Common Access Card and OCSP Support for Defense | Infoblox
Select Page

Common Access Card and OCSP Support for Defense

Securing Defense Networks for Network Administrators

Security Certification

Infoblox is working with Computer Sciences Corporation (CSC) to certify Trinzic DDI for Common Criteria EAL2 as dictated by NIAP. Infoblox is also participating in the Cryptographic Algorithm Validation Program (CAVP) to ensure all FIPS-Approved cryptographic algorithms used in Trinzic DDI meet the FIPS 140-1 security requirements.

For more information, visit NIAP’s site.

The Department of Defense requires the use of the Common Access Card (CAC) to access its secure computer networks. To log on to a computer and access systems, personnel must complete two-factor authentication, which in this case means presenting something the user has (the CAC smart card) and something the user knows (a password).

Without embedded support for CAC or other smart cards, administrators of networks that require two-factor authentication must create custom scripts, which incur costs for software development and ongoing maintenance.

Infoblox is the only vendor to provide embedded support for CAC cards, and can support any smart card solution using the Online Certificate Status Protocol (OCSP) for certificate validation. Infoblox Trinzic appliances operating with NIOS 6.4 support two-factor authentication, for both explicit and delegated trust models, for easy integration into existing security policies.

For Department of Defense networks requiring CAC cards, and the many other networks requiring smart cards for authentication, the Infoblox solution offers key benefits including:

Grid Manager

Enhanced Login

Infoblox NIOS 6.4 enables enhanced login, automatically populating the user name field from the CAC or other smart card certificate. NIOS 6.4 supports local, Microsoft AD, RADIUS and TACACS password authentication.

Easy, Scalable Configuration

The simple NIOS 6.4 interface allows administrators to easily add any number of OCSP responders. Our standards-based implementation integrates easily with most smart card product offerings.

Easy Configuration
Test Configuration

Ability to Test Configurations

Infoblox has the only DDI solution that allows administrators to test OCSP responder communications for easier, more reliable configurations.

Full Logging of Successful and Unsuccessful Authentication

NIOS 6.4 provides real-time and historical data for successful and unsuccessful authentication, streamlining the audit process and helping IT teams identify errors and issues on the network.

Full Logging

Access Control

The Infoblox solution supports the security of two-factor authentication the entire time a user is logged into the NIOS 6.4 interface. If the user’s smart card is no longer physically connected to a card reader, the Infoblox GUI will lock and require the user reinsert a smartcard and reauthenticate.

Secure Solutions for All Federal Agencies

Infoblox solutions are currently used in every classification level in the federal government, from unclassified to SCI clearance. Our products and solutions are approved for use by the intelligence community, and certified at the highest levels, including:

  • JITC tested and approved
  • DADMS approved (ID #64843)
  • NetMRI, our NCCM product, has been common criteria certified
  • Infoblox is currently working with Computer Sciences Corporation (CSC) to certify Trinzic Enterprise for Common Criteria EAL2 as dictated by NIAP

Secure Solutions for All Federal Agencies

Infoblox solutions are currently used in every classification level in the federal government, from unclassified to SCI clearance. Our products and solutions are approved for use by the intelligence community, and certified at the highest levels, including:

  • JITC tested and approved
  • DADMS approved (ID #64843)
  • NetMRI, our NCCM product, has been common criteria certified
  • Infoblox is currently working with Computer Sciences Corporation (CSC) to certify Trinzic Enterprise for Common Criteria EAL2 as dictated by NIAP
[contact-form-7 id="10507" title="Contact form 1"]