The Department of Defense Information Network Approved Products List (DoDIN APL) provides a consolidated list of products that are deemed secure, trusted, and approved for use in the technology infrastructure of U.S. government agencies, such as the government or military. To be included, products must meet the specific requirements of defined categories, which include technical, functional, and security-related criteria.
Common Criteria (CC) is an internationally recognized standard (ISO/IEC 15408) for the evaluation and certification of the security of IT products. It ensures that products meet specific security requirements and are protected against defined threats. The security evaluation is carried out at various EAL levels. Manufacturers specify the security functions and requirements for their product in a Security Target (ST). Additionally, standardized Protection Profiles (PP) are used to define general security requirements for a product category.
The Federal Information Processing Standard (FIPS) 140-3 is a U.S. government standard for the protection of sensitive and valuable data in IT systems. It defines the security requirements for cryptographic modules, which can consist of both hardware and software, providing a secure framework for cryptography in IT systems. FIPS 140-3 is the evolution of FIPS 140-2, which will expire in September 2026. The standard is based on the ISO/IEC 19790:2012 and ISO/IEC 24759:2017 standards.
If you need further information on the certifications, please contact us:
With the SecureCert feature, our KVM-over-IP™ systems ensure compliance with the FIPS 140-3, Common Criteria, and DoDIN APL standards. The relevant certifications are currently undergoing the review and evaluation process to officially confirm conformity with these stringent security standards. Learn more here about the details and the current status.
The KVM-over-IP™ matrix system from G&D – including the product families ControlCenter-IP, ControlCenter-IP-XS, VisionXS-IP, Vision-IP, and RemoteAccess-IP-CPU – utilizes the SecureCert feature in combination with the soon-to-be FIPS 140-3 validated G&D Cryptographic Module (listed under Implementation Under Test). This software module provides certified cryptographic services for secure communication protocols and also protects stored data on the device. For more information, visit Implementation Under Test List.
G&D's KVM-over-IP™ matrix system, including the product families ControlCenter-IP, ControlCenter-IP-XS, VisionXS-IP, Vision-IP, and RemoteAccess-IP-CPU, is currently undergoing a comprehensive Common Criteria certification at the Evaluation Assurance Level (EAL) 2+ in combination with the SecureCert feature. This globally recognized EAL level provides a fundamental security evaluation for IT products and systems, ensuring that the product implements appropriate security measures to defend against common threats.
EAL 2+ is internationally recognized as a trusted and sufficient security assessment. G&D also aligns its security requirements in the Security Target (ST) closely with the Protection Profiles (PP) and specifications of the National Information Assurance Partnership (NIAP). The system is being evaluated by the Italian IT security certification authority (OSCI).
https://www.ocsi.gov.it/index.php/elenchi-certificazioni/in-corso-di-valutazione.html
G&D's KVM-over-IP™ matrix system, including the product families ControlCenter-IP, ControlCenter-IP-XS, VisionXS-IP, Vision-IP, and RemoteAccess-IP-CPU, has been officially approved for listing on the Department of Defense Information Network Approved Products List (DoDIN APL) in combination with the SecureCert feature.
The certification process for inclusion in the consolidated list under the category Video Distribution System over IP (VDS-over-IP) involves comprehensive testing with a focus on cybersecurity and interoperability. This ensures that the listed products are secure, trusted, and approved for use in the technology infrastructure of U.S. government agencies, such as the government or military.
The certification can be viewed via the DISA website and the APL Approval Memo.
The Joint Interoperability Test Command (JITC) is a Department of Defense (DoD) organization responsible for testing and certifying information technology products used by U.S. government agencies. JITC ensures these systems meet military interoperability and security standards, along with stringent technical and functional requirements.
The best way to talk about complex topics is in person. Via chat, e-mail, phone or in a personal demo remote or on-site.
