Avaya Only the Second Company in the World to Complete the Rigorous Network Device Collaborative Protection Profile (NDcPP) Security Requirements and Demonstrate the Highest Degree of Security Robustness
Avaya announced that its Avaya Virtual Services Platform 4000 series, 7000 series and 8000 series switches have successfully completed Common Criteria Certification and are now Protection Profile NDcPP compliant. Avaya is the second company to be evaluated and receive Common Criteria certification against the NDcPP v1.0.
Common Criteria serves as the basis for government-driven certification and evaluation for government security agencies of more than two dozen nations. Common Criteria permits comparability between the results of independent security through a common set of requirements for the security functionality of IT products and for assurance measures applied to these IT products during a security evaluation.
Specification, implementation and evaluation of a computer security product is conducted in a rigorous and repeatable manner at a level that is commensurate with the target environment for use. The evaluation process establishes a level of confidence that the security functionality of these IT products and the assurance measures applied to these IT products meet these requirements. The CC Certification ensures that the network device has demonstrated under test a level of high and consistent security standards.
The Avaya Virtual Service Platform (VSP 4000, VSP 7000, VSP 8000) implement the following security functions:
- Cryptographic Support
- Identification and Authentication
- Security Management
- Protection of the TOE Security Function (TSF)
- Target of Evaluation (TOE) Access
- Trusted Path/Channels
The successfully completed Common Criteria Evaluation and The Validation Report and Security Target have been posted on the NIAP Product Compliant List (PCL). These are also compliant to FIPS 140-2 with the National Institute of Standards and Technology (NIST) based on the embedded Mocana Cryptographic Suite B Module (Software Version: 6.4.1f) used in the products.
Mark Hankel, Security Architect, Avaya Government Solutions said, “The Common Criteria Certification adds global recognition to our Virtual Service Platform 4000 Series, 7000 Series and 8000 Series that has already met the stringent JITC (Joint Interoperability Test Command) testing for Information Assurance (IA) and Interoperability (IO) conformance. We are honored to have achieved this unprecedented level of global security certification.”