What is an NIAP Certified KVM Switch?
The NIAP (National Information Assurance Partnership), a partnership between the NIST (National Institute of Standards and Technology) and the NSA (National Security Agency) is responsible for U.S. implementation of the Common Criteria. You can basically think of the NIAP as the overseer of Common Criteria evaluations, making sure they are done by third parties not directly connected to a specific product that is being evaluated.
What is Common Criteria?
Common Criteria is a set of guidelines and specifications developed for evaluating information security products, specifically to ensure they meet an agreed-upon security standard for government deployments. There are two parts of Common Criteria – the Protection Profiles, which define a standard set of security requirements for a specific type of product, and the Evaluation Assurance Levels, which define how thoroughly the product is tested. The goal of Common Criteria is that the customers can be assured that the product they are buying has been evaluated by a vendor-neutral third party.
EAL (Evaluation Assurance Level) is a grade that is assigned to a product or system after a Common Criteria security evaluation. A higher rating does not necessarily mean a more secure product. Each product is tested based on its own particular features.
- EAL1 – Functionally tested
- EAL2 – Structurally tested
- EAL3 – Methodically tested and checked
- EAL4 – Methodically designed, tested and reviewed
- EAL5 – Semi-formally designed and tested
- EAL6 – Semi-formally verified design and tested
- EAL7 – Formally verified design and tested