News & Events: GateKeeper Receives FIPS 140-2 Cert
News & Events
Xceedium's GateKeeper Receives FIPS 140-2 Certification
Centralized IT Operations Management Solution with Secure Access for Technical Users Provides Powerful Government Certified Solution
Jersey City, NJ – September 10, 2007 – Xceedium, the premier provider of Secure Centralized IT Operations Management and Secure Access for Technical Users, today announced that its flagship GateKeeper appliance was awarded Federal Information Processing Standard (FIPS) 140-2 certification. FIPS 140-2 is a security standard issued by the National Institute of Standards and Technology (NIST) to accredit products that meet strict cryptography specifications required by government organizations.
"Many IT products claim FIPS 140-2 compliance when only certain components have been validated," said Xceedium CEO Cheryl Traverse. "With our FIPS 140-2 certification, we've demonstrated that all of the hardware and software that went into the construction of the GateKeeper appliance meets the government's strictest security cryptography requirements – from top to bottom, inside and out."
By law, no U.S. government organization can purchase a product containing cryptography unless it has been FIPS certified. The standard has been adopted by the Canadian government's Communication Security Establishment (CSE) and is also likely to be adopted by the financial community through the American National Standards Institute (ANSI). Products with FIPS 140-2 certification have met the security requirements that relate to the secure design and implementation of a cryptographic module.
Xceedium GateKeeper received a FIPS 140-2 level two security rating, which specifically adds requirements for physical tamper-evidence, role-based authentication and encryption. The U.S. Department of Defense, Air Force, Army, Navy, TD Ameritrade and Marsh McLennan are among the organizations that rely on GateKeeper. With the GateKeeper appliance, government, financial and other commercial organizations can easily create and enforce a restrictive access policy for their privileged technical users, enforce a standardized containment model for privileged users that satisfies access control requirements for compliance and effectively and unobtrusively track all privileged user activities and events with comprehensive, ad hoc and real-time reporting for accountability.
For more on Xceedium GateKeeper's FIPS 140-2 certification, please visit:
http://csrc.nist.gov/cryptval/140-1/1401val2007.htm#813
About Xceedium Inc.
Xceedium's proven GateKeeper solution delivers secure access and enforcement for technical and untrusted users while providing a highly efficient secure IT operations platform for these users to maintain remote critical infrastructure. Using a centralized management platform and a service-driven access model, GateKeeper is deployed by hundreds of Fortune 500 corporations and large US government agencies to protect critical infrastructure and data while improving productivity and reducing costs. Using patent-pending technology, GateKeeper compartmentalizes entrants, restricting them to authorized areas with no visibility into the rest of the infrastructure. The Xceedium GateKeeper prevents leap frogging from authorized devices, delivers real-time violation alerts, provides complete tracking of all activities and delivers comprehensive easy-to-produce reports for audit and compliance requirements. GateKeeper has Common Criteria EAL 2, Common Criteria EAL 3, and FIPS 140-2 certification. Xceedium is headquartered in Jersey City, N.J.
# # #
Media Contact:
Chris Blake
MSR Communications
818-585-0255
chris@msrcommunications.com