Homepage Aruba newsroom

Aruba Achieves Cybersecurity First with Common Criteria Certification for Network Access Control Solutions

Announcement posted by Aruba 29 Jan 2018

New Common Criteria Certification for Aruba ClearPass Increases Cyber Protection Assurances for Global Government Agencies and Private-Sector Enterprises
Sydney, Australia – 29 January 2018 Aruba, a Hewlett Packard Enterprise company (NYSE:HPE), today announced that Aruba ClearPass is the first in the cybersecurity industry to be awarded Common Criteria certification for a network access control (NAC) solution, under both the Network Device collaborative Protection Profile1 and the Extended Package for Authentication Servers2 modules. ClearPass is also the industry’s first NAC solution to receive certification as an authentication server.

With this advanced Common Criteria certification, governed by ISO/IEC standards bodies and awarded by the National Information Assurance Partnership (NIAP), Aruba ClearPass was validated through an independent testing laboratory to ensure it adheres to strict government and defense cybersecurity standards. ClearPass empowers Information Technology teams with the ability to intelligently profile, authenticate, and authorise users, systems, and devices to access network and IT resources. ClearPass allows government agencies and private organisations to rely on Common Criteria certification as assurance for providing a global, independent, and certifiable cybersecurity baseline.

Mobile, cloud, and IoT have imposed new demands on cybersecurity professionals. Aruba ClearPass is designed for this new era of threats and it was awarded Common Criteria certification for the Network Device Collaborative Protection Profile after completing tests focused on a set of demanding security requirements that mitigate a series of well-defined threats. Tests replicate real-world threat situations covering all aspects of access control including encryption, physical security, certificate validation, and processing, along with TLS/SSL processing. NDcPP represents a security baseline for any network-connected device or system.

As an important complement to NDcPP, Aruba ClearPass received Common Criteria certification for the Extended Package for Authentication Servers module. This extended package assesses functionality specific to RADIUS authentication servers, and qualifies ClearPass to appear on the approved product list for the US National Security Agency’s Commercial Solutions for Classified (CSfC) program. US government customers deploying classified communications systems under the CSfC program may use ClearPass to securely authenticate user and device access over wired, Wi-Fi, and remote connections.

Aruba’s certification was granted by the NIAP, which is a United States government initiative that oversees a national program to evaluate commercial off-the-shelf (COTS) information technology (IT) products for conformance to the internationally recognised Common Criteria security testing standards. Tests were performed by Gossamer Security Solutions, one of the world’s most renowned security testing laboratories.

Common Criteria is a global standard to which security products are evaluated on behalf of both government agencies and private sector organisations who are focused on dealing with an increasingly complex and dangerous threat environment. Certifications are universally recognised by 28 nations and products certified in one country are recognised by all other countries. NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and increase efficiencies by avoiding the duplication of efforts. To learn more, visit the NIAP portal.

“Common Criteria validation provides the highest level of security certification an organisation can receive, which elevates Aruba network access control to new levels,” said Jon Green, CTO for Security at Aruba, a Hewlett Packard Enterprise company. “Securing enterprises for the mobile, cloud, and IoT era has never been this challenging. The certification demonstrates Aruba’s commitment to providing customers with the industry’s most secure solutions for multi-vendor, wired, and Wi-Fi network infrastructures, even if it’s not an Aruba network.”

“Government agencies and enterprise organisations alike continue to seek clarity through the chaos caused by the increasingly complex and sophisticated threat landscape,” said Bill Buckalew, vice president of partner sales for Optiv, a Denver-based market-leading provider of end-to-end cybersecurity solutions. “We are pleased Aruba was first to receive certification status for such a well-established security standard like Common Criteria. Efforts like this from our key technology partners, such as Aruba, play an important role in enabling Optiv to perform comprehensive security optimisation—from strategy and planning straight through to implementation and management—for our clients.”

About ClearPass
Aruba ClearPass is a proven network access control and policy management cybersecurity solution that can discover, profile, authenticate, and authorise any network access, on wired or wireless networks, including for BYOD and IoT devices. Its position as network gatekeeper enables both secure network access as well as accelerated attack response. It can be integrated with the Aruba IntroSpect UEBA behavioral analytics solution and can also be deployed on any vendor’s network.

Availability
Sold as a stand-alone appliance or as software only, ClearPass with the new CC certification is available now.

About Aruba, a Hewlett Packard Enterprise company
Aruba, a Hewlett Packard Enterprise company, is a leading provider of next-generation networking solutions for enterprises of all sizes worldwide. The company delivers IT and cybersecurity solutions that empower organisations to serve the latest generation of mobile-savvy users who rely on cloud-based business apps for every aspect of their work and personal lives.
To learn more, visit Aruba at http://www.arubanetworks.com. For real-time news updates follow Aruba on Twitter and Facebook, and for the latest technical discussions on mobility and Aruba products visit Airheads Social at http://community.arubanetworks.com.
 
Additional Materials
 
Blog by Jon Green: “Now Common Criteria Certified, ClearPass is Ideal for Highly Secure Environments”
 
NIAP page for Aruba ClearPass’ Common Criteria certification
 
Complete list of Aruba Federal security certifications
 
Aruba ClearPass Solution Brief
 
For more information, please contact:
Duyen or Sarah at DEC PR
+61 2 8014 5033 and aruba@decpr.com.au