Riverbed has announced that the Riverbed(R) Steelhead(R) appliance has achieved an EAL4+ certification under the Common Criteria for Information Technology Security Evaluation and Certification Scheme (CCS). By obtaining this certification, Riverbed is assuring federal agencies and departments that its WAN optimisation solution meets stringent government requirements mandated for commercial information security products purchased by the U.S. government for use in national security systems. Riverbed Steelhead appliance is the first WAN optimization product to achieve this level of certification.

Common criteria is an internationally recognised standard (ISO 15408) that defines a common framework for evaluating security features, capabilities and product lifecycle processes of information technology products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have products tested against a chosen level, EAL4+ in Riverbed's case, by an independent third-party testing laboratory using the common evaluation methodology. This is followed by an independent validation of evaluation results via a common criteria certificate authorising scheme. The resulting certification report demonstrates conformance to the common criteria standard. Information assurance certification of products is mandated by the United States government for federal information technology purchases for national security systems, and common criteria meets the information assurance certification requirement. Obtaining the certification can speed the purchasing process by limiting or in some cases eliminating the need for federal agencies and their partners to endure lengthy interoperability and assurance testing. Through the Common Criteria Recognition Agreement (CCRA), the evaluations are recognised by 26 participating countries, including the United States, all EU countries, Canada, Australia, Japan and Korea. Continuing investment in the federal market common criteria is the most recent certification obtained by Riverbed to provide federal and government agencies with the highest level of information assurance.

In October 2009, Riverbed announced that its WAN optimisation solutions had undergone successful assessment by the Joint Interoperability Test Command (JITC). JITC, a military organisation under the Defense Information Systems Agency (DISA) and the Department of Defense (DoD), conducts security and interoperability testing of national security systems and information technology systems hardware, software and components. Riverbed underwent the JITC testing process in order to comply with the requirements of its DoD customers and also to provide independent third-party assurance that it complies with the highest standards of security within its WAN optimisation solution. In addition, JITC testing can speed the purchasing process by limiting or in some cases eliminating the need for the DoD and its partners to endure lengthy interoperability and assurance testing.

To further its support for federal enterprises, Riverbed continues to work on additional federal security standards. Riverbed is currently in the process of seeking Federal Information Processing Standards Publications (FIPS) 140-2 Validation for its Steelhead appliances.