Commercial Solutions for Classified CSfC is a vital part of NSA’s advertisement cybersecurity method to carry secure cybersecurity answers leveraging commercial technologies and items to bring cybersecurity solutions quickly. It is headquartered on the principle that correctly configured, layered answers can provide sufficient coverage of categorized data in a lot of different functions. NSA has developed, authorised and published solution level standards called Capability Packages CPs, and works with Technical Communities from across industry, governments, and academia to broaden and put up product level necessities in US Government Protection Profiles PPs. CPs for Mobile Access, Multi Site Connectivity, Campus Wireless LAN, and Data at Rest solutions are now published in this site.
To help ensure commercial element owners meet CNSS Policy CNSSP No. 11 requirements, here contractual language is advised for procurements related to advertisement applied sciences: Technologies for will be procured in line with CNSSP No. 11, “National Policy Governing the Acquisition of Information Assurance and IA Enabled Information Technology Products. ” In addition, applied sciences shall be procured which have been validated by Common Criteria Testing Labs, according to the National Information Assurance Partnership NIAP Protection Profiles PPs. Where a PP exists however the favored product has not been confirmed in opposition t it, shall direct the preferred vendor to have their product established in opposition t the applicable, corresponding PP.
For National Security Systems NSS where classified data is being covered at rest or in transit by commercial products, technologies from the Commercial Solutions for Classified CSfC Components List shall be used, according to NSA’s posted CSfC Capability Packages. Capability Packages and the CSfC Components List are located by traveling the CSfC Components List page. NIAP tested merchandise are located at the NIAP website on the CCEVS Product Compliant List page.