ASTi has a proven, long-term commitment to safeguarding sensitive and classified information. ASTi develops and maintains a complete spectrum of security and information assurance solutions. All ASTi products are built upon a solid security foundation and meet numerous government accreditation standards such as DIACAP approval and Host Based Security System (HBSS) Compliance. With an eye toward upcoming NIST Risk Management Framework (RMF), rest assured that ASTi has your system covered today and in the future.
ASTi products are accredited with Authority To Operate (ATO) status in compliance with the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). RMF is in process, contact ASTi for latest info.
Additional IA Statements and Approvals are available for: Certificate of HBSS Compliance, TEMPEST Countermeasure Review (TCR), RoIP Cross Domain Solution (CDS) Determination, Emission Security (EMSEC) Determination, and Certificate Of Networthiness (CON)
ASTi's IA scripts and patches eliminate all DISA high- and medium-severity vulnerabilities. The simple installation process relieves system administrators of difficult, time-consuming IA management chores, and frees them to perform other critical tasks.
ASTi processes the raw STIG, SCAP, and scan reports to produce a complete breakdown of outstanding PDIs into lists of open, false-positive, and waiver items to assist analysis by the DAA.
ASTi's IA Maintenance Program is the ideal security solution for customers who require the most rigorous IA controls and conformance to DoD standards and OS patch management over the product's life cycle. IA Maintenance is bundled with Software Maintenance which also includes the latest ASTi software features & fixes.
A convenient, single IA solution delivery package based on a specific Telestra software version and RHEL STIG pairing. This benefits the military's land, sea and flight simulation world where custom software elements are often frozen during acceptance testing.
All ASTi products are built upon a solid security foundation that incorporates an operating system that’s validated by the National Information Assurance Partnership (NIAP). Standard security features include minimized open ports, user authentication, multi-level security support, diskless network support, and tracking of access activity and system modifications. ASTi has integrated IA into our QA process to ensure that our products are updated with the latest critical security features, and to verify that the core integrity and performance of the product is preserved.Learn more
The optional IA Package facilitates compliance with the most rigorous government standards. This single-delivery package is ideal for programs that require IA compliance at initial system fielding. Benefits include:
The IA Maintenance Program provides all of the features and benefits of the IA Package in a periodic, renewable subscription service. These updates ensure ongoing compliance with the most rigorous government IA standards and mitigate the risks associated with the constantly changing IA compliance landscape.Learn more
|Standard IA||IA Package||IA Maintenance|
|RHEL NIAP OS|
|Minimal OS Footprint|
|Minimize Open Ports|
|MLS Options (iSCSI/diskless)|
|IA Lockdown Scripts||See Table||Latest|
|STIG/SCC Reports||See Table||Latest|
|ASTi Software Release||See Table||Latest|
|RHEL Patches Provided|
ASTi products are accredited through the year 2018 with Authority To Operate (ATO) status in compliance with the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). Additional IA Statements and Approvals also available:
Contact ASTi to learn how our IA Maintenance Program facilitates implementation and ongoing compliance of your ATO or Authority to Connect (ATC) policies and how you can leverage the DIACAP reciprocity1 policy to greatly expedite your certification and accreditation process.
The DoD defines Reciprocity as "The mutual agreement among participating enterprises or components to accept each other’s security assessments in order to reuse IS resources and/or accept each other’s assessed security posture in order to share information.