New Platforms, New Requirements. Next Generation Privileged Identity Management

Transcription

1 New Platforms, New Requirements. Next Generation Privileged Identity Management April 2013

2 2 Xceedium White Paper Next Generation Privileged Identity Management and the Hybrid Cloud 43% It s not surprising the requirement to control privileged users and protect the sensitive credentials they use continues to be a primary OF SECURITY concern for security and audit teams. BREACHES INVOLVE TRUSTED INSIDERS Trusted insiders and business partners, intentionally or unintentionally, are responsible for 43 percent of security breaches, according to Forrester analysts. Given these users are routinely and necessarily granted access to the proverbial keys to the kingdom, it s clear privileged identity management is fundamentally a matter of trust. But a seemingly never-ending string of breaches has led many organizations to rethink that trust. Privileged users represent a broad range of individuals and not all are welcome. The migration to virtualized and cloud-based computing infrastructure has complicated these long-standing concerns. Speaking specifically to the challenges posed by virtualized and cloud-based IT, Gartner Research Analyst Nick Nikols observed last December: There s a new realization that you really have to keep track of what your administrators are doing, and really have a better understanding of that, where for a long time there s been a blind trust. But a lot of the breaches, a lot of the internal conflicts that have happened where it s costing companies large amounts of money, have really come from trusted sources internally that have abused those privileges. These cloud-based and virtualized environments so-called hybrid clouds introduce new challenges and requirements for privileged identity management. In this paper, we ll examine the fundamental changes taking place as a consequence of hybrid cloud migration, and outline how those changes impact the practice of privileged identity management. Before considering precisely what s needed to successfully manage privileged identity in the hybrid cloud, it s helpful to first consider what exactly has changed. So we ll start with a quick review of IT market dynamics, and then examine the specific technological shifts driving changes in how privileged identity management is implemented. With that foundation, we can look at what has to change to effectively manage privileges in the hybrid cloud. We ll document the four central factors organizations need to consider in evaluating potential solutions the depth and breadth of the technology; support for integration with infrastructure platforms (including VMware vsphere and AWS); integration with existing network, systems, and security management tools and processes; and the ability of a solution to scale and keep pace with rapidly evolving hybrid cloud environments. Lastly, we ll reveal the seven specific functional capabilities needed to assure success in what we re calling next generation privileged identity management efforts.

3 Next Generation Privileged Identity Management 3 What s Changed? It s become axiomatic to assert hybrid cloud computing is growing rapidly. But consider a few data points nonetheless: Total global spending on public cloud services will reach $100 billion by 2016, up from $40 billion just last year according to market researcher IDC. One-third of virtualized workloads consist of mission critical applications, according to Morgan Stanley surveys. IDC projects at least 80 percent of the growth in the IT industry will come from cloud services by the end of the decade. In the United States, the federal government has mandated a cloud first policy for new IT initiatives. Commercial entities are following suit. Strategically, the hybrid cloud offers organizations improved flexibility. Workloads can be deployed, moved, and grown instantaneously in response to changing conditions. Innovation is fostered because the cost of experimentation is so low. Organizations can prototype and evaluate concepts cheaply. That s unlike the past, when even simple programs might have required massive infrastructure costs to evaluate, or would have been completely impossible at any level of investment. But, for all its benefits, the hybrid cloud brings significant implications for privileged identity management. These factors challenge the ability of organizations to effectively manage risks and demonstrate compliance. 4We see changes across four broad areas: Extended management planes, which are more complex and exist outside the borders of traditional perimeter defenses and controls. Increased reliance on shared responsibility security models. New management consoles and technology to master. The burgeoning popularity of the hybrid cloud the combination of workloads deployed across traditional data center infrastructure, virtualized servers, and public/private clouds is a consequence of multiple compelling benefits. Unprecedented challenges in enforcing security controls in increasingly complex, large-scale, and dynamic environments. Most pointedly, hybrid cloud deployments offer lower costs due to reduced capital expenditures often dramatically so along with more economical operations.

4 4 Xceedium White Paper Extended Management Plane In the past, an organization s IT management plane was if not simple at least self-contained. All the consoles and interfaces used to manage IT infrastructure were located within a constrained environment. Physical and virtual access could be controlled through firewalls, intrusion prevention and detection systems, virtual private networks, and other security controls. Growing reliance on virtualization increases the complexity of the management plane by introducing new management tools. But virtual infrastructure still exists within an established perimeter that can be defended. For organizations with immature approaches to privileged identity management, limiting physical access to devices and consoles provides limited protection. However, cloud computing breaks that model by eliminating the perimeter moving systems into an abstract environment and operating within physical data centers whose precise location may not even be known. There is no perimeter; so perimeter-based protection strategies don t just fail, they become almost irrelevant. Yet another challenge is determining how to extend existing control structures to the cloud. Established security best practices, compliance and regulatory requirements, and audit mandates have led organizations to develop comprehensive policies, processes, and enabling technology to control their privileged users. Successfully moving those controls to the cloud first requires organizations be able to integrate with Identity and Access Management (IAM) capabilities in these new environments. But with so many different environments each with their own unique approaches to authentication, access control, policy enforcement, and monitoring an equal or greater challenge is architectural. Effective privileged identity management requires a consistent set of policies be defined, implemented, and enforced across all the different platforms that comprise the hybrid cloud. Lastly, privileged identity management technology deployments become more complex in the hybrid cloud. As already suggested, the initial hurdle is identifying technologies providing broad platform support for resources across the hybrid cloud; servers, databases, networking devices, virtual and cloud management consoles, and more. But equally important is flexibility in deployment. One of the principal benefits of the hybrid cloud is the suppleness and responsiveness the environment offers. Privileged identity management technologies must be capable of delivering the very same attributes. Otherwise, they become a constraint on the ability of the organization to fully leverage the hybrid cloud infrastructure, and leave critical assets unprotected. Shared Responsibility Security Models At some level, shared responsibility for security has always existed. IT teams proffer at least an implicit level of trust (sometimes sadly unwarranted), assuming hardware and software technologies provided by vendors are safe and secure. Where operational requirements dictate more demonstrable levels of trust, they can be achieved through implementation of high assurance technologies (e.g., encryption, smart cards and other multi-factor authentications), and through testing and certification programs such as FIPS 140. In virtualized environments, the status quo of implicit trust remains largely intact. But with the cloud, that s not the case. As noted, systems execute in abstract environments, located in physical data centers whose precise locations may be unknown or

5 Next Generation Privileged Identity Management 5 obscured. Gaining access to those data centers to evaluate their integrity would invalidate the very controls established to ensure they deliver the security and integrity necessary for multiple other customers. To overcome the inherent issues introduced in such an environment, cloud vendors such as Amazon Web Services have established shared security responsibility models. The models are meant to clearly delineate responsibilities for specific aspects of security. In doing so, these shared models offer a number of advantages and benefits. By making these implicit assumptions explicit, end-users are in a much better position to evaluate the risks they re undertaking within a given technology infrastructure. And, faced with the requirement to satisfy customer security concerns, cloud vendors are incented to both make real investments in improving the security of their portion of the technology stack, and to provide attestation of that integrity via third-party examination and validation. Technology platforms become demonstrably more secure, and customers gain greater insight into risks. Amazon Web Services Shared Security Responsibility Model New Management Consoles Both Amazon Web Services and VMware, like IT technologies before them, introduce new management consoles. As always, new technologies introduce new security challenges. The first is relatively conventional and expected more management consoles and APIs introduce more surfaces to be attacked. Organizations must ensure new technologies are protected. Authorized users should be identified and authenticated, access and authority rights and constraints established and enforced, and environments should be appropriately monitored. While these tasks are potentially much more difficult to carry out (given the elimination of the perimeter that had served as the basis for much protection), the overall job is the same as it s always been. It s just bigger. Other risks were harder to predict. The nature of virtualization and cloud computing the ability to create (and destroy) resources with a keystroke introduce fundamentally new security challenges. These new consoles offering the capability to manipulate not just target systems, but infrastructure as well deliver privileged users ultimate control over the environment. It s fair to say the power they deliver and the risks they entail are unprecedented in IT. They re the ultimate in superuser accounts, and they merit special attention and care. In addition, hybrid cloud computing bypasses a number of traditional IT control points. Physical hardware doesn t, as much as we might wish, just show up. Purchases must be budgeted, procurements

6 6 Xceedium White Paper authorized, boxes shipped and received, testing performed, rack space and power/cooling allocations secured, devices installed, configurations checked and on, and on, and on. In both virtualization and cloud computing, those processes (much like traditional perimeter defenses) are sidestepped. Without new processes and controls, privileged users can create, move, and delete resources at will. That introduces a number of operational risks to the environment. Importantly, that flexibility also introduces financial risks since deploying resources (particularly in the cloud) incurs costs. In organizations where expenditures are subject to tight controls, such as government organizations, that flexibility can result in unauthorized and unapproved financial commitments. An IT management console can become a de facto procurement system. Complexity and Dynamism Famously, we re taught those who live by the sword shall perish by the sword. It s a bit like that in the hybrid cloud. Start by thinking about the benefits the hybrid cloud delivers flexibility, rapid deployment, massive scale at a moment s notice, and much more. Now think about the implications of that environment on traditional privileged identity management technology, which is more often manual in nature, slow to implement, and potentially difficult to deploy and scale. It is critical privileged identity management solutions not just keep pace with the environment, but rather outpace its rate of change to maintain protection. Falling behind a rapidly evolving environment is a recipe for failure on a stellar scale.

7 Next Generation Privileged Identity Management 7 Requirements for Next Generation Privileged Identity Management It s clear the hybrid cloud changes a lot about what s needed from a next generation privileged identity management solution. Protecting an expanded management plane; understanding and leveraging shared security responsibility models; understanding and protecting new technologies; and scaling up to maintain control over new, highly elastic cloud environments. They re all difficult challenges. In planning on how to overcome these hurdles, organizations need to consider four issues while evaluating potential technical solutions the depth and breadth of the technology; support for integration with infrastructure platforms (including VMware vsphere and Amazon Web Services); integration with existing network, systems, and security management tools and processes; and the ability of a solution to scale and keep pace with rapidly evolving hybrid cloud environments. Depth and Breadth When we talk about depth and breadth, there are really two central issues to consider the scope of the solution s overall privileged identity management controls, and the infrastructure coverage it provides. A robust solution needs to provide specific capabilities to satisfy multiple functional requirements. These include providing secure credential storage and management, strong authentication, access control, monitoring, auditing, and more. As discussed, one of the defining characteristics of the hybrid cloud is the extended management plane it introduces. Spanning multiple technology platforms, management of the hybrid cloud requires access to a diverse set of interfaces and disjoint systems located in traditional data centers, within the cloud, and across virtualized servers and systems. Bringing all of those diverse infrastructure and application management systems under the control of a single logical policy enforcement regime delivers two benefits: First, it makes it possible to exert a consistent set of controls across the environment from a single enforcement point. Individuals might be given access to a particular type of system, such as servers or databases, regardless of their location. Or control over a technology infrastructure, like a physical data center, or even some sub- or superset of resources. Second, the flexibility inherent in working with a single point of control also boosts productivity and efficiency. Individuals can access all authorized resources from a single logical and physical location. Given the complexity of IT environments, this can be a significant gain. Individuals need to access multiple systems across different environments it s no wonder administrators resort to such insecure practices as keeping passwords in spreadsheets or files. But even then, administrators waste time looking for the credentials they need. Given the requirements, effective privileged identity management solutions in the hybrid cloud will favor comprehensive, well-integrated offerings over individual point solutions: Different privileged identity management technologies across different platforms and environments, each implementing controls in a different way, can lead to inconsistent policy definition and enforcement. That results in less effective security, and gaps in coverage. And with multiple tools, the task of demonstrating compliance with the host of regulatory mandates most organizations must satisfy becomes significantly more complex. Multiple systems means multiple data stores for policies and operational logs. That data must be collected and consolidated before it s consumable by audit and enforcement teams. Finally, multiple solutions boost administrative complexity and operational costs. With a

8 8 Xceedium White Paper comprehensive system, there s a single point for defining and enforcing policy, gaining access to systems, and monitoring and reporting on results. Infrastructure Integration Secure privileged identity management demands integration with IT infrastructure at multiple points. We ll consider three that are particularly important. Identity Let s begin by looking at identity itself. One of the more significant risks of an identity management effort privileged or otherwise is developing islands of identity, or multiple data stores with risks of duplicated information and wasted effort in provisioning and deprovisioning processes. These situations can also lead to inadvertent risks as users with multiple credentials are only partially excised from systems. An individual leaving a team or organization may inadvertently retain credentials to sensitive resources. To avoid these risks, it s essential privileged identity management solutions provide an identity-bridging or federation capability across different identity data stores Active Directory, other LDAP directories, or RADIUS. Since most organizations rely on a directory, to define both identity and access rights and permissions, integration here can deliver support for much traditional and virtualized infrastructure. It s incomplete though when it comes to the cloud Amazon Web Services, for example, operates its own IAM system. It is elegant, comprehensive, and provides a great layer of protection for privileged users working with Amazon s Management Console. But Amazon Web Services IAM can be complex, and could become another identity island requiring constant management. The ability to federate identities in existing directories with IAM enables organizations to enforce granular policy control over the use of management consoles, while simplifying the management of identities across multiple architectures. Identity bridging and federation also come into play while working to eliminate the use of shared, essentially anonymous, administrative accounts like root. Since many individuals share a single account, it s never possible to determine precisely who performed a given action. Maintaining strong links to identity, combined with command control and monitoring capabilities, helps eliminate these questions and associated risks. Multi-Factor Authentication and Secure Storage Given the sensitivity of the systems privileged users are managing, it s not surprising they are increasingly required to utilize multi-factor authentication. The U.S. federal government has taken a leadership position in this regard. Mandates, such as the forthcoming NIST r4 standards, dictate the use of strong authentication and access controls for privileged users, while HSPD-12 and OMB Memorandum mandate the use of privileged identity verification/common access card (PIV/CAC) cards for all types of system access, not just privileged individuals. Commercial entities are also adopting smartcard technologies. In addition to smartcards, a substantial installed base of hardware-based security tokens, like SecureID, exists and is in widespread use for all types of users. Technologically related to this infrastructure integration requirement is the growing reliance on Hardware Security Modules (HSM) for the storage of cryptographic keys protecting

9 Next Generation Privileged Identity Management 9 privileged credentials. HSMs leverage sophisticated hardware-accelerated encryption techniques to support high assurance security implementations. The passwords and other credentials maintained by a privileged identity management solution are the most sensitive ones within the organization, and an HSM-based storage option is a meaningful precaution. Cloud-Class Scalability Finally, we ve already discussed the scale and dynamism of the hybrid cloud. In these rapidly changing environments, the ability to automatically discover resources as they re created and automatically apply policy to them is an essential capability in maintaining control. Consider a typical scenario where a retailer might need to rapidly deploy dozens, or hundreds, of additional servers around the holidays to satisfy customer demand. Traditionally, privileged identity management vendors have provided some basic level of automated discovery of resources. But those capabilities provide limited help when new devices start appearing by the hundreds. Manual, hands on keyboards, approaches to identifying target systems and defining appropriate policies significantly and unacceptably delay deployments. That costs revenue. And the manual policy provisioning process can easily lead to errors and oversights resulting in the deployment of unprotected or improperly managed resources. In dynamic hybrid cloud environments, auto-discovery, combined with auto provisioning of policies, is an important new requirement for privileged identity management solutions. Network, Systems, and Security Management Support Most organizations have established, mature processes and tools for activities like network and systems management, and security operations. It s important privileged identity management solutions deliver seamless integration with these systems, to ensure support for these critical processes. In most cases, the required integration can be achieved with relative simplicity, leveraging technologies and protocols like SNMP traps, or syslog sharing. Sometimes, more robust, purpose-built integration is desirable. Scalability and Reliability As with other enterprise technologies, privileged identity management solutions need to deliver high levels of reliability and availability. This typically translates into requirements for rapid throughput and efficiency, as well as more traditional high-availability capabilities such as clustering, failover, and load balancing. Our experience with large-scale customers has revealed a number of specific requirements: The ability to manage tens- or hundreds-ofthousands of servers and hundreds or thousands of individual users. The ability to support hundreds of simultaneous user sessions from a single server. Approaches that top out after establishing a couple of dozen sessions will demand the continuous addition of new servers consuming time, energy, and budget. Leverage built-in scalability features, rather than requiring additional servers, databases, and highavailability infrastructure from other vendors at significant additional cost. Ease of use, particularly when defining or reconfiguring policies. Avoid the requirement to install software on target systems. While this can sometimes be a worthwhile effort, the requirement to support a heavy client on each new node quickly becomes a burden and adds friction to operations. Trying to install software at startup time is inefficient, while the alternative limiting users to specific images with agents already installed constrains flexibility and the speed advantage that cloud and virtualization offer.

10 10 Xceedium White Paper Xceedium s Next Generation Privileged Identity Management Xceedium was the first privileged identity management vendor to deliver a comprehensive, integrated solution that spans the entire hybrid cloud. In working with customers, we ve identified seven next generation privileged identity management capabilities essential for success. Xsuite, Xceedium s hybrid cloud privileged identity management solution, delivers all these controls and more. With virtualization, privileged account management and maintaining separation of duties in that environment is a pretty complex problem. If you get privileged access at the hypervisor level you can do a whole lot more damage than just getting access to a single application. Lori Rowland, Gartner Managing VP Vault and Manage Credentials and Passwords Given they represent the proverbial keys to the kingdom and considering the value of the assets they protect, the way most organizations protect and manage privileged credentials is shocking. Typically stored in spreadsheets or flat files and shared indiscriminately, these resources are for all intents and purposes essentially unprotected in most organizations. So the first step in establishing control over privileged identity management is to capture, vault, and manage these privileged credentials. This protects credentials from disclosure within a secure, encrypted vault. Xsuite provides its own secure storage facility, and offers an integrated SafeNet HSM option for high assurance security requirements. In addition to administrative credentials, it s a requirement that application-to-application passwords be managed. These passwords, used to access databases and other systems, are typically hard-coded into applications and scripts, posing a serious risk of loss or disclosure. Xsuite manages passwords: creating and maintaining passwords, establishing and enforcing password complexity and change requirements, and providing direct and indirect access to privileged users through direct interaction with target systems. Unlike other systems that implement only check-out features relying on cutting and pasting passwords for access to systems, Xsuite passes passwords and other credentials directly to target systems. This means critical credentials are never exposed to end users or their end nodes. This eliminates inadvertent disclosure to rogue users or malware that can result in theft, loss, or corruption. Positive User Authentication When working with such sensitive resources, positive user authentication is an essential requirement. That s true not just for reasons of security. Auditors increasingly want to know exactly who conducted a privileged transaction, even when administrators use shared privileged accounts like root. Xsuite is able to leverage existing identity stores such as Active Directory and protocols like RADIUS to positively identify individuals and ascertain group memberships and role definitions. As an adjunct, Xsuite is tightly integrated with several multi-factor authentication technologies, including SafeNet smartcards and SecureID hardware tokens. Control Visibility and Access In many networks, authentication is functionally equivalent to access control. Once on the network, an individual gains visibility to resources across it. Even if the user doesn t have direct authorization to access a specific system, he or she can leverage this visibility to simplify efforts to gain entry to high value targets. In most cases, given existing credential storage techniques, the task simply isn t that hard. It s clear this approach delivers inadequate levels of control. This weakness is overcome by expressly separating authentication and access control. Authentication serves simply to identify an individual user. Access to specific systems should be controlled based on established organizational policies.

11 Next Generation Privileged Identity Management 11 With Xsuite, authentication merely confirms an individual s identity. Access to resources is managed by a completely different part of the system, controlled by specific, explicit policies. Once authenticated, users are presented with a list of only those servers and network resources they are explicitly authorized to access. Xsuite also controls which methods can be used to access target systems (such as SSH, RDP, web applications, and the like.) Privileged users simply never see resources they re not authorized to access. Monitor Sessions and Control Command Execution Given the risks associated with privileged users, their activity should be monitored continuously. Users should only be allowed to execute authorized commands. Ideally, control should be extended to the execution of individual arguments and parameters of commands. Unauthorized commands should be proactively rejected and stopped from executing. Xsuite monitors sessions through a combination of policy-based white and black command lists. Whitelisted commands are allowed, subject to the constraints defined within a session policy. Black-listed commands are discarded. Each session is proactively monitored by the system and all activity is logged. If a user attempts to execute an unauthorized command, multiple responses are available. At the most basic level, the command is blocked, the violation is logged, and the user is warned of the policy violation. It s also possible to generate alerts for dispatch to the security or monitoring team. For particularly egregious violations, a session can be terminated. Optionally, an offending user s account can be temporarily suspended, preventing reuse until the incident is investigated and resolved satisfactorily. browser-based applications. Session recordings optimized for economical storage use are viewed using a DVR-like playback interface. Recordings can be stopped, started, rewound, fast-forwarded, and more. That simplifies the task of reviewing individual sessions. Attempted policy violations are captured and integrated with the recording. A reviewer can simply jump ahead to the next recorded policy violation to speed evaluation and resolution efforts. Prevent Leapfrogging and Contain Access A common attack vector leverages access to relatively inconsequential systems as a pathway to more interesting and rewarding devices. Attackers begin with lightly defended systems, taking control and leveraging access to attack the next step in the chain. Exploiting these attack paths requires visibility into the entire network in order to identify and attack the next waypoint on the path to the ultimate reward. Xsuite prevents this activity by controlling visibility into the network. Privileged users see only those systems to which policies provide access. Given Xsuite s powerful password vaulting and protection capabilities, if a rogue user did manage to gain access to an unauthorized system (perhaps Record Sessions A picture, it s said, is worth 1,000 words. And that s true when it comes to supervising privileged user activity. Xsuite records full user sessions across RDP, SSH, and web/ Xsuite records all activity on RDP, SSH, and web-based sessions. DVR-like playback allows users to examine session activity, and fast-forward to incidents and potential problems.

12 12 Xceedium White Paper by walking up to it in the data center), it would still be extremely difficult to gain access. Privileged passwords and credentials are protected in the secure, encrypted Xsuite Credential Safe. Additional protections against leapfrogging are provided by command filtering capabilities on target systems. Individual commands are intercepted and examined for compliance with policies. Unauthorized commands are proactively rejected accompanied by security alerts, logs, warnings, and even session termination. So, even if an individual somehow gains visibility to a given system, access attempts can be thwarted. Shared Account Identity Attribution By their nature, shared administrative accounts like root are anonymous. That poses a risk, but it s one that s often accepted, since shared accounts can be used to ease setup and ongoing management burdens across a large number of servers. The risk arises since, when multiple individuals make use of the accounts, it s difficult impossible in many cases to determine precisely who actually issued a command. Investigations into incidents, as well as, demonstrating compliance with regulatory standards are stymied because auditors can t conclusively document which individual issued a problematic command. Even though a user may be using a shared account, Xsuite knows with precision which user is logged in and using the account, and exactly what he or she is doing (no anonymous activity is permitted). Organizations get the benefit of simplified system configuration and management without the issue of explaining to an auditor why they don t know who was root at 2:00 p.m. on Tuesday. Bottom Line While hybrid cloud computing architectures provide a number of compelling benefits, they introduce broad changes that complicate the task of privileged identity management: an extended management plane, more complex than in the past and extending beyond traditional perimeter security borders; shared responsibility security models; new management consoles and technology; and far more complex and dynamic environments. Successfully overcoming these challenges in order to manage the risks posed by privileged users requires consideration of new requirements for privileged identity management solutions. They are the overall depth (the specific functional capabilities it supports) of a proposed solution; as well as its breadth (the ability to support all parts of the hybrid cloud); the need to efficiently integrate with existing infrastructure such as general purpose identity management and directory technologies; cloudclass scalability; support for existing network, systems, and security management systems and processes; and high levels of reliability. Xceedium s Xsuite provides comprehensive coverage of essential hybrid cloud privileged identity management capabilities.

13 Next Generation Privileged Identity Management 13 Finally, implementing identity management controls for the hybrid cloud requires integrated solutions, offering the ability to vault and manage credentials and passwords, ensure positive user authentication, control visibility and access, monitor individual sessions and control command execution, record actions taken during sessions, prevent leapfrogging and contain individuals, and eliminate the ability of privileged users to remain anonymous behind shared administrative accounts like root. About Xceedium Xceedium is the leading provider of privileged identity management solutions for hybrid cloud enterprises. Large companies and global government agencies use Xceedium products to reduce the risks that privileged users and unprotected credentials pose to systems and data. Xsuite vaults privileged account credentials, implements role-based access control, and monitors and records privileged user sessions. With unified policy management, Xsuite enables the seamless administration of security controls across systems, whether systems reside in a traditional data center, a private cloud, on public-cloud infrastructure, or any combination thereof. Xceedium solutions enable organizations to comply with security and privacy mandates such as: PCI DSS, FISMA, HIPAA, and NERC CIP. The company s products provide industry-leading reliability, availability, and scalability, and are the most highly certified products in the market with designations including FIPS Level 2, Common Criteria EAL4+ and the U.S. DoD Unified Command Approved Products List (UC/APL). For more information, please visit. 2013, Xceedium, Inc., All Rights Reserved