Network Encryption from CipherOptics
 
 
 Company Overview
 Executive Team
 Board of Directors
 Executive Advisory Board
 Newsroom
 In the News
 Industry News
 Trophy Room
 Press Releases
 Careers
 Solutions Overview
 Network Encryption
 MPLS Security
 Metro Ethernet Security
 International Data Protection
 Network Security & Data Protection
 Disaster Recovery
 Point-to-Point Encryption
 Real-time & High-volume Applications
 Secure Information Sharing
 Products Overview
 CipherEngine™
 Security Gateways
 Service Offerings
 Resource Center
 Compliance Overview
 HIPAA Compliance
 Sarbanes-Oxley Compliance
 GLBA Compliance
 CA SB 1386 Compliance
 PCI DSS Compliance
 Basel II Compliance
 FERPA Compliance
 FFIEC Compliance
 ISO 17799 Compliance
 NERC Cyber Security
 Government Overview
 Government Regulations
 FISMA Compliance
 DoD 8100.2 Compliance
 NISPOM Compliance
 DCID 6/3 Compliance
 Government Security News
 10Gig Network Encryption
 Partner Overview
 Strategic Partners
 Resellers
 Technology Partners
 Become a Partner
 Partner Portal Login
 Contact Information
 Web Contact Form
 Support
 
   

Government Solutions

Government Sales
Jim Drain
1-877-258-3034
fedsales@cipheroptics.com
Request more information

Click here to chat with a CipherOptics representative
Available Monday - Friday
9am - 5:30pm EST
Our Customers
A few of our government customers
Accreditations
Common Criteria Certified
FIPS 140-2 Validated
Environmental Compliance
White Papers
Browse our collection of
white papers and learn how CipherOptics' innovative approach resolves the traditional difficulties of network encryption.
Home > Government Solutions > DoD 8100.2 Compliance

DoD 8100.2 Compliance

The Department of Defense Directive 8100.2 (DoD 8100.2) defines the security policies for the use of wireless technologies within the DoD Global Information Grid. The main purpose of this directive is to protect DoD computer networks from the security vulnerabilities introduced via wireless networks. It was issued April 14, 2004 and went into effect immediately.

How does CipherOptics help?
CipherOptics CipherEngine enables Secure Information Sharing, which assures the confidentiality, authenticity, and integrity of data in motion on any network. Our approach to protecting both your network and your data is to deny access to everyone, permit by exception. With that as our driving force, our solutions provide you with both encryption and authentication of all your critical information on the LAN or Wireless LAN.

Using powerful 256-bit AES encryption that is approved by the NSA for "sensitive" information, CipherOptics appliances authenticate networks and packets and protect data. Using the robust secure hash algorithm (SHA-1), the security gateways verify the integrity of the data, rejecting any packets that have been manipulated or altered. Secure hash can also be used to thwart unauthorized intrusion at the network level. The security gateway's deterministic firewall feature can reject any packets that lack the proper encryption-based authentication of a trusted endpoint. This effectively turns the local network dark to all unauthenticated traffic from the outside network.

In support of the DCID 6/3, CipherOptics CipherEngine can also use encryption to separate data of different security levels that travel on the same network (cryptographic segmentation).

Best practice for DCID 6/3 data security compliance requires a layered approach to network and data security. By protecting confidential data in motion, CipherOptics is an important component of this comprehensive security strategy.

CipherOptics data protection gateways are FIPS-140-2-validated, Common Criteria certified, and available on government buying vehicles. They are field-proven in some of the most security-conscious networks in the world and are the preferred solution for securing high-speed IP networks by many agencies. Customers include the Social Security Administration, Department of Energy, Department of Agriculture, the U.S. Coast Guard, NASA, U.S. Army and the National Security Agency.

What does CipherOptics do?
CipherOptics is the leader in network-wide encryption. Offering an innovative policy and key management solution, coupled with high speed, low latency encryption technology, CipherOptics helps their customers mitigate the risk of data leakage, loss and theft over any network.

Who is affected by DoD 8100.2?
This directive applies to all DoD employees as well as visitors to DoD facilities. It also applies to contractors and others who have access to DoD information.

What are the requirements of DoD 8100.2?
Some of the requirements of the directive include:
  • Implementing strong identification and authentication at both the device and network level (4.1.1)
  • Encryption of data, to and from the wireless devices (4.1.2)
  • Use of FIPS 140-2 Level 1 or Level 2 validated technology to encrypt wireless data end-to-end (4.1.2)
  • Encryption of VoIP packets (4.1.2.1)
  • Introduction of wireless technologies requires a security review and documentation (4.1.5)

In short, DoD 8100.2 mandates that all data on wireless networks be encrypted end-to-end.

A June 2, 2006 supplemental policy and guidance memorandum to DoD 8100.2 adds several requirements regarding WLAN (802.11) technology, including the following: "DoD Components must ensure that WLAN-enabled devices, systems, and technologies use a robust defense-in-depth security approach that includes confidentiality, integrity, and availability mechanisms. DoD Components must ensure that standards-based authentication and encryption are used."

What are the penalties for DoD 8100.2 non-compliance?
This is a mandatory directive and standard to be implemented throughout the U.S. Department of Defense.

How do organizations comply with DoD 8100.2?
All wireless communication must be encrypted end-to-end; it cannot be decrypted at unsecure access points. Furthermore, emerging and future wireless protocols need to be protected as well.

Wireless infrastructure and security technology must be FIPS 140-2 validated and must use robust standards-based authentication and encryption methods. Wireless devices, systems, and technologies must include confidentiality, integrity, and availability mechanisms as part of a defense-in-depth security approach.

Helpful Resources
Text of DoD Directive 8100.2
 
Copyright 2002-2008 CipherOptics, Inc. | All rights reserved | 1-877-878-6655
Trademark and Legal Notices | Privacy Policy | Site Map