Attila is Validated. Tested. Approved.

To learn more about our certifications, click one below.

CSfC

Back to top

GoSilent is CSfC approved.

GoSilent delivers a CSfC-certified plug-and-play security solution for classified and unclassified communication when using the public Internet.

To protect national security, the NSA sets strict criteria for accessing classified networks. Previously, device approval required configuration with custom firewalls and virtual private networks (VPNs). The end result was high development and maintenance costs for these COMSEC / Type 1 products. The Commercial Solutions for Classified (CSfC) program was established in order to enable U.S. government agencies and their customers to take advantage of affordable and readily available commercial off-the shelf (COTS) IT solutions that meet the NSA’s stringent security guidelines for the transmission of classified data.

Since different businesses and agencies have different operational requirements, the CSfC program established Capability Packages to help organizations quickly identify and evaluate those products that meet their specific mission and security requirements. At present, there are Capability Packages for Data at Rest, Mobile Access, Campus WLAN and Multi-Site Connectivity.

Double Encryption At The Edge

The NSA Capability Package for mobile access calls for three firewalls, Red (inner tunnel), Gray (middle tunnel) and Black (outer tunnel) and double encryption as shown here.

For the highest level of protection, a virtual private network (VPN) creates a secure link with the first of three firewalls. The first sits in the “outer tunnel”, the second sits in the “middle tunnel” and the third  in the “inner tunnel”. Before entering the IPSec tunnel, the data is encrypted twice. Encrypted data packets travel from the device through the first firewall. If they are found to meet the security parameters, they are encrypted a second time by the outer VPN and by the inner encryption component. Then, once received, the data packet is decrypted twice by the inner encryption component and the outer VPN. The outer tunnel or “black network” may be operated by an untrusted third party and connection may be made through public WiFi. Products that meet the CSfC standards associated with this technology combination of firewall and double encryption are certified for protecting NSS data.

GoSilent meets the NSA criteria for mobile access and offers a dedicated, plug-and-play outer VPN and firewall, thereby eliminating the need to download and integrate software for both outer and inner VPNs. GoSilent also integrates seamlessly with any previously installed software such as Microsoft Outlook. The outer tunnel meets IPSec IKEv2 standards with CSNA Suite B encryption. GoSilent’s double layered protection enables classified communications anywhere at any time – even over public WiFi.

For the highest level of protection, a virtual private network (VPN) creates a secure link with the first of three firewalls. The first sits in the “outer tunnel”, the second sits in the “middle tunnel” and the third  in the “inner tunnel”. Before entering the IPSec tunnel, the data is encrypted twice. Encrypted data packets travel from the device through the first firewall. If they are found to meet the security parameters, they are encrypted a second time by the outer VPN and by the inner encryption component. Then, once received, the data packet is decrypted twice by the inner encryption component and the outer VPN. The outer tunnel or “black network” may be operated by an untrusted third party and connection may be made through public WiFi. Products that meet the CSfC standards associated with this technology combination of firewall and double encryption are certified for protecting NSS data.

GoSilent meets the NSA criteria for mobile access and offers a dedicated, plug-and-play outer VPN and firewall, thereby eliminating the need to download and integrate software for both outer and inner VPNs. GoSilent also integrates seamlessly with any previously installed software such as Microsoft Outlook. The outer tunnel meets IPSec IKEv2 standards with CSNA Suite B encryption. GoSilent’s double layered protection enables classified communications anywhere at any time – even over public WiFi.

Flexible Use

In the past, senior level military personnel or government executives required technical teams to set up a secure communications channel. With GoSilent’s plug-and play set-up, secure communications and data transmission are available without the need for complex reconfigurations. The solution is highly flexible, connecting to smartphones, laptops, tablets or any IoT device. Security can also be extended to VoIP phones, teleconferencing terminal or video cameras.

CNSA

Back to top

Commercial National Security Algorithm Suite Encryption

The Commercial National Security Algorithm Suite (CNSA Suite) provides new algorithms for those customers migrating from Suite B algorithms. CNSA Top Secret (TS) level encryption is the same technology used by U.S. government agencies like the NSA, DoD and other governing bodies. Previously known as Suite B, military-grade or classified federal government standard, Advanced Encryption Standard (AES) 256-bit end-to-end encryption is the most secure solution in the marketplace. AES-256 is the first publicly accessible and open cipher approved by the NSA to protect information at a classified, top secret level.

14

Rounds of Encryption

Most Secure Encryption Standard

With over 14 rounds of encryption, each 256-bit encryption key scrambles the data and divides into 128-bit blocks. The number of possible keys in the AES 256-bit encryption is 2 to the power 256 (a 78-digit number), making the code virtually impossible to crack by brute force attack. Additionally, with Top Secret level encryption, both the sender and the receiver must know and apply the same secret 256-bit key. The key is never stored  on any server, and only those communicating have access.

Data Privacy Solution

GoSilent utilizes AES 256-bit encryption to protect your private data and keeps it fully encrypted end-to-end. Data is never stored on an intermediary server. In keeping with Top Secret level encryption standards, there are no extra keys. Attila Security does not record, copy or have access to the encryption codes. This means that your data remains secure, even if compromised.

FIPS

Back to top

FIPS 140-2 Certification

The GoSilent portable VPN/firewall offers robust encryption protection algorithms and design and is FIPS 140-2 certified. GoSilent deploys AES 256-bit encryption to protect sensitive data via dual tunnel, end-to-end encryption. Data never gets stored on an intermediary server, and no extra keys are ever generated.

As a fully portable, plug-and-play solution, GoSilent combines ease of use with Top Secret, government-grade protection. Today, GoSilent is protecting mission critical intellectual property and data worldwide for public and private sectors.

Encryption for U.S. Government Agencies and Contractors

Outlined in FIPS PUB 140-2 (a NIST publication), FIPS 140-2 is a security accreditation program for private sector cryptographic modules (i.e. encryption, hashing, message authentication or key management modules). Only FIPS 140-2 compliant solutions may be deployed to work with federal government departments that collect, store, transfer, share and disseminate sensitive but unclassified (SBU) information. Otherwise, a variance must be issued, and – more critically – the risk of data breach or corruption increases significantly.

Many state and local government agencies, as well as enterprises in the energy, transportation, manufacturing, healthcare and financial services sectors, depend on FIPS 140-2 as their go-to cryptography module standard.

COMMON CRITERIA

Back to top

NIAP serves as the Common Criteria Evaluation and Validation Scheme (CCEVS) validation body. In this capacity, NIAP is responsible for implementation of the Common Criteria (CC) within the United States and ensuring that IT companies adhere to these strict international standards. NIAP takes a collaborative approach to evaluating and testing IT technology by employing international representatives from related industries, governmental agencies, consumers and academic experts to create international standards for IT products and solutions.

NIAP

Back to top

NIAP Certification 

The National Information Assurance Partnership (NIAP) was originally created as a partnership between the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA). It is now operated by the NSA and is a U.S. government initiative aimed at meeting the security testing needs of both IT consumers and providers.

NIAP certification is important to government agencies, enterprise customers and individual consumers alike, as it means that a manufacturer’s claims for security features and capabilities have been evaluated and confirmed by a neutral third party. In addition, NIAP-certified commercially available products are generally less expensive and more user-friendly than their COMSEC/Type 1 counterparts and have greater flexibility to integrate with various platforms and systems. Added flexibility is especially important as many organizations utilize multiple Common Criteria certified products together in a layered manner. These multiple layers of encryption provide a greater depth of cyber defense.

Protect Private Data With NIAP-Certified Technology

The Common Criteria is a set of guidelines and specifications for information security products that were established to ensure the products meet the strong security standards designated for consumers, enterprises and government agencies. Attila Security’s GoSilent technology is currently included in the NIAP Products In-Evaluation List for two Common Criteria Protection Profiles.

  1. Stateful Firewall – Stateful layer 7 application firewall offers data packet filtering and is capable of tracking information flow states.
  2. VPN Gateway – IPSec IKEv1 & 1KEv2 with pre-shared keys and Top Secret (TS) level cryptography for the secure transmission of classified data.

Third Party Evaluation And Validation

In order to ensure strict compliance with the specified technology protection profiles, NIAP evaluates products against the rigorous international Common Criteria using accredited third-party laboratories. GoSilent has passed all required testing by Acumen Security, a NIAP-approved laboratory, and is now included on the U.S. NIAP Products In-Evaluation List. A complete list of all NIAP-certified products, products in evaluation and corresponding conformance claims can be found at https://www.niap-ccevs.org/product.

READY TO TALK?

Contact Us