Ongoing (at Acumen)
Cisco Telepresence Video Communications Server X9.1 NIAP Validation Ongoing (at Acumen)


SIP Server

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Secusmart SecuSUITE SIP Server V1.0 NIAP Validation Completed (at EWA Canada)


Software Full Drive Encryption

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Curtiss-Wright DTS1 Software Encryption Layer v1.0 NIAP Validation Ongoing (at Gossamer)


TLS Protected Servers

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Bivio Networks, Inc. Bivio 6110-NC Red Hat Enterprise Linux v7.1 NIAP Validation Completed (at UL Verification Services)
Bivio Networks, Inc. Bivio 6310-NC (B6310-NC, B6310R-NC, PacStar 451) Red Hat Enterprise Linux v7.4 NIAP Validation Completed (at UL Verification Services)
Microsoft Windows Server 2012 NIAP Validation Completed (at Leidos)


TLS Software Applications

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Intelligent Waves Hypori Client for Android v4.1 NIAP Validation Ongoing (at Leidos)
Intelligent Waves Hypori Client for iOS v4.1 NIAP Validation Ongoing (at Leidos)
Nubo Software Thin Client v2.0 NIAP Validation Completed (at Acumen)
Vencore Labs SecureIO Android 6.0.1 and 7.0 NIAP Validation Completed (at Acumen)


Traffic Filtering Firewall

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Aruba Virtual Mobility Controller Version 6.5.0 NIAP Validation Completed (at Australia)
Aruba 600 Series Mobility Controllers Aruba OS 6.5-FIPS NIAP Validation Completed (at CSC Australia)
Aruba 3000 Series Mobility Controllers Aruba OS 6.5-FIPS NIAP Validation Completed (at CSC Australia)
Aruba 6000 Series Mobility Controllers Aruba OS 6.5-FIPS NIAP Validation Completed (at CSC Australia)
Aruba 7000 Series Mobility Controllers Aruba OS 6.5-FIPS NIAP Validation Completed (at CSC Australia)
Cisco ASA 5500 Series (5506-X, 5506H-X, 5506W-X, 5508-X, 5512-X, 5515-X, 5516-X, 5525-X, 5545-X, 5555-X, 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40, 5585-X SSP-60 and ASA-SM) v9.6 NIAP Validation Completed (at Gossamer)
Cisco ASAv running on ESXi 5.5 or 6.0 on the UCS B22 M3, B200 M3, B200 M4, B230 M2, B260 M4, B420 M3, B420 M4, B440 M2, B460 M4, C22 M3, C24 M3, C220 M3, C240 M3, C240 M4, C260 M2, C420 M3, C460 M2, C460 M4 and ASAv running ESXi 5.5 or 6.0 on the E140S M1, E140S M2, E140D M1, E160D M2, E160D M1, E180D M2, E140DP M1 and E160DP M1 installed on ISR v9.6 NIAP Validation Completed (at Gossamer)
Cisco ASA 5500 Series (5506-X, 5506H-X, 5506W-X, 5508-X, 5516-X, 5525-X, 5545-X, 5555-X and ASA on FPWR 1000, 2110, 2120, 2130, 2140, 4110, 4120, 4140, 4150, 9300 SM-24, 9300 SM-36, and 9300 SM-44) v9.8 NIAP Validation Ongoing (at Gossamer)
Cisco ASAv (ASAv5, ASAv10, ASAv30, ASAv50) running ESXi 5.5 or 6.0 and NFVIS 3.5.1 on the UCS B200-M4, B200-M5, C220-M4S, C220-M5, C240-M5, C240-M4SX, C240-M4L, C460-M4, C480-M5, E140S-M2/K9, E160S-M3 and E180D-M2K9 installed on ISR and ASAv running on NFVIS 3.5.1 on the ENCS 5406, 5408 and 5412 v9.8 NIAP Validation Ongoing (at Gossamer)
Cisco Firepower 4100 9.6 and 9300 9.6 FX-OS 2.0 NIAP Validation Completed (at Gossamer)
Cisco Firepower Threat Defense v6.2 and FX-OS v2.2 on the 4k and 9k Families (FPWR 4110, FPWR 4120, FPWR 4140, FPWR 4150, FPWR 9300 SM-24, FPWR 9300 SM-36 and FPWR 9300 SM-44) FX-OS v2.2 NIAP Validation Ongoing (at Gossamer)
Cisco Firepower Threat Defense v6.2 and FX-OS v2.2 on the 2k Families (FPWR 2110, FPWR 2120, FPWR 2130, FPWR 2140) FX-OS v2.2 NIAP Validation Ongoing (at Gossamer)
Cisco NGFW running ASA v9.8 and FX-OS v2.2 on the 4K and 9K families (FP 4110, FP4120, FP 4140, FP 4150, FPWR 9300 SM-24, FPWR 9300 SM-36, FPWR 9300 SM-44) FX-OS v2.2 NIAP Validation Ongoing (at Gossamer)
Cisco NGFW running ASA v9.8 and FX-OS v2.2 on the Firepower 2100 Series (2110, 2120, 2130 and 2140) FP v6.1 NIAP Validation Completed (at Gossamer)
Forcepoint Federal Next Generation Firewall LINUX v6.3.1 NIAP Validation Completed (at Gossamer)
Fortinet FortiGate UTM Appliances (50E, VM, 90D, 100D, 200D, 300D, 500D, 600D, 900D, 1000D, 1200D, 1500D, 3000D, 3200D, 3700D and 50001D) FortiOS 5.4.2 NIAP Validation Completed (at BAE Systems)
Juniper SRX Product Series: SRX100, SRX110, SRX210, SRX220, SRX240, SRX550, SRX650, SRX 5400, SRX5600 and SRX5800 JUNOS 12.3x48-D30 NIAP Validation Completed (at BAE Systems)
Juniper SRX Product Series: SRX300, SRX320, SRX340, SRX345, SRX550M, SRX5400, SRX5600 and SRX5800 JUNOS 15.1x49-D60 NIAP Validation Completed (at BAE Systems)
Juniper SRX Product Series: SRX300, SRX320, SRX340, SRX345, SRX550M, SRX5400, SRX5600 and SRX5800 JUNOS 17.4R1 NIAP Validation Ongoing (at BAE Systems)
Juniper SRX Product Series: SRX1500, SRX4100 and SRX4200 JUNOS 17.4R1 NIAP Validation Ongoing (at BAE Systems)
Palo Alto Networks Next Generation Firewall (PA-200, PA-220, PA-500, PA-820, PA-850, PA-2050, PA-3020, PA-3050, PA-3060, PA-5020, PA-5050, PA-5060, PA-5220, PA-5250, PA-5260, PA-7050, PA-7080) PAN-OS 8.0.6 NIAP Validation Completed (at Leidos)
Palo Alto Networks VM-50, VM-100, VM-200, VM-300, VM-500, VM-700 and VM-1000-HV when installed using VMWare ESXi 5.5, KVM, Microsoft Hyper-V and Intel Xeon processor based on Ivy Bridge, Broadwell or Haswell microarchitectures, which implement Intel Secure Key either on Dell PowerEdge R730 and PacStar PS451 servers or equivalent platforms; i.e, Intel Ivy Bridge, Broadwell or Haswell-based processor with Broadcom or Intel Networks Interface Controllers supported by the server. The VM-series virtual appliance must be the only guest running in the virtual environment. PAN-OS 8.0.6 NIAP Validation Completed (at Leidos)
SonicWall SonicWall SM Network Security Appliance SonicOS 6.2.5 NIAP Validated Completed (at EWA Canada)
SonicWall SonicWall NSA Network Security Appliance SonicOS 6.2.5 NIAP Validated Completed (at EWA Canada)
SonicWall SonicWall TZ Network Security Appliance SonicOS 6.2.5 NIAP Validated Completed (at EWA Canada)


VoIP Applications

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Cisco Jabber (for Windows 10) Version 11.8 NIAP Validation Completed (at Acumen Security)
Cisco Jabber (for iPhone/iPad) Version 11.7 NIAP Validation Completed (at Acumen Security)
Cisco Jabber (for Android) Version 11.7 NIAP Validation Completed (at Acumen Security)
Secusmart SecuSUITE Secure Call Client Version 3.0 NIAP Validation Completed (at EWA Canada)


Web Browsers

Click for Selections


WLAN Access System

Click for Selections

Vendor Model Version (or later) CNSSP-11 Compliance
Aruba 600 Series Mobility Controllers Aruba OS 6.3.1.5 NIAP Validation Completed (at Leidos)
Aruba 3000 Series Mobility Controllers Aruba OS 6.3.1.5 NIAP Validation Completed (at Leidos)
Aruba 6000 Series Mobility Controllers Aruba OS 6.3.1.5 NIAP Validation Completed (at Leidos)
Aruba 7000 Series Mobility Controllers Aruba OS 6.3.1.5 NIAP Validation Completed (at Leidos)
Cisco Aireos WLAN Controllers: 2504, 5508, WiSM-2, 7510; Access Points: 1142, 1262, 1552E, 1552I, 1532E, 1532I, 3502E, 3502I, 1602E, 1602I, 2602E, 2602I, 3602I, 3602P, 2702E, 2702I, 3702E, 3702I, AIR-RM3000M Security Module AireOS 8.0 NIAP Validation Completed (at CSC Australia)
Cisco IOS WLAN Controllers: 5760, 3850, 3650; Access Points: 1532E, 1532I, 3502E, 3502I, 1602E, 1602I, 2602E, 2602I, 3602E, 3602I, 3602P, 2702E, 2702I, 3702E, 3702I, AIR-RM3000M Security Module IOS-XE 3.6.0E NIAP Validation Completed (at CSC Australia)
General Dynamics C4 Systems Fortress Mesh Point ES 210 Product Series Rev 5.4.5 NIAP Validation Completed (at InfoGard)
General Dynamics C4 Systems Fortress Mesh Point ES 2440 Product Series Rev 5.4.5 NIAP Validation Completed (at InfoGard)
General Dynamics C4 Systems Fortress Mesh Point ES 520, ES 820 Product Series Rev 5.4.5 NIAP Validation Completed (at InfoGard)


WLAN Client

All validated Mobile Platform components include validated WLAN Client implementations