Blue Coat Systems, Inc. a leader in WAN Application Delivery and Secure Web Gateway, today announced that it has achieved certification for EAL2+ level security under the Common Criteria Evaluation and Certification Scheme (CCS).

Blue Coat is also in process of certification for Federal Information Processing Standard (FIPS) 140-2 as well as an additional Common Criteria certification for its appliances with the upcoming SGOS 5.3 release of its operating system. Active participation in important government security certifications underscores the Blue Coat commitment and ability to provide enterprises and organizations high levels of security. 

"Blue Coat ProxySG appliances have been built from the ground up for security, which is critical in both the branch office and the headquarters or data center," said Bethany Mayer, senior vice president of Worldwide Marketing, Blue Coat Systems. "Rather than adding security as an afterthought, our appliances feature a purpose-built, highly secure operating system and architectural elements that make it meet the most rigorous security standards in the world."

Common Criteria is an internationally recognized set of guidelines, described in ISO 15408, that define a common framework for evaluating security features and capabilities of information technology security products. The standard consists of several predetermined evaluation assurance levels, each more stringent than the last. Common Criteria allows vendors to have products tested against a chosen level by an independent third-party testing laboratory. Once completed, Common Criteria certifications are mutually accepted by 25 countries, including the United States, UK, France, Germany, Spain, Italy, Canada, Australia, Japan and Korea, through the Common Criteria Recognition Agreement (CCRA).  Common Criteria certification of security products is mandated by the United States government for all federal purchases. 

In order to facilitate completion of the Common Criteria certification, Blue Coat contracted with Corsec Security, Inc., a consulting firm specializing in assisting commercial vendors through the complex process of achieving FIPS 140-2 and Common Criteria government validations. Corsec Security has more than ten years of validation experience and is one of the largest and most experienced independent validation consulting firms in the security industry.