NEW YORK--(BUSINESS WIRE)--CA Technologies (NASDAQ:CA) today announced its CA Layer 7 API Gateway (formerly Layer7 SecureSpan SOA Gateway) has met the rigorous requirements of Common Criteria (CC), an independent security certification recognized by governments in more than 26 countries, including the United States.
"As part of our continuing effort to deliver the highest level of security in our products, we are committed to maintaining Common Criteria certification for our API Gateway solution in both hardware and virtual appliance form factors,” said Phil Walston, vice president, Product Management, CA Technologies. “This achievement shows that CA’s API management and security gateway has been certified for use in the most critical and sensitive government applications.”
This evaluation certifies the CA Layer 7 API Gateway for policy management and access control Protection Profiles. It is the first API Gateway certified for the National Information Assurance Partnership (NIAP) Common Criteria Protection Profile for Enterprise Service Management (PP_ESM).
The CA Layer 7 API Gateway provides a SOA, XML, API and information sharing solution that is now certified to meet the top defense and intelligence community requirements for security, management and control capabilities in on-premises and cloud-based Web service deployments.
Certification was granted by NIAP based on the results of an evaluation performed by CSC’s U.S.-based Common Criteria Testing Laboratory (CCTL). The CSC lab is one of only eight U.S.-based CCTLs approved by NIAP and meets the Common Criteria Evaluation and Validation Scheme. The evaluation examined product functionality, design, development environment and documentation and culminated in functional and penetration testing.
"The evaluation game has changed since the EAL4 effort (evaluation assurance level); Protection Profiles are now the centerpiece of Common Criteria certification and NIAP has shifted focus to extensive functional testing. The CA Layer 7 team worked hard together with our Security Testing and Certification Lab to demonstrate compliance. Having the SecureSpan SOA Gateway, now called CA Layer 7 API Gateway, be the first product certified against NIAP's ESM profiles is truly a great achievement for both CA and CSC," said Lachlan Turner, technical director, Security Testing and Certification Laboratories, CSC.
CA Technologies acquired Layer 7 Technologies, a leading provider of API management and security, in June 2013. For additional information about CA Technologies security solutions, please visit: http://www.ca.com/us/securecenter.aspx.
About Common Criteria
The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) established the National Information Assurance Partnership (NIAP) to evaluate IT product conformance to the Common Criteria for Information Technology Security Evaluation, an international standard. The program, officially known as the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) is a partnership between the public and private sectors to help organizations select commercial off-the-shelf information technology (IT) products that meet their security requirements and to help manufacturers of those products gain acceptance in the global marketplace. Twenty-six countries now recognize the Common Criteria as third-party evaluation criteria for IT security procedures.
About CA Technologies
CA Technologies (NASDAQ:CA) provides IT management solutions that help customers manage and secure complex IT environments to support agile business services. Organizations leverage CA Technologies software and SaaS solutions to accelerate innovation, transform infrastructure and secure data and identities, from the data center to the cloud. Learn more about CA Technologies at: www.ca.com.
Follow CA Technologies
Copyright © 2014 CA. All Rights Reserved. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.