CryptoStor FC Meets Rigorous FIPS 140-2 Level 3 Certification Requirements
MILPITAS, CA (November 2005) - NeoScale Systems Inc., the premier storage security company, today announced that the U.S. National Institute of Standards and Technology (NIST) has awarded FIPS 140-2 Level 3 Certificate #583 to NeoScale's CryptoStor FC, the first storage security appliance to achieve this certification level. The CryptoStor FC FIPS 140-2 Level 3 certification encompasses the entire system from the physical and logical integrity of individual hardware components, to the operating system, to system level functionality such as user access control and key management. Other storage security appliance vendors have only certified components within the appliance, or have not achieved level three FIPS certification. CrytoStor FC delivers wire-speed security of SAN-attached disk arrays without requiring complex host agents or re-mapping of storage devices.
"FIPS 140-2 Level 3 Certification of our appliance means that everything that resides or occurs under the hood of our product - from hardware encryption technology to our Global Key Management - meets the high NIST benchmark for security," said Barbara Nelson, CEO, NeoScale Systems. "Successful completion of such a rigorous and thorough certification process demonstrates the level of accountability we have with customers who are using our solution as a critical part of their security infrastructure."
The Federal Information Processing Standard (FIPS) 140-2 is an internationally recognized standard for cryptography products. FIPS 140-2 Level 3 certification provides one of the highest levels of assurance for security products, and requires extensive third-party lab certification. Testing is performed for physical security, design quality, cryptographic best practices, fully specified state model, and independent cryptanalysis. FIPS 140-2 Level 3 certification requires advanced security measures including physical tamper resistance, identity-based authentication, key encryption, and "red-black separation" for keys and data.
"In order to achieve this certification, we ran an extensive set of tests to certify the integrity and security of the appliance," said Chris Brych, FIPS 140 Program Manager, DOMUS ITSL. "NeoScale demonstrated the highest degree of rigor and accountability by extending the certification boundary to the appliance. We look forward to working with the company to maintain its current standard of excellence as its solution set evolves."
Firmly committed to third party validation, NeoScale appliances have also won numerous awards including Storage Magazine's Excellence Award, Information Security's Hot Pick, Always On 100 Top Private Companies, was awarded a five stars (out of five) from SC Magazine, and eWeek called it a "compelling security device that protects removable media with strong encryption (Triple DES or AES-256)."
NeoScale's CryptoStor FC storage security appliance inspects storage traffic and applies data access controls and strong encryption to the data payload at full fabric throughput with nominal latency. This allows storage data privacy policies to be centrally managed employing user-defined rules. CryptoStor operates invisibly and complements replication, virtualization and storage management applications. CryptoStor FC's Global Key Management delivers secure encryption keys for data at rest on primary and secondary storage and can operate on the appliance tier, the data center tier, and the enterprise tiers for complete key security.
CrytptoStor FC's Policy-based Storage Protection allows access and encryption policies to be dynamically and selectively applied at wire-speed. By delivering true full duplex 2Gbps throughput with low latency, completely invisible operation, clustered failover, complete data and encrypt key recovery options, NeoScale ensures uninterrupted, scalable storage data protection. CryptoStor FC uses strong 3DES / AES stored data encryption with true random number key generation and extensive key management. The appliance blocks all unauthorized storage access and scales to support hundreds of rules.
Founded in June 2000, NeoScale Systems Inc. is the premier storage security company enabling enterprise customers to achieve data privacy with the lowest operational impact and at the lowest total cost. The company's award-winning CryptoStorT appliances automate the encryption of data that is either in-flight over a storage network or at-rest on disk, virtual tape, or tape media. NeoScale solutions have been certified by leading storage vendors and have been deployed worldwide within government, financial services, healthcare, and other organizations. The company has raised more than $44 million in venture financing from Advanced Technology Ventures, Bay Partners, Lightspeed Venture Partners, and Sevin Rosen Funds. For more information, visit www.neoscale.com.
NeoScale, the NeoScale logo, and CryptoStor are trademarks of NeoScale, Inc. in the United States and other countries. All other company and product names mentioned are the trademarks or registered trademarks of their respective owners.