Trusted Security Solutions for the Department of Defense
U.S. Department of Defense Unified Capabilities Approved Products List
The U.S. Department of Defense DoD Unified Capabilities (UC) Approved Products List (APL) certification process is the responsibility of the Defense Information Systems Agency (DISA) Unified Capabilities Certification Office (UCCO). Certifications are performed by approved distributed testing centers including the Joint Interoperability Test Command (JITC) at Fort Huachuca near Sierra Vista, Arizona, USA.
DoD customers can purchase only unified-capabilities–related equipment, both hardware and software, that has been certified. Certified equipment is listed on the (DoD) UC APL. UC APL certifications verify that the system complies with and is configured consistent with the DISA Field Security Office (FSO) Security Technical Implementation Guides (STIG).
UC APL certifications testing consists of two sections, interoperability (IO) and information assurance (IA) testing. The IO testing ensures that the product meets the requirements as detailed in the Unified Capabilities Requirements (UCR) test plan and that the system is able to interoperate with other vendors. The IA section of the test verifies the system complies with and is configured consistent with the DISA FSO STIG. STIG requirements include proper user privilege assignment and restrictions, password policies (complex passwords, proper treatment of inactive accounts, password expiration, password reuse, account lockout, etc.), proper file protections, and auditing and logging capabilities. Only after successful completion of both IO and IA testing is a product placed on the APL. Configuration guides are available upon request.
For more information about the UC APL process and to find Cisco products that are on the APL, visit the DISA website.