New Common Criteria Certification for Aruba ClearPass Increases Cyber Protection Assurances for Global Government Agencies and Private-Sector Enterprises
Aruba, a Hewlett Packard Enterprise company (NYSE:HPE), today announced
that Aruba
ClearPass is the first in the cybersecurity industry to be awarded
Common Criteria certification for a network access control (NAC)
solution, under both the Network Device collaborative Protection Profile1
and the Extended Package for Authentication Servers2 modules.
ClearPass is also the industry’s first NAC solution to receive
certification as an authentication server.
With this advanced Common Criteria certification, governed by ISO/IEC
standards bodies and awarded by the National Information Assurance
Partnership (NIAP), Aruba ClearPass was validated through an independent
testing laboratory to ensure it adheres to strict government and defense
cybersecurity standards. ClearPass empowers Information Technology teams
with the ability to intelligently profile, authenticate, and authorize
users, systems, and devices to access network and IT resources.
ClearPass allows government agencies and private organizations to rely
on Common Criteria certification as assurance for providing a global,
independent, and certifiable cybersecurity baseline.
Mobile, cloud, and IoT have imposed new demands on cybersecurity
professionals. Aruba ClearPass is designed for this new era of threats
and it was awarded Common Criteria certification for the Network Device
Collaborative Protection Profile after completing tests focused on a set
of demanding security requirements that mitigate a series of
well-defined threats. Tests replicate real-world threat situations
covering all aspects of access control including encryption, physical
security, certificate validation, and processing, along with TLS/SSL
processing. NDcPP represents a security baseline for any
network-connected device or system.
As an important complement to NDcPP, Aruba ClearPass received Common
Criteria certification for the Extended Package for Authentication
Servers module. This extended package assesses functionality specific to
RADIUS authentication servers, and qualifies ClearPass to appear on the
approved product list for the US National Security Agency’s Commercial
Solutions for Classified (CSfC) program. US government customers
deploying classified communications systems under the CSfC program may
use ClearPass to securely authenticate user and device access over
wired, Wi-Fi, and remote connections.
Aruba’s certification was granted by the NIAP, which is a United States
government initiative that oversees a national program to evaluate
commercial off-the-shelf (COTS) information technology (IT) products for
conformance to the internationally recognized Common Criteria security
testing standards. Tests were performed by Gossamer
Security Solutions, one of the world’s most renowned security
testing laboratories.
Common Criteria is a global standard to which security products are
evaluated on behalf of both government agencies and private sector
organizations who are focused on dealing with an increasingly complex
and dangerous threat environment. Certifications are universally
recognized by 28 nations and products certified in one country are
recognized by all other countries. NIAP also works with NATO and
international standards bodies (ISO) to share Common Criteria evaluation
experiences and increase efficiencies by avoiding the duplication of
efforts. To learn more, visit the NIAP
portal.
“Common Criteria validation provides the highest level of security
certification an organization can receive, which elevates Aruba network
access control to new levels,” said Jon Green, CTO for Security at
Aruba, a Hewlett Packard Enterprise company. “Securing enterprises for
the mobile, cloud, and IoT era has never been this challenging. The
certification demonstrates Aruba’s commitment to providing customers
with the industry’s most secure solutions for multi-vendor, wired, and
Wi-Fi network infrastructures, even if it’s not an Aruba network.”
“Government agencies and enterprise organizations alike continue to seek
clarity through the chaos caused by the increasingly complex and
sophisticated threat landscape,” said Bill Buckalew, vice president of
partner sales for Optiv, a Denver-based market-leading provider of
end-to-end cybersecurity solutions. “We are pleased Aruba was first to
receive certification status for such a well-established security
standard like Common Criteria. Efforts like this from our key technology
partners, such as Aruba, play an important role in enabling Optiv to
perform comprehensive security optimization—from strategy and planning
straight through to implementation and management—for our clients.”
About ClearPass
Aruba ClearPass is a proven network access control and policy management
cybersecurity solution that can discover, profile, authenticate, and
authorize any network access, on wired or wireless networks, including
for BYOD and IoT devices. Its position as network gatekeeper enables
both secure network access as well as accelerated attack response. It
can be integrated with the Aruba IntroSpect UEBA behavioral analytics
solution and can also be deployed on any vendor’s network.
Availability
Sold as a stand-alone appliance or as software only, ClearPass with the
new CC certification is available now.
About Aruba, a Hewlett Packard Enterprise company
Aruba, a Hewlett Packard Enterprise company, is a leading provider of
next-generation networking solutions for enterprises of all sizes
worldwide. The company delivers IT and cybersecurity solutions that
empower organizations to serve the latest generation of mobile-savvy
users who rely on cloud-based business apps for every aspect of their
work and personal lives.
To learn more, visit Aruba at http://www.arubanetworks.com.
For real-time news updates follow Aruba on Twitter and Facebook, and for
the latest technical discussions on mobility and Aruba products visit
Airheads Social at http://community.arubanetworks.com.
Additional Materials
Blog
by Jon Green: “Now Common Criteria Certified, ClearPass is Ideal for
Highly Secure Environments”
NIAP
page for Aruba ClearPass’ Common Criteria certification
Complete
list of Aruba Federal security certifications
Aruba
ClearPass Solution Brief
1(NDcPP)
2(PP_NDCPP_APP_AUTHSVR_EP)
Aruba, a Hewlett Packard Enterprise company
Emory Epperson, +1-408-761-7335
emory.epperson@hpe.com
or
Aruba, a Hewlett Packard Enterprise company
Lori Hultin, +1-818-879-4651
lori.hultin@hpe.com