DoD

DoD Innovation Delays Culminating From the NIST CMVP Backlog

     For vendors offering capability to the U.S. Department of Defense (DoD), the use of Federal Information Processing Standard (FIPS) validated cryptography can be a make or break feature within their products. Active FIPS certification for all product cryptographic modules is a key requirement for entry and continued listing on the DoD Information Network …

DoD Innovation Delays Culminating From the NIST CMVP Backlog Read More »

Designing toward a Zero Trust strategy

Earlier this year, DISA released the zero trust reference architecture for the DoD. Per President Biden’s Executive Order on Improving the Nation’s Cybersecurity released this year, “the Federal Government must advance toward Zero Trust Architecture.” With motivations within the Federal Government and DoD to adopt zero trust, several of our clients have asked how zero …

Designing toward a Zero Trust strategy Read More »

NIST FIPS 140-2 RNG Transition Affecting UC APL

For those product vendors that have been able to get listed and certified on the DoD Unified Capabilities Approved Products List (UC APL), there is a prerequisite certification required called FIPS 140-2.  FIPS 140-2 is a certification program managed by the National Institute for Standards and Technology (NIST) and more specifically the Cryptographic Module Validation …

NIST FIPS 140-2 RNG Transition Affecting UC APL Read More »

Aviat Eclipse INU/INUe Achieves DoD UC APL Certification

FAIRFAX, VA –  Washington DC-based Information Technology firm, and leading DoD UC APL consulting company, Tachyon Dynamics, helped Microwave-radio networking vendor Aviat Networks receive the DoD UC APL certification for its Eclipse INU and Eclipse INUe microwave radio devices. All IT equipment used within the DoD must pass the UC APL certification process, which includes …

Aviat Eclipse INU/INUe Achieves DoD UC APL Certification Read More »

DoD UC APL Testing and Windows Security: DoD IAVerify

Completing the hurdle of DoD Unified Capabilities Testing (UC APL) in a decent amount of time is already a challenge.  However, if you have Microsoft Windows workstations (Vista, 7, 8, etc) or Windows Servers (2008, 2008 R2, 2012, etc), then your validation, hardening and testing gets so much more complicated.  For the DoD, Windows security …

DoD UC APL Testing and Windows Security: DoD IAVerify Read More »

Yubikey and Windows Domain 2-Factor Authentication

Picking up where we left off last, I was showing you the awesome usefulness, security and affordability of Yubikey (Yubico’s 2-Factor authentication token) and using it for 2-factor authentication on network devices.  Well, I’d like to go another step forward: 2-Factor authentication for Windows computers to a Windows Active Directory environment.  If your enterprise deployment …

Yubikey and Windows Domain 2-Factor Authentication Read More »

Secure and Affordable 2-factor authentication: Yubikey

In the DoD there is a strong requirement for 2-factor authentication in the network.  For systems and workstations they use a successful implementation with Public Key Infrastructure (PKI) and a DoD common access card (CAC) which has a client certificate.  The user has a PIN; therefore, 2-factor.   Nothing like this exists for network devices (routers, …

Secure and Affordable 2-factor authentication: Yubikey Read More »

Scroll to Top