Domain services

Common Criteria EAL4 + certification for SDoT Security Gateway Cross Domain Solution

Copyright 2021 PR Newswire. All rights reserved

Cologne, Germany, November 18, 2021 / PRNewswire / – The SDoT Security Gateway has received an Evaluation Assurance Level (EAL) of ISO / IEC 15408 Common Criteria (CC) 4+ certification from the German Federal Office for Information Security ( BSI). INFODAS and its product have met one of the most demanding assessments in the global cybersecurity industry. Once again, SDoT cross-domain solutions and their development excel in quality, reliability, integrity and security. The two-way High Assurance Guard can filter structured and unstructured data and already holds general approvals from Germany, NATO and EU SECRET.

In the past, sensitive systems and data from the military, government agencies or critical infrastructure were isolated. Even today, many classified information protection regulations do not reflect technological advances in cross-domain solutions. These practices and regulations prevent the end-to-end digitization of critical IT environments, facing the shortage of IT experts and the demands of rapid decision-making among government agencies, military units or multinational partners. Today, only trusted solutions with CC EAL4 + certification or national security agency approvals can change that reality. They combine a break in protocol with in-depth inspection, transformation and monitoring of data transfers, ensuring that only correct and authorized information passes through systems at different levels of security.

The German BSI ISO / IEC 15408 Common Criteria Standard Scheme is the global benchmark for cybersecurity. A growing number of domestic and international end users expect IT vendors to produce reliable and reliable evidence of the cybersecurity capabilities of their products. The CC assessment process applies objective and verifiable criteria on specified evidence. The depth of the assessment is marked by the Assessment Assurance Level (EAL) of 1 to 7. Unlike popular Collaborative Protection Profiles (cPP) which are primarily based on CC EAL 1/2, the gateway to SDoT security had to respond to CC EAL4 +. This included extensive penetration testing, vulnerability scanning, and source code analysis by independent CC auditors.

The certification process started in 2019 and was conducted by atsec information security GmbH, a BSI certified CC auditor based in Germany, under the supervision of BSI. Beyond the product, INFODAS GmbH had to provide evidence of its research and development practices, product documentation, product support or relevant business processes. The audit benefited from activities related to SECRET approvals from Germany, NATO and the EU. Unlike a common criteria certification which can be initiated by any IT vendor, national security authority approvals require a public sector sponsor.

“The CC EAL4 + certification of the SDoT security gateway meets customer demands in various industries and underscores our leadership position in the global cross-domain solutions market. This shows the strength of our team and that true “zero trust security” products can come from Germany“said Dr. Alexandre konen, Solutions Director. According to Hanns Benigno Groeschke, CC expert from INFODAS: “CC Auditors accredited by BSI are highly regarded around the world: they apply CC standards independently, diligently, relentlessly and systematically. At the same time, the Federal Office for Information Security continuously examines the results of the audits to ensure the best quality of their CC Certifications “.

All elements of the Secure Domain Transition (SDoT) family of products meet the highest requirements for hardware and software security at SECRET level and below interoperability level (SABI). They are developed and manufactured in Germany with full transparency of the supply chain. They are available as 19 “, 1U, or smaller deployable sizes for vehicles. Other products include the SDoT Express security gateway optimized for near real-time, low-latency filtering of structured data such as XML or JSON. Just like the SDoT diode for one-way data transfer up to 9.1 Gbit / s, both products have the general SECRET approvals of NATO, EU and Germany. Object such as MS Office documents.

About INFODAS – securely connect

INFODAS is an independent family business founded in 1974 in Germany. The company develops innovative cross-domain solutions based on security principles by design and provides cybersecurity, IT and AI consulting to governments, defense and business customers. The cross-domain solutions of the INFODAS SDoT product family (SDoT security gateway, SDoT diode, SDoT labeling service, are approved up to German, EU, NATO SECRET and are listed in the NATO Information Assurance Catalog. Combined with OPSWAT Metadefender, Kiosk and Vault, SDoT products protect and ensure malware-free data entry, storage and recovery. Over the past 15 years, SDoT products have been used in the harshest and most critical environments around the world. They are designed and manufactured in Germany following the principle of safety from the design stage and transparency of the supply chain.

Dr. Alexandre schellong
Vice President Global Affairs
Phone. +49 (0) 221 70912234

Dr. Alexander Koenen, Board Member and Head of Solutions and Hanns Benigno Groeschke, CC INFODAS Expert
SDoT Security Gateway Enables Digitization of Critical Areas