About IA at NSA
Partners
Rowlett Awards
Award Recipients
Background
Nomination Procedures
Links
IA Client and Partner Support
IA News
IA Events
IA Guidance
Media Destruction Guidance
Security Configuration Guides
Applications
Archived Guides
Cisco Router Guides
Database Servers
Fact Sheets
IPv6
Operating Systems
Apple Mac Operating Systems
Linux
Microsoft Windows
Sun Solaris
Supporting Documents
Switches
VoIP and IP Telephony
Vulnerability Technical Reports
Web Server and Browser Guides
Wireless
Standards Profiles
System Level IA Guidance
TEMPEST Overview
TEMPEST Products: Level I
Certified
Confirmed Deficiencies
Suspended
Terminated
No Longer Produced
TEMPEST Products: Level II
Certified
Confirmed Deficiencies
Suspended
Terminated
No Longer Produced
TEMPEST Company POCs
Certified
Suspended
Terminated
TEMPEST Zoned Equipment
IA Academic Outreach
National Centers of Academic Excellence in IA Education
CAE/IAE Program Criteria
CAE-R Program Criteria
Colloquium
Institutions
SEAL Program
Applying
FAQs
IA Courseware Evaluation Program
Institutions
FAQs
Student Opportunities
IA Business and Research
IA Business Affairs Office
Certified Product Sales and Support
Commercial COMSEC Evaluation Program
Commercial Satellite Protection Program
Independent Research and Development Program
User Partnership Program
National IA Research Laboratory
Partnerships with Industry
NIAP and COTS Product Evaluations
IA Programs
Global Information Grid
High Assurance Platform
Releases
Computing Platform Architecture and Security Criteria
IA Training and Rating Program
Inline Media Encryptor
Suite B Cryptography
IA Careers
Contact Information
|
TEMPEST Level 2The National Security Agency (NSA) Certified TEMPEST Products List (CTPL) Level II is a list of commercially developed and produced TEMPEST telecommunications equipment which NSA has certified, under the auspices of the NSA Certified TEMPEST Products Program (CTPP), for use by Government entities and their contractors to process classified U.S. Government information. NSA certification is a statement that the company has successfully demonstrated to NSA that its product complies with the requirements of the National TEMPEST Standard, NSTISSAM TEMPEST/1-92, Compromising Emanations Laboratory Test Standard, Electromagnetics, dated 15 December 1992, and that the company has in place and applies to the product the manufacturing capability and product assurance controls necessary to ensure the continued TEMPEST integrity of the product subsequent to certification. In contrast to the PPL accreditation process, which relied almost exclusively on private industry-certified TEMPEST professionals to determine product compliance with NACSIM 5100A, the CTPP certification process requires significant and active involvement by NSA technical resources in the evaluation and post certification product assurance inspection processes. Warnings and Caveats for Level II
NSA certification and placement of a product on the CTPL (Level II) does not occur until the Agency determines that a company has satisfied all CTPP requirements, including but not limited to, company submission and NSA approval of a process assessment, which includes an evaluation of the company manufacturing process; company submission and NSA approval of a product specific proposal; company submission and NSA approval of the test plan; company execution of the test plan on a production unit; and company submission of the test report, critical features list, and configuration baseline list. In an effort to assist U.S. Government buyers and users with their procurement and budget planning, the Agency has created a Potential Certified TEMPEST Products List (PCTPL). Companies are eligible to have their products included on this list upon satisfying preliminary CTPP requirements toward product certification, i.e., company submission and agency approval of the process assessment and acceptance of the product test plan. Users are warned that inclusion upon this list does not in any way imply that the product will, in fact, receive certification. It merely evidences that the company has expressed intent to obtain certification of their product in accordance with the Technical and Security Requirements Document (TSRD). Administrative Notes
|
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |