SOURCE: Ingrian Networks

September 18, 2006 05:00 ET

Ingrian DataSecure in Evaluation for FIPS 140-2 and Common Criteria With InfoGard Laboratories

REDWOOD CITY, CA -- (MARKET WIRE) -- September 18, 2006 -- Ingrian® Networks, Inc., the leading provider of data privacy solutions, today announced that the Ingrian DataSecure™ Platform is under evaluation for FIPS 140-2 and in the pre-evaluation phase for Common Criteria Evaluation Assurance Level 2 (EAL2) with InfoGard Laboratories.

FIPS 140-2 and Common Criteria are independent security evaluations performed by US government accredited security laboratories. The United States Federal Government requires that cryptographic products be validated to the FIPS 140-2 standard when used to protect sensitive unclassified data prior to agency procurement. Similarly, Common Criteria certification, which tests the security capabilities of IT products is recognized internationally and is quickly becoming a standard requirement for many federal agencies and private sector companies. To date, 24 countries also recognize the Common Criteria certification, allowing governmental organizations operating in these nations to purchase technology products with the confidence that they are in compliance with widely accepted security standards.

"Ingrian is committed to providing easy to deploy, state-of-the-art encryption solutions which scale to Federal Government needs," said Wayne Pambrun, director of federal relations. "We are at the forefront of securing sensitive data at rest, and these certifications allow our system integrator partners and Government customers to have confidence that Ingrian's solutions have met the stringent testing and standards required by the US Federal Government. This new certification demonstrates Ingrian's continued leadership in data encryption, and we believe this is strong validation of our products' ability to meet the needs of the government marketplace."

Through physical and logical vulnerability analysis and testing, the FIPS 140-2 validation provides assurance that the product's security rules are properly enforced and that the cryptographic functionality has been implemented correctly. Common Criteria (EAL2) certification requires developer testing, a vulnerability analysis, and independent testing based upon detailed Target of Evaluation (TOE) specifications. Successful testing against these standards qualifies DataSecure as a valid candidate for Department of Defense and other government contracts that have Common Criteria and FIPS 140-2 requirements.

The Computer Security Division at the National Institute of Standards and Technology (NIST) coordinates cryptographic module validations and maintains the FIPS 140-2, while The National Information Assurance Partnership (NIAP) and Validation Scheme (CCEVS), which is staffed by the National Security Agency (NSA), oversee Common Criteria in the United States.

InfoGard, accredited by the National Voluntary Accreditation Program (NVLAP) of NIST and approved by the Common Criteria Evaluation Validation Scheme (CCEVS), is the independent security testing lab evaluating the Ingrian DataSecure product family. InfoGard adheres to strict standards, considers numerous real-world deployment scenarios, and conducts comprehensive component level systematic testing at the source-code level to determine if the IT component meets the security standards.

For information on what government agencies should consider when implementing encryption, including determining what to encrypt, where to encrypt, and how to encrypt, download Ingrian's complimentary whitepaper entitled, "Keys to Successful Encryption Deployments in Government Agencies."

For more information about the Common Criteria Evaluation and Validation Scheme, visit http://niap.nist.gov/cc-scheme/index.html.

About DataSecure Platforms

Ingrian DataSecure Platforms provide an intelligent, cost-effective way to protect critical data from both internal and external threats. Featuring dedicated hardware appliances and patent-pending cryptography software, Ingrian's solutions deliver capabilities for granular encryption, seamless integration, and centralized security management. With its solutions, Ingrian supports:

--  Retailers, financial institutions, and payment processors in adhering
    to card issuer security policies like the Payment Card Industry (PCI) Data
    Security Standard.
--  Organizations around the world seeking to comply with privacy
    legislation, such as California SB1386, the Europe Union Data Protection
    Directive, and many others.
--  Financial institutions seeking to comply with Gramm-Leach-Bliley Act.
--  Government agencies striving to adhere to the Federal Information
    Security Management Act.
    
About InfoGard Laboratories:

Founded in 1993, with over 200 customers from more than 25 countries, InfoGard is the premier, independent, security laboratory in the United States. InfoGard's security testing and evaluation services include: Payment Card Industry (PCI), Common Criteria, Cryptographic Module Validations (FIPS 140-2), Personal Identity Verification (FIPS 201), Postal Metering Systems, and Network Security Assessments. Visit www.infogard.com for more information.

About Ingrian Networks

Ingrian Networks brings complete data privacy to the enterprise. With Ingrian DataSecure Platforms, organizations can protect critical data from both internal and external threats, and ensure compliance with legislative and policy mandates for security. DataSecure features a dedicated security appliance and specialized software that enables organizations to encrypt critical data in applications and databases. With its capabilities for granular encryption, seamless integration, and centralized security management, DataSecure enables organizations to guard against a range of security threats, with unparalleled ease and cost effectiveness. Ingrian is a privately held company backed by such investors as Globespan Capital Partners, HighBAR Ventures, Menlo Ventures, Partech International, and Prism Venture Partners. For more information, visit http://www.ingrian.com.

Contact Information

  • For more information:
    Ingrian Networks
    Betty Liang
    (650) 261-2488
    Email Contact