National Security Agency (NSA) Commercial Solutions for Classified (CSfC)
Overview, Goals, and Scope
The NSA CSfC is an acquisition decision support tool for Department of Defense (DoD) and Intelligence organizations interested in integrating commercial technologies and products in approved capability packages for classified mission-critical networks and applications.
The purpose of NSA CSfC compliance is to qualify eligible Fortinet products for sale to DoD and U.S. Intelligence organizations in classified environments. Vendors that need their products eligible as CSfC components of a composed and layered information assurance solution must build their products in accordance with the applicable U.S. Government approved Protection Profile(s) and submit their product using the Common Criteria Process.
- FortiGate (Pending Application Approval)
- Security effectiveness
- Sensitive application and function validation
- NSA approved vendor
- Assured responsible vulnerability remediation
- Total cost of ownership decreases over long term compared to NSA Type 1 solutions
- Cost savings through market-place competition without compromising risk