SAN JOSE, Calif, Feb. 7, 2001 - Cisco Systems, Inc., the leader in securing the Internet economy, today announced that its Cisco PIX Firewall family has earned the highly prestigious Common Criteria Evaluation Assurance Level 4 (EAL4) certification.

The certification underscores Cisco's strategy of delivering scalable, high performance security services through SAFE, a flexible security blueprint within Cisco AVVID (the Cisco Architecture for Voice, Video and Integrated Data) that helps organizations reliably and cost effectively engage in e-Business today.

"It's well known that Cisco doesn't pursue many certifications for its market-leading PIX Firewall family because there aren't many out there providing truly objective assessments of security assurance," said Tom Russell, director of security product marketing at Cisco Systems. "The Common Criteria EAL4 certification is highly regarded because it involves an extensive, comprehensive evaluation process that includes source code review, design and engineering analysis and vulnerability and penetration testing, which is independently validated."

Unlike many industry certifications, the Common Criteria process provides customers with an independent and objective validation that a company's product meets certain levels of quality, reliability and trustworthiness. Cisco's global customers can use this certification as a means of quantifying or measuring the extent to which a product's security has been assessed in a standard, internationally recognized way.

As one of the first firewall appliances to earn EAL4 certification the highest assurance level attained by any firewall under Common Criteria the Cisco PIX Firewall family has been validated for worldwide developers or users who require a moderate to high level of independently assured security.

"Cisco took a leadership position here by submitting the PIX Firewall for this evaluation process," said Russell. "We've always believed in high-quality evaluations, and we've always built highly scalable, reliable and price-competitive products. Earning this certification is great validation of the PIX firewall's robust security capabilities."

About Common Criteria

The Common Criteria for Information Technology Security Evaluation (CCITSE) is a set of evaluation criteria agreed to by the United States' National Security Agency/National Institute of Standards and Technologies and equivalent bodies in 13 other countries. It was designed to resolve the technical and conceptual differences among existing standards for the evaluation of security systems and products. Common Criteria version 2.1 recently became an International standard - ISO 15408.

Certification to the Common Criteria EAL4 requires in-depth analysis of product design and development methodology, backed by extensive testing. EAL4 certificates are currently recognized by the following countries: United States, Canada, Australia, New Zealand, France, Germany, Finland, Greece, Israel, Italy, The Netherlands, Norway, Spain and the United Kingdom.

The Common Criteria represents the outcome of efforts to develop criteria for evaluation of IT security that are widely accepted within the international community. Further information is available at www.commoncriteria.org and www.itsec.gov.uk.