An information assurance (IA) or IA-enabled information technology (IT) product that:
a. Uses National Security Agency (NSA)-approved public standards-based security protocols. If none are available with the necessary functionality, then uses a NSA-approved security protocol;
b. Includes (as selectable capabilities) all of the Suite B cryptographic algorithms that are functionally supported by the NSA-approved security protocol(s); and
c. Has been evaluated or validated in accordance with NSTISSP 11.
Sources:
CNSSI 4009-2015
from
CNSSP 15