What is CSFC?

Commercial Solutions for Classified (CSfC) is a program sponsored by the National Security Agency (NSA) that allows commercial products to be used to protect classified National Security Systems (NSS) data.

What is a CSfC Trusted Integrator?

A CSfC Trusted Integrator is a third-party contractor who has been certified by the NSA as having met the NSA’s strict criteria as well as having the technical expertise to assist and guide organizations through the CSfC process. MAG’s CSfC Trusted Integrator designation means our organization has demonstrated that we have the team and processes in place to architect, design, integrate, document, field, and support systems which meet the requirements within the CSfC program and specifically within a CSfC capability package.

Why Use a Trusted Integrator?

The CSfC process can be timely and complicated with its various capabilities packages, diagrams, and detailed requirements. Take tax preparation, for example; it’s easy enough until you have real estate, investments, businesses, etc. At some point, you call an experienced tax accountant to help you navigate through the maze. Likewise, a Trusted Integrator can help you navigate the CSfC process. What differentiates MAG from other CSfC Trusted Integrators is our practical experience with the full CSfC process and our relationship with the CSfC teams, including:

• Relationship with CSfC teams

• Completion of the NSA Application/Capabilities Packages

• Understanding the IAC criteria/compliance checklist for integrators

Information Assurance Capabilities - Criteria for Integators

MAG’s CSfC Experience

In 2014, MAG completed the first full implementation of secure (SIPR) wireless within the Department of Defense using the CSfC Campus Wireless Capability Package. As a CSfC Trusted Integrator, MAG also guides and maintains numerous wireless CSfC registrations and yearly reaccreditations. Beyond Campus, MAG has the expertise and experience to provide government clients a turnkey solution for all of the four capability programs:

• Campus Wireless

• Mobility Access (MA)

• Multi-Site Connectivity (MSC)

• Data at Rest (DAR)

Click on the case studies for detailed information illustrating our practical experience with the full CSfC process and our working relationship with the CSfC teams.

Leading the Team

Jim Thompson (CCIE #1758) is a Principal Network Engineer at MAG Aerospace. Prior to working for MAG Aerospace, Jim had over 30 years’ experience in networking where he worked with several Internet Service Providers and the enterprise networks of Fortune 500 companies. At MAG Aerospace, Jim was instrumental in the 2014 implementation and deployment of a CSfC Campus WLAN capability package with re-registrations through this year which included extending the capability into using Lifi for the outside tunnel. With his continued experience implementing DAR, MA, and MSC capability packages, Jim was then instrumental in MAG Aerospace being approved as a CSfC Trusted Integrator. Jim was one author of the Cisco Press book, “Performance and Fault Management” and has published several internal papers on network simulation methodology. He recently served on the Trusted Integrator Panel at the 2021 CSfC Conference in Bethesda, MD. Jim is a retired SGM, USA.

A Brief Overview of the CSFC Process

From the initial customer request to yearly recertification, MAG’s specialized team guides you every step of the way for the successful implementation of your NSA CSfC Capability Package. Each request is customized to fit your specific needs and may include the following steps:

1. Customer requests a service which fits within a CSfC Capability Package.

2. Form a specialized team for the project.

3. Project team members research the CSfC Capability Package to ensure success of the lab implementation, testing, and documentation.

4. Project team members check the specific package against the latest CSfC Capabilities Checklist.

5. Project team members check the specific package against the latest CSfC Risk Management lists and create a mapping.

6. Customer/project team meet to discuss details of customized CSfC Capability Package (i.e., architecture, equipment, requirements, registration ID numbers, etc.).

7. Build CSfC CP architecture diagrams and high-level design document.

8. Perform Firewall and Encryption checks.

9. Perform capability checklist walkthrough to ensure proposed architecture meets CSfC requirements.

10. Develop comprehensive test plan including customer-specific tests on scalability, management, and packet collection points.

11. Build a standalone lab for specific CP being implemented.

12. Walkthrough Capabilities Checklist using the test plan against the standalone network.

13. Using diagrams and Capabilities Checklist, build security and personnel documents required by the customer.

14. Complete the Capabilities Checklist pdf form according to answers verified in the test plan.

15. Create appropriate deviation memorandum.

16. Fill out CSfC Registration Package.

17. Meet with customer to provide and discuss test results, test plan report, and full registration package.

18. Customer sends completed package to the CSfC; follow-up with CSfC PMO.

19. CSfC document emailed to customer for signature.

20. Maintain customer documentation for re-registration at one year mark.