Juniper Networks Compliance Advisor enables you to find regulatory compliance information, namely
Common CriteriaAccording to the official Common Criteria site, "the Common Criteria defines a set of IT requirements of known validity which can be used in establishing security requirements for prospective products and systems."
In more practical terms, the Common Criteria is a set of internationally recognized and accepted standards that allows vendors to make claims about the security functionality of their products and then demonstrate through third-party testing and verification that the products actually meet those claims. Potential customers can use Common Criteria certifications as a basis by which to evaluate the secure nature of IT products that they want to procure, without going through their own expensive and time-consuming security testing and qualifications. Today, more than 22 countries have adopted the Common Criteria certification.
Commercial Solutions for Classified Program (CSfC)The Commercial Solutions for Classified Program (CSfC) was established by the National Security Agency/Central Security Service (NSA/CSS) to allow for the usage of approved commercial off the shelf (COTS) industry products to protect NSS/CSS classified information. The CSfC program requires both FIPS 140-2 and Common Criteria/NIAP certifications as prerequisites for listing on the CSfC Components List.
Department of Defense Information Network Approved Products List (DoDIN APL)The Department of Defense Information Network Approved Products List (DODIN APL) is established in accordance with the UC Requirements (UCR 2013) document and mandated by the DOD Instruction (DODI) 8100.04. Its purpose is to maintain a single consolidated list of products that have completed Interoperability (IO) and Cybersecurity certification. Use of the DODIN APL allows DOD Components to purchase and operate systems over all DOD network infrastructures.
FIPSThe National Institute of Standards and Technology (NIST) developed FIPS to ensure the security of algorithms and cryptographic functions. These standards are used as a guideline for federal procurements and are recognized by the U.S., Canada, and increasingly, by other governments around the world such as the UK. In addition, FIPS is likely to be adopted in some parts by organizations and enterprises in the financial arena, as part of the American National Standards Institute (ANSI).
The FIPS 140-2 standard defines security requirements that must be met by a cryptographic module used in an IT security system that protects unclassified information. FIPS validation verifies the secure design and implementation of the crypto module in question. Areas analyzed and validated by FIPS 140-2 include cryptographic algorithms, key management, software security, physical security, basic design and documentation, etc.
HomologationHomologation is the process of certifying or approving a product to indicate that it meets regulatory standards and specifications, such as safety and technical requirements.
RoHS2The RoHS2 directive (2011/65/EU) is an evolution of the original directive and became a
law on July 21, 2011 and took effect on January 2, 2013.
It addresses the same Restriction of Hazardous Substances as the original directive while improving regulatory conditions and legal clarity.
It requires periodic reevaluations that facilitate gradual broadening of its requirements to cover additional electronic and electrical equipment,
cables and spare parts. The CE logo will now indicate compliance and RoHS2 declaration of conformity.
As of July 21, 2016, Juniper will only ship RoHS2 compliant products into EU countries, Iceland, Liechtenstein, Norway, Switzerland and Turkey.
USGv6 is a technical standards profile developed by National Institute of Standards and Technology (NIST) for wide scale adoption of IPv6 in the US Government (USG).
and Voluntary Product Accessibility Templates (VPATs)
On January 18, 2017 the Access Board issued a final rule that updates accessibility requirements for information and communication technology (ICT) in the federal sector covered by Section 508 of the Rehabilitation Act. The rule also refreshes guidelines for telecommunications equipment subject to Section 255 of the Communications Act. The rule jointly updates and reorganizes the Section 508 standards and Section 255 guidelines in response to market trends and innovations, such as the convergence of technologies. The refresh also harmonizes these requirements with other guidelines and standards both in the U.S. and abroad, including standards issued by the European Commission and with the Web Content Accessibility Guidelines (WCAG), a globally recognized voluntary consensus standard for web content and ICT. In fact, the rule references Level A and Level AA Success Criteria and Conformance Requirements in WCAG 2.0 and applies them not only to websites, but also to electronic documents and software.
for Juniper Networks products.