SEATTLE, March 29, 2005 — WRQ, Inc. today announced significant achievements in meeting critical government and Defense Department security requirements, marking another milestone in the company’s investment in and delivery of proven security offerings for the public and private sectors. First, the National Institute of Standards and Technology (NIST) has granted WRQ Reflection host access software the Federal Information Processing Standards (FIPS) 140-2 validation. Secondly, the U.S. Department of Defense (DoD) Public Key Infrastructure Program Management Office (DoD PKI PMO) has certified F-Secure SSH (Secure Shell) for UNIX 5.1.0.3.
WRQ Reflection is one of the first host access solutions to meet the cryptographic standards of FIPS 140-2. F-Secure SSH is now the first and only SSH solution to comply with DoD Class 3 PKI Public Key-Enabled ( PKE ) application requirements. WRQ, which entered into a strategic partnership with F-Secure in 2004, is the exclusive global distributor of F-Secure SSH and drives the product’s technology roadmap.
Increasingly, the demands on IT infrastructure are influenced by world events. From terrorist attacks to conflict in the Middle East, foreign policies and domestic safety are intertwined. Security is an overriding concern of all government agencies and the pressure to share information quickly across agencies and between jurisdictions has never been greater. While the scope of many administrative mandates is massive and long-term, agencies no longer have the luxury of waiving compliance.
“Working in partnership with leading DoD and Homeland Security agencies has ensured WRQ is providing solutions that meet or exceed federal security standards and policy,” said Tom Gdowik, director of Federal Sales at WRQ. “WRQ’s proven track record and our ability to work seamlessly with an enterprise’s or agency’s existing infrastructure dramatically reduces the time and costs to deploy a fully-functional and certified security environment.”
Security Facts and Highlights: WRQ Reflection and F-Secure SSH
WRQ Reflection is a feature-rich line of secure host access and PC X server software that offers broad and deep secur ity support. Details on Reflection’s FIPS 140-2 validation include:
- FIPS 140-2 validation applies to all WRQ Reflection Windows and PC X server software, assuring customers that their host access investments have passed rigorous testing by an accred ited third party lab, as set out by NIST, and can be used to secure sens itive information w ithout undergoing time-consuming and costly testing processes.
- WRQ Reflection with FIPS 140-2 validation is available for adoption by government and commercial organizations, including financial and healthcare customers that recognize the significance of FIPS validation. The U.S. financial sector is pursuing adoption of the FIPS 140-2 standard via the American National Standards Institute (ANSI). WRQ is actively pursuing FIPS 140-2 validation for its web-based and host integration offerings.
WRQ’s SSH offerings from F-Secure also have FIPS 140-2 validation. In fact, the F-Secure products have achieved 140-2 level 2 validation, the highest of any SSH offering. F-Secure SSH keeps passwords and connections secure from outsiders, mitigating security concerns such as eavesdropping, hacking, industrial espionage and theft of corporate assets. Details on F-Secure for SSH’s DoD PKI certification include:
- The F-Secure SSH product line comprises server and client softw are for UNIX and Windows. The DoD PKI certification applies to F-Secure SSH UNIX server and client products which are available to public and private sector customers on a global basis. WRQ is actively pursuing SSH for Windows DoD PKI certification.
- The F-Secure SSH for UNIX with DoD PKI certification was granted as a result of rigorous testing by the Joint Interoperability Test Command (JITC) Certification Lab, a unit of the DoD Defense Information Systems Agency (DISA). The JITC Certification Lab was created as an independent facility to perform interoperability testing and certification of PKE applications. DoD policy requires that applications be tested to ensure compatibility with the DoD PKI architecture.
WRQ’s Government Sector Expertise
WRQ solutions and expertise serve a variety of public sector customers in the United States and Europe. In the United States, a sampling of WRQ government customers include: U.S. Navy and Marine Corp, Defense Information Systems Agency, Department of Homeland Security, DoD, Government Printing Office, Internal Revenue Service, Delaware Division of Revenue, Minnesota Driver and Vehicle Services, Raytheon, and the U.S. Postal Service. In Europe, government customers include the Department for Work and Pensions (UK), La Poste (France) and UWV (Holland).