/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: CA Technologies today announced its CA Layer 7 API Gateway (formerly Layer7 SecureSpan SOA Gateway) has met the rigorous requirements of Common Criteria (CC), an independent security certification recognized by governments in more than 26 countries, including the United States.
"As part of our continuing effort to deliver the highest level of security in our products, we are committed to maintaining Common Criteria certification for our API Gateway solution in both hardware and virtual appliance form factors," said Phil Walston, VP, Product Management, CA Technologies. "This achievement shows that CA's API management and security gateway has been certified for use in the most critical and sensitive government applications."
This evaluation certifies the CA Layer 7 API Gateway for policy management and access control Protection Profiles. It is the first API Gateway certified for the National Information Assurance Partnership (NIAP) Common Criteria Protection Profile for Enterprise Service Management (PP_ESM).
The CA Layer 7 API Gateway provides a SOA, XML, API and information sharing solution that is now certified to meet the top defense and intelligence community requirements for security, management and control capabilities in on-premises and cloud-based Web service deployments.
Certification was granted by NIAP based on the results of an evaluation performed by CSC's U.S.-based Common Criteria Testing Laboratory (CCTL). The CSC lab is one of only eight U.S.-based CCTLs approved by NIAP and meets the Common Criteria Evaluation and Validation Scheme. The evaluation examined product functionality, design, development environment and documentation and culminated in functional and penetration testing.
"The evaluation game has changed since the EAL4 effort (evaluation assurance level); Protection Profiles are now the centerpiece of Common Criteria certification and NIAP has shifted focus to extensive functional testing. The CA Layer 7 team worked hard together with our Security Testing and Certification Lab to demonstrate compliance. Having the SecureSpan SOA Gateway, now called CA Layer 7 API Gateway, be the first product certified against NIAP's ESM profiles is truly a great achievement for both CA and CSC," said Lachlan Turner, technical director, Security Testing and Certification Laboratories, CSC.
CA Technologies acquired Layer 7 Technologies, a leading provider of API management and security, in June 2013.