- Overview
- Acclaim
- Editions
- Details
- Standards
- Related Info
encrypt,
or encrypt & sign |
for
confidentiality |
|
| SecretAgent 7 relies on ISC CDK 8.0 cryptographic library which was recently awarded NIST FIPS 140-2 Validation Certificate #3105. SecretAgent 6 introduced a more intuitive graphical user interface, with integrated add-in modules for the management of user certificates (and LDAP directory queries), optional SpyProof! functionality, and the authoring of security policy files for system administrators. Continuing in the SecretAgent 5 tradition, it transparently manages each user's key history, supports DAS and S/MIMEv3 CMS (RFC3852) on most platforms, and contains an integrated OCSP client. |
||
 |
ISC products can be used to satisfy OMB Memorandum M-06-16 security requirements! |
Critical Acclaim†
 |
ISC's SecretAgent/DAS interoperability demonstration project (IT 03.09) for CWID 2006 has been judged a "top performing technical solution" and is listed among the top twelve "standout" projects in the final report. |  |
 |
According to the U.S. Defense Information Systems Agency (DISA), SecretAgent "is the only known product approved by NSA for use in DOD classified environments, that allows a migration path to the DMS with Fortezza encryption cards." (Commerce Business Daily, Jan. 15, 1997.) | |
 |
In their review of SecretAgent, SC Magazine arrived at this verdict: "This solution will sit happily on a stand-alone machine or network and provides the means to secure data using either PKI or self-signed transactions. The installation is easy and the solution proved to be both intuitive and user-friendly." It was awarded 5 out of 5 stars for ease of use, performance, and value. | |
 |
A World Airline Entertainment Association (WAEA) Technical Specification says that "SecretAgent, the most popular encryption tool for airline entertainment systems, is used primarily for VOD [video-on-demand ] or scheduled viewing systems..." | |
†Strict confidentiality agreements have prohibited us from
publicly identifying our largest customers for more than a decade,
putting us at a significant disadvantage with respect to our competition.
However, since the references to some of our business relationships
quoted above have appeared elsewhere on the Internet, we feel that
citing them here for advertising purposes is not unreasonable.
SecretAgent Editions
ISC Security Console, the new cross-platform integrated framework for SecretAgent and other ISC security tools, is now available in the following editions:
| ISC Security Console Edition | |||
|---|---|---|---|
| Feature | Reader | Enterprise | Administrator |
Home Page |
 |
|
|
SA6 encrypt/decrypt/sign/validate |
decrypt only |
|
|
Certificate Management Module |
|
|
|
Directory Access Module |
|
|
|
PolicyAgent Module |
|
||
SpyProof! Module |
(available separately) |
||
Screen Shot
This screen shot shows the ISC Security Console Enterprise Edition as it would appear without SpyProof! installed. Administrator Edition includes a PolicyAgent module accessible via an additional button at the bottom of the left-hand navigation panel.
Product Details
Interoperable versions of SecretAgent are available on several platforms. Click on the link below for more information and some screen shots:
SecretAgent 6.0 for Windows, Linux, Mac OS X, and other UNIX platforms
SecretAgent Mobile for PocketPC/Windows Mobile
Feature Comparison Summary for SecretAgent on various platforms (updated 3/23/09)
Command line executable and linkable library versions of SecretAgent are also available on all supported platforms.
X.509 Support
SecretAgent uses standard X.509 version 3 certificates for encryption; CRL usage, retrieval and auto-updating via CRL distribution points are optional. Deploy SecretAgent for use with any existing PKIX-compliant PKI or use it with self-signed certificates if no PKI is available. We have performed
interoperability testing with all major Certificate Authorities
and PKI vendors (e.g., Comodo, Entrust, GlobalSign, and Verisign).
In February 2010, after extensive testing at DISA's JITC
PKI Certification Lab at Ft. Huachuca, SecretAgent 6.0.3 was awarded a formal
certification of full interoperability with the DoD PKI. According to the Certification Memo, JITC has found SecretAgent to be compliant with "the applicable requirements defined in Department of Defense Class 3 Public Key Infrastructure Public Key-Enabled Application
Requirements," 1.0, 13 July 2000. (The October 2002 JITC Interoperability
Test Summary for SecretAgent 5.6 for its DoD PKI interoperability certification is also available.)
Standards Compliance
SecretAgent fully satisfies NIST FIPS 140-2 and DoD/CNSS NSTISSP No. 11 acquisition requirements for COTS security and information assurance products. The product is available to all government agencies through a DoD/OMB/GSA blank purchase agreement (BPA) recently awarded to our reseller Carahsoft Technology Corp.
More detailed information about SecretAgent's compliance with relevant federal and industry cryptographic standards is available here. Some information on the use of SecretAgent to achieve HIPAA compliance is here.
 |
  |
Additional Information and Related Links
Document Access Servlet (DAS)
Diagram of the SecretAgent 6.0 encryption process (PDF)
SecretAgent 6 Reader (license includes free, 1-year e-mail certificate)
Section 508 VPAT for SecretAgent 5.7.1 (PDF; updated 10/23/2003)
