12/3/2004 - TeamF1, Inc., the established leader in high-performance embedded networking and security software, announced that its SSHield software included in the Broadmore/SSHield Management Module has received the Federal Information Processing Standards (FIPS) 140-2 validation. With the award of this certificate from the U.S. National Institute of Standards and Technology (NIST) and Canada's Communications Security Establishment (CSE), TeamF1 becomes the first company to deliver OEM-ready secure management middleware that has passed FIPS 140-2 validation.
TeamF1's SSHield product is an implementation of the IETF SECSH protocol, and it provides an authenticated, encrypted data communications channel for secure management of embedded devices. Designed for OEM use in the most resource-constrained embedded environments, SSHield has been widely used to secure the management of complex infrastructural devices, many of which find use in government end-user systems.
FIPS 140-2 specifies security requirements necessary for a cryptographic module to be utilized within government security systems. It also precludes the use of unvalidated cryptography for the cryptographic protection of sensitive or valuable data within Federal systems. Waivers were possible in the past, but with the passage of the Federal Information Security Management Act (FISMA) of 2002, there is no longer a statutory provision for waivers to FIPS 140-2.
"With the successful FIPS 140-2 validation of its software, TeamF1 continues to raise the bar for embedded security middleware", said Mukesh Lulla, President of TeamF1. "This milestone enables our OEM customers, particularly those selling into the government sector, to use our leading edge, designed-for-embedded software, and deliver solutions that meet the stringent guidelines set by NIST and CSE. While government agencies have been leading the demand for tighter security standards, we believe that other commercial organizations will also adopt these proven standards in the future and TeamF1 is proud to be at the forefront of this effort".
Continuing a long tradition of partnering with its customers to build market-driven solutions, TeamF1 partnered in this effort with Carrier Access Corporation (NASDAQ: CACS), to validate TeamF1's SSHield module as embedded in the Carrier Access's Broadmore line of products, rather than relying on a simulated application of its middleware.
“Very few companies have completed FIPS validation of their management systems. We are proud of the work we accomplished with TeamF1 and InfoGard Laboratories in making telecommunications networks more secure. Our collaborative efforts will ensure that our customers can protect access to their critical communications networks", said Roger Koenig, president, CEO and Chairman, Carrier Access.
The SSHield-enabled module was validated to Level 1 overall, with Level 3 validation for roles, services and authentication, design assurance and cryptographic key management, and is one of less than 500 products to have successfully completed FIPS validation. Earlier this year, TeamF1’s Krypto-Lite library used in many of the company’s security and authentication products also received algorithm validation certificates from NIST (http://csrc.nist.gov/cryptval).
AMore information about FIPS is available at http://www.itl.nist.gov/fipspubs/index.htm. More information about TeamF1's certificate (Certificate #478) can be obtained from http://csrc.nist.gov/cryptval/140-1/1401val2004.htm.
TeamF1, Inc., founded in 1996, is a privately held corporation headquartered in Fremont, CA. TeamF1's products enable secure management of telecom/datacom and industrial equipment, and provide the infrastructure components needed for switching and wireless products in various market segments. For more information visit the company's website at http://www.TeamF1.com
Previous Page | News by Category | News Search
If you found this page useful, bookmark and share it on: