secunet IT High-Security Solutions
secunet is one of Germany’s leading providers of superior IT security.
In close collaboration with its clients, including armed forces, public authorities, enterprises and international organisations, secunet develops and implements high-performance products and state-of-the-art IT security solutions.
IT infrastructure security products for the armed forces
secunet not only keeps IT infrastructures secure for its clients, but also achieves intelligent process optimisation and creates sustainable added value.
The company has more than 350 experts who focus on issues such as cryptography (SINA), e-government, business security and automotive security.
secunet places emphasis on long-term relationships with its clients in an atmosphere based on partnership. This is demonstrated by its successful security relationship with the German Federal Republic, which has been active since 2004.
secunet’s IT security projects for military and defense
secunet specialises in innovative and sophisticated IT security solutions.
Company projects comprise the preparation of security analyses and concepts, supporting critical software development projects, technology evaluation and the implementation of solutions, which also contains high-security.
Procedures are based on internationally recognised guidelines and standards, such as ISO 17799, ISO 13335 or the German IT-Grundschutz Manual. The portfolio also includes the programming and implementation of various smart card scenarios.
BSI-compliant test facilities for IT security
secunet runs a test laboratory approved by the German Federal Office for Information Security (BSI) for IT conformity. It is also compliant with ISO 17025 and is experienced in the preparation and implementation of other test procedures.
For more than ten years, secunet has supported evaluations of IT systems in accordance with Common Criteria (CC) and Information Technology Security Evaluation Criteria (ITSEC). Confirmation procedures are also supported in accordance with the German Signature Act.
Due to its focus on highly sophisticated IT security, secunet is repeatedly involved in the inital planning stages of flagship projects, when secure communication is required or data and digital identities need to be protected against unauthorised access.
secunet has made an important contribution to projects such as De-Mail, the electronic passport, secure citizen portals and digital identities, and is currently supporting the discussion about secure standards in intelligent electricity grids, the so-called smart grids.
The company also possesses extensive knowledge in the area of automotive security and helps car manufacturers and suppliers to develop and implement innovative security solutions. Topics include flash data security, function activation, secure backend infrastructures and online security.
Proven knowledge of regulated markets
secunet is an established and longstanding service provider for public authorities and the German armed forces, and is familiar with the requirements of government agencies.
The successful collaboration resulted in a wide-ranging security partnership between the German Federal Ministry of the Interior and secunet in 2004.
Furthermore, in 2011, secunet was certified by the Federal Office of Information Security (BSI) as one out of two companies for information security (IS) consulting and auditing. The company also supports the development, evaluation and certification of governmental technology products in accordance with CC and ITSEC.
The joint activities with the BSI include among others the development of the SINA product range and solutions in the area of biometrics and electronic IDs.
Scalable security networks for handling classified data
For the German Federal Office for Information Security, secunet developed the secure inter-network architecture, which enables secure processing, storage and transmission of classified documents and other sensitive data.
The SINA product portfolio covers different gateways, line encryptors, clients and management systems that have been in use in the public sector, armed forces and companies handling classified information.
The German Government entrusts SINA with its most sensitive data and uses products from the product range in many areas for secure communication.
As a VPN gateway, the SINA L3 Box is a core component of the central IT infrastructure in classified level networks.
On the one hand, it connects private networks belonging to public authorities or companies via public networks, the internet in particular. On the other, access to (terminal) server areas by SINA clients is provided via SINA L3 Boxes, which serve as cryptographic network access points. The exchanged data is transmitted in so-called VPN tunnels either between SINA L3 Boxes only or between SINA clients and SINA L3 Boxes.
The holistic security concept of the SINA L3 Box comprises a secure SINA Linux system platform, smart card technology, IP security (IPsec)-protected communication and scaled and configured hardware-compliant with approval standards.
Governmental IT and data transmission systems
The SINA L3 Boxes are approved in various configurations for the transmission of classified material, including TOP SECRET (Germany), NATO SECRET (NATO) and SECRET UE (EU).
The SINA Workstation features a cryptographic file system and IPSec-protected communication. Protected by a VPN tunnel, the SINA Workstation communicates with server or terminal server areas, allowing flexible use. SINA networks can be accessed via wired or wireless media. Emission-protected hardware platforms are required for approval purposes.
The SINA Workstation S was specially developed for users with medium protection requirements. It is multi-session enabled and can, for instance, process public data and RESTRICTED data in parallel sessions. The SINA Virtual Workstation S supports a wide range of standard hardware.
The SINA Workstation H was specially developed for users with higher-level protection requirements and is based on hardware cryptography. It is multi-session enabled and can, for instance, process classified data in parallel sessions.