Security-critical products assessed by NCSA-FI at the Finnish Transport and Communications Agency (Traficom) | Traficom
Skip to main content
National Cyber Security Center
Report incidents
Report incidents
Report incidents

Security-critical products assessed by NCSA-FI at the Finnish Transport and Communications Agency (Traficom)

Various authorities and companies have a need to submit critical products (security-critical products) for independent assessment in relation to different services and networks. Such product include various boundary protection products, products related to the lifecycle management of information, such as those for overwriting and destroying data, as well as firewalls. Similarly, companies manufacturing security-critical products have shown increasing interest in submitting their products for assessed by the Finnish Transport and Communications Agency.

When implementing security-critical products, it is important to note that the assessment report may include additional conditions. When planning new systems or in unclear situations, it is recommended to contact Traficom´s NCSA function. For products evaluated to protect nationally classified information, key management solutions are also included in the assessment, either as part of the SAA´s system approval process or through separate procedures. 

The list includes security-critical products assessed by Traficom´s Cyber Security Center, which can be used as part of systems that process classified information. The products on the list have been approved for protecting the confidentiality and integrity of information in high-threat environments.

Guidance on applying the products on the list to other threat levels in existing systems can be obtained from Traficom´s NCSA function if needed.

ProductSecurity classification levelManufacturerTypeAssessed versionsValidityConditions
INSTA Yhdyskäytävä FDDv3-10r-FTL IV, III, IIInsta Advance OyData diode gateway2.0.1Until 20 December 2026
(granted 20 December 2023)		Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from the manufacturer or Traficom´s NCSA function.
2.2.1Until 16 December 2027
(granted 16 December 2024)
INSTA Yhdyskäytävä FDDv3-1r-FTL IV, III, IIInsta Advance OyData diode gateway2.0.1Until 20 December 2026
(granted 20 December 2023)		Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from the manufacturer or Traficom´s NCSA function.
2.2.1Until 16 December 2027
(granted 16 December 2024)
Reaktor CDG yhdyskäytäväTL IV, III, II (v2.1.1)Reaktor Innovations OyData diode gateway2.1.1Until 13 June 2026 (granded 13 June 2023)Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from the manufacturer or Traficom´s NCSA function.
TL IV, III, II (v2.3.2)2.3.2Until 20 June 2027 (granded 20 June 2024)
TL IV, III, II (v3.1.1)3.1.1Until 4 April 2028 (granded 4 April 2025)
TL IV, III, II (v3.2.1)3.2.1Until 21 August 2028 (granded 21 August 2025)
Reaktor CDG yhdyskäytävä (dioditon malli)TL IV, III (v2.3.2)Reaktor Innovations OyGateway (diodeless)2.3.2Until 20 June 2027 (granded 20 June 2024)Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from the manufacturer or Traficom´s NCSA function.
TL IV, III (v3.1.1)3.1.1Until 4 April 2028 (granded 4 April 2025)
TL IV, III (v3.2.1)3.2.1Until 21 August 2028 (granded 21 August 2025)
Digia Linja yhdyskäytäväTL IV, III, IIDigia Finland OyData diode gateway25.1.0Until 12 February 2026 (granded 13 February 2025)Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from the manufacturer or Traficom´s NCSA function.
Digia Kevyt Linja yhdyskäytäväTL IV, IIIDigia Finland OyGateway (diodeless)25.1.0Until 2 June 2026 (granded 4 June 2025)Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from the manufacturer or Traficom´s NCSA function.
Navielektro L2 Data DiodeTL IV, III, IINavielektro KyData Diode1.0Until 4 April 2028 (granted 4 April 2025)Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from Traficom´s NCSA function.
Navielektro enGuard CDS yhdyskäytäväTL IV, III, IINavielektro KyData diode gateway1.5.0Until 25 February 2029 (granted 26 February 2026)Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from Traficom´s NCSA function.

ProductSecurity classification levelManufacturerTypeAssessed versionsValidityConditions
Navielektro L2 Data DiodeNR, NC, NSNavielektro KyData Diode1.0Until 4 April 2028 (granted 4 April 2025)Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from Traficom´s NCSA function.
Navielektro enGuard CDS yhdyskäytäväNR, NC, NSNavielektro KyData diode gateway1.5.0Until 25 February 2029 (granted 26 February 2026)Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from Traficom´s NCSA function.
Reaktor CDG yhdyskäytäväNR, NC, NSReaktor Innovations OyData diode gateway3.2.1Until 21 August 2028 (granded 21 August 2025)Safe use requires compliance with the usage policy established by Traficom. The instructions can be obtained from Traficom´s NCSA function.

Latest changes:

  • 18.12.2024: INSTA Gateway version 2.2.1 assessed. Older versions with expired approval have been removed from the list.
  • 14.2.2025: Digia Linja yhdyskäytävä version 25.1.0 added to the list.
  • 10.4.2025: Reaktor CDG version 3.1.1 and Navielektro L2 Data Diode added to the list.
  • 6.6.2025: Digia Kevyt Linja yhdyskäytävä version 25.1.0 added to the list.
  • 2.9.2025: Reaktor CDG version 3.2.1 added to the list.
  • 27.2.2026: Navielektro enGuard CDS 1.5.0 added to the list.

 

ProductSecurity classification levelManufacturerTypeAccredited versionsValidityConditions
PiceaServices Volume Eraser Piceasoft OyDestruction of information with security classification level IV on Android and Apple iOS mobile devices4.17.2.35Until further notice
(granted 21 December 2021)		A usage policy has been prepared for the product in connection with the assessment. For the approval to be valid, the product must be used in accordance with the policy.
YouWipe AllWipe OyDestruction of information on magnetic hard disks and SSDs, and on Android and Apple iOS mobile devices (TL IV)4.1.29Until further notice
(granted 15 June 2020)		A usage policy has been prepared for the product in connection with the assessment. For the approval to be valid, the product must be used in accordance with the policy.

CONTACT US

tuoteturva@traficom.fi

Page was last updated