IPSec Criteria

The current IPSec certification criteria is version 3.0.

3.0 is an amalgamation of IPSec criteria version 1.3 (IKE) and IPSec criteria version 2.2 (IKEv2). In addition to merging the two criteria documents ICSA Labs updated the cryptography requirements.

Effective immediately all IPSec certification testing will conducted against the requirements enumerated in version 3.0 of the criteria. Products currently certified against either version 1.3 or version 2.2 of the IPSec crtiera will have the certifications remain in place. ICSA Labs will, over the coourse of the next few months, verify that the currently certified producst will meet the version 3.0 requirements.

For historical purposes you can find the version 1.3 crtieria here and the version 2.2 crtieria here.

The certifications offered are:

  • IPSec IKE Basic
  • IPSec IKE Enhanced
  • IPSec IKEv2 Basic
  • IPSec IKEv2 Enhanced
  • IPSEC IKE/IKEv2 Basic
  • IPSec IKE/IKEv2 Enhanced


Basic certification ensures that the product meeets the pre-shared key secret authentication requirements. While, Enhamced certifications ensure that the product meets the digital certificate authentication requirements enumerated for IKE or IKEv2.

IPSec criteria, version 3.0 (PDF)103.61 KB