Information Assurance and Security

ASTi has a proven, long-term commitment to safeguarding sensitive and classified information. ASTi develops and maintains a complete spectrum of security and information assurance solutions. All ASTi products are built upon a solid security foundation and meet numerous government accreditation standards such as DIACAP approval and Host Based Security System (HBSS) Compliance. With an eye toward upcoming NIST Risk Management Framework (RMF), rest assured that ASTi has your system covered today and in the future.

DIACAP Approved

ASTi products are accredited with Authority To Operate (ATO) status in compliance with the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). RMF is in process, contact ASTi for latest info.

Government Accreditation

Additional IA Statements and Approvals are available for: Certificate of HBSS Compliance, TEMPEST Countermeasure Review (TCR), RoIP Cross Domain Solution (CDS) Determination, Emission Security (EMSEC) Determination, and Certificate Of Networthiness (CON)

Hardening Scripts & Patches

ASTi's IA scripts and patches eliminate all DISA high- and medium-severity vulnerabilities. The simple installation process relieves system administrators of difficult, time-consuming IA management chores, and frees them to perform other critical tasks.

Clear & Helpful Reports

ASTi processes the raw STIG, SCAP, and scan reports to produce a complete breakdown of outstanding PDIs into lists of open, false-positive, and waiver items to assist analysis by the DAA.

IA Maintenance

ASTi's IA Maintenance Program is the ideal security solution for customers who require the most rigorous IA controls and conformance to DoD standards and OS patch management over the product's life cycle. IA Maintenance is bundled with Software Maintenance which also includes the latest ASTi software features & fixes.

IA Package

A convenient, single IA solution delivery package based on a specific Telestra software version and RHEL STIG pairing. This benefits the military's land, sea and flight simulation world where custom software elements are often frozen during acceptance testing.

Standard IA

All ASTi products are built upon a solid security foundation that incorporates an operating system that’s validated by the National Information Assurance Partnership (NIAP). Standard security features include minimized open ports, user authentication, multi-level security support, diskless network support, and tracking of access activity and system modifications. ASTi has integrated IA into our QA process to ensure that our products are updated with the latest critical security features, and to verify that the core integrity and performance of the product is preserved.

Learn more

IA Package

The optional IA Package facilitates compliance with the most rigorous government standards. This single-delivery package is ideal for programs that require IA compliance at initial system fielding. Benefits include:

  • Simple installation: Relieves system administrators from difficult, time-consuming IA management chores and frees them to perform other critical tasks.
  • Ease of use: No training or expertise is required to apply ASTi’s IA package, and it includes direct access to IA engineering expertise.
Learn more

IA Maintenance Program

The IA Maintenance Program provides all of the features and benefits of the IA Package in a periodic, renewable subscription service. These updates ensure ongoing compliance with the most rigorous government IA standards and mitigate the risks associated with the constantly changing IA compliance landscape.

Learn more
Standard IA IA Package IA Maintenance
RHEL NIAP OS
Minimal OS Footprint
Minimize Open Ports
MLS Options (iSCSI/diskless)
IA Lockdown Scripts See Table Latest
STIG/SCC Reports See Table Latest
ASTi Software Release See Table Latest
RHEL Patches Provided
Scheduled Updated
DIACAP Approved

Government Accreditation of ASTi Products

ASTi products are accredited through the year 2018 with Authority To Operate (ATO) status in compliance with the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). Additional IA Statements and Approvals also available:

  • Certificate of Host Based Security System (HBSS) Compliance
  • TEMPEST Countermeasure Review (TCR)
  • RoIP Cross Domain Solution (CDS) Determination
  • Emission Security (EMSEC) Determination

Contact ASTi to learn how our IA Maintenance Program facilitates implementation and ongoing compliance of your ATO or Authority to Connect (ATC) policies and how you can leverage the DIACAP reciprocity1 policy to greatly expedite your certification and accreditation process.

1

The DoD defines Reciprocity as "The mutual agreement among participating enterprises or components to accept each other’s security assessments in order to reuse IS resources and/or accept each other’s assessed security posture in order to share information.