Clearswift announced that its DeepSecure 2.1 message security software has passed common criteria Evaluation Assurance Level 4 (EAL4); making it the world’s only EAL4 certified ACP 145 compliant security solution. DeepSecure is specifically designed to meet the needs of organizations where security is paramount, such as in the military, government and defense industries.
ACP 145 (Allied Communications Protocol 145) is a messaging interoperability standard designed to support communication between military messaging systems. Currently, most systems operate under their own standards, making interoperability between organizations difficult. ACP145 has been designed as an “Esperanto’ standard that will allow nations to interoperate both syntactically and semantically.
The previous version of DeepSecure provided exceptional standards of security and was also compliant with ACP 145. However, with DeepSecure 2.1 there is no longer a requirement for messages to be converted from the X.400 messaging standard into a MIME (Multi-Purpose Internet Mail Extensions) format before the content can be examined and policies applied.
DeepSecure 2.1 continues to deliver an enhanced security solution that enables secure and encrypted messages, as well as standard emails, to be audited at the gateway, whilst preventing eaves-dropping attacks.
Key Feature Updates:
” Security Label support with X.841 SPIFs making DeepSecure 2.1 the only EAL4 evaluated ACP 145 compliant product, and providing the only EAL4 evaluated X.841 SPIF Editor.
” Inclusion of both SMTP/MIME and X.400 message protocol conformance validation within the EAL4 evaluation – again making DeepSecure the only mail guard product to include this protocol conformance validation within EAL4 evaluation.
” Inclusion of the intuitive ClearPoint Management Interface within the scope of EAL4 evaluation, providing easily understood yet EAL4 assured visual representation of complex policies, and monitoring and control of gateway operation
” Conditional policies allow any policy option to be made dependent on the outcome of any other policy check, nested to any depth, to allow creation of policies to meet any requirement, however complex.
” EAL4 evaluated plug-in APIs provide clear separation between evaluated and other functions, allowing the functions beyond evaluation (such as virus scanners) to be updated without affecting the evaluated state of the core product.