The Latest Fortinet News
Product and Solution Information, Press Releases, Announcements
|Fortinet® Earns Common Criteria EAL 4+ Certification for FortiOS 4.3-VM|
|Posted: Mon Sep 16, 2013 11:29:21 AM|
Independently-Assured Security Certification Further Reflects Fortinet’s Commitment to Government and Enterprise Customers
SUNNYVALE, Calif. -- September 16, 2013 -- Fortinet® (NASDAQ: FTNT) - a global leader in high-performance network security – today announced the company’s FortiOS 4.3-VM firmware and FortiGate family of unified threat management (UTM) and next-generation firewall (NGFW) appliances have received certification for Common Criteria Evaluation Assurance Level EAL 4+. As a network security pioneer and innovator, Fortinet leads the industry with third-party certifications and products that consistently meet and often exceed the stringent requirements set by the U.S. Government, the U.S. Department of Defense (DOD) and other large organizations internationally.
The Common Criteria certification process provides a third-party evaluation service for determining the trustworthiness of information technology security products, which is fundamentally important to the company’s enterprise and government customers. Evaluations involve formal rigorous analysis and testing to examine security aspects of a product or system. Extensive testing activities involve a broad and formally repeatable process, confirming that the security product functions as claimed by the manufacturer. Security weaknesses and potential vulnerabilities are specifically examined during an evaluation.
“During maintenance of the EAL 4+ certification of the Fortinet FortiOS V4.0 MR3 products, we found the FortiGate-VM to have fully met the security features of the original evaluation. It extends the capabilities provided by FortiGate products to provide protection to virtual environments,” said Erin Connor, director of the EWA-Canada Common Criteria testing lab. “With this maintenance of its EAL 4+ certification to include a new version, Fortinet continues its commitment to providing high quality secure products that have been independently verified to meet international security standards.”
Fortinet Virtual Appliance Advantage
FortiGate virtual appliances and virtual domains enable the deployment of consolidated network security to protect virtual infrastructure and increase visibility and control over communications within virtualized environments.
Flexible and Scalable
Fortinet virtual appliances can be scaled quickly to meet demand and protect intra-virtual machine communications by implementing critical security controls within a virtual infrastructure, running on VMware, Citrix and open source Xen. FortiGate virtual appliances feature all of the security and networking services common to traditional hardware-based FortiGate appliances. With the addition of virtual appliances from Fortinet, users can deploy a mix of hardware and virtual appliances, operating together and can be managed from a common centralized management platform. Additional virtual appliances that have hardware appliance counterparts include FortiManager™, FortiMail™, FortiAnalyzer™, FortiWeb™, FortiAuthenticator, FortiADC, FortiCache and FortiScan™.
Fortinet Leads Industry with Third-Party Certifications
In addition to Common Criteria, Fortinet has a long list of third-party certifications that include FIPS 140-2, NSS Labs, ICSA Labs, IPv6, and ISO 9001:2008.
“Common Criteria certification is critical to the success of our large enterprise and government customers,” said Steve Kirk, vice president of Federal operations for Fortinet. “This latest EAL 4+ certification validates our technology innovation and continued drive to lead the industry and produce the highest performing network security products.”
The Common Criteria for IT Security Evaluations, also known as ISO standard 15408, was developed by the national security organizations of the United States, Canada, the United Kingdom, France, Germany and The Netherlands. It provides a broad range of evaluation criteria for many types of commercial and nationally-sensitive government-use IT security products.