Posts

LANCOM 1900EF

Lancom 1900EF VPN Router receives first Accel­erated Security Certi­fi­cation (BSZ)

The BSI has granted LANCOM Systems GmbH the first certificate according to the new BSI scheme “Accel­erated Security Certi­fi­cation” (BSZ for short). In this pilot procedure, SRC evaluated the security features of the Lancom 1900EF VPN Router and finally recom­mended approval to the BSI.

LANCOM has already had the security of its solutions tested and confirmed or certified by SRC in many proce­dures using Common Criteria evalu­a­tions or penetration tests. With the pilot evalu­ation for the BSZ, the BSI, LANCOM and SRC have jointly set a further standard for the certi­fi­cation of IT security solutions, with the aim of achieving time-to-market certification.

The Accel­erated Security Certi­fi­cation (BSZ) allows manufac­turers to have their products evaluated and certified by the BSI within a specified period of time. The evalu­ation must be carried out by a test centre recog­nised by the BSI. With the BSZ, the total effort of the evalu­ation, in comparison to e.g. Common Criteria evalu­a­tions, is prede­ter­mined from the beginning (fixed time). This allows manufac­turers to estimate the expected effort well.

When designing the attack scenarios, the BSZ allows the evalu­ators a relatively large leeway. This test catalogue must be presented to the BSI exten­sively and in detail. This design leeway demands an above-average degree of expertise, care and creativity from both the evalu­ation facility insti­tution and each individual evaluator. The test catalogue and the final evalu­ation in the test report draw on a broad know-how of cryptog­raphy, penetration tests, protocol attacks. The imple­men­tation by the manufac­turer is evaluated by the test centre and the respon­sible persons at SRC have to defend this against the critical view of the BSI.

“Accel­erated security certi­fi­cation will certainly play a major role, especially in the field of IOT devices,” says Gerd Cimiotti, Managing Director of SRC Security Research & Consulting GmbH. Like Lancom and the BSI, he expresses his thanks for the profes­sion­alism on all sides with which this pilot procedure was ultimately brought to a successful conclusion.

Ralf Koenzen, founder and managing director of LANCOM Systems GmbH, gives the manufacturer’s perspective: “When you do something for the first time, the effort is always greater. It is precisely then that you feel the experience and expertise of a partner like SRC as orien­tation and noticeable relief.”

As a long-standing partner of the BSI, SRC has already carried out a large number of projects in the most diverse approval schemes. SRC is currently in the process of being recog­nised as a test centre for accel­erated security certification.

We would also be happy to accompany your accel­erated security certi­fi­cation. If you have any questions about the BSZ, please do not hesitate to contact us.