Fortinet’s [FTNT] FortiGate Enterprise Firewall was added to the Department of Defense’s (DoD) approved list of options to be used for classified networks, the company said Wednesday.
The FortiGate service was officially added to the DoD’s Commercial Solutions for Classified Programs (CSfC) approved Components List. It is validated against the Common Criteria Protection Profiles, which Fortinet said demonstrates the company’s commitment to deliver scalable security solutions designed to protect highly-sensitive government and critical infrastructure data.
The CSfC program was established to enable commercial products to be used in layered solutions to protect classified government data. Through the program, Fortinet’s option aims to provide the ability to securely communicate in a solution that can be fielded in months rather than years.
The FortiGate firewall provides one platform for end-to-end security across a network. The Fortinet firewalls generally feature internal segmentation, perimeter, cloud, data center, distributed, and small business deployments.
Fortinet highlighted that the FortiGate Enterprise Firewalls that are running FortiOS 5.4.2 are currently being validated against three National Information Assurance Partnership (NIAP) Protection Profiles relevant to the FortiGate under the United States implementation of the Common Criteria. This includes the Collaborative Protection Profile for Stateful Traffic Filter Firewalls (FWcPP), Version 1.0; Extended Package – VPN Gateway, Version 2.0; and Extended Package (EP) for Intrusion Prevention Systems (IPS), Version 2.1.
NIAP overseas a national program to evaluate Commercial Off-The-Shelf (COTS) Information Technology (IT) products for conformance to the international Common Criteria. IT security testing is performed by NIST-accredited and NIAP-approved commercial testing labs.
“Fortinet’s flagship product has been approved by the Defense Department’s top cybersecurity authority as a solution for classified environments, validating that Fortinet delivers the performance and scale government organizations need for a complete security assurance solution,” Philip Quade, chief information security officer of Fortinet, said in a statement.
The company said its U.S. Federal Agency security solution “is ideally suited to protect agencies within the intelligence community and the Department of Defense, as well as civilian agencies,” and noted its Fortinet Security Fabric currently protects classified and unclassified federal systems used by 12 of 15 cabinet-level agencies in addition to independent executive agencies.