CSA rates router security and lifespan

[Justinh]

Just ran across https://www.csa.gov.sg/our-programm.../cybersecurity-labelling-scheme/for-consumers
Originating in Singapore, the org has agreements with other countries.
They rate hardware security levels 1-4.
Browse their data by device type and mfr https://www.csa.gov.sg/our-programm...ersecurity-labelling-scheme-(cls)product-list

What I find really interesting is the "Date of Expiration" for each device. I guess the listed expiration (mfr could change their mind) and the security level (could be better but not tested to prove it) is a minimum. I don't know how which devices are chose for more testing by a third-party

 

[ColinTaylor]

It was also mentioned here: https://www.snbforums.com/threads/ax56u-eol-and-security.88323/

 

[sfx2000]

What I find really interesting is the "Date of Expiration" for each device. I guess the listed expiration (mfr could change their mind) and the security level (could be better but not tested to prove it) is a minimum. I don't know how which devices are chose for more testing by a third-party

this is all on the vendor to maintain their certification.

Note that this is not a mandatory requirement...

 

[Tech9]

They rate hardware security levels 1-4.

Google Nest Wifi - Level 4. One per customer, please. There will be a Nest for everyone.

 

[sfx2000]

Google Nest Wifi - Level 4. One per customer, please. There will be a Nest for everyone.

I saw that - remember that the Google Nest WiFi (and all the google wifi devices) are basically headless chromebooks... and have some level of management by Google,

They don't have a WebUI, and pretty limited on what can do for configuration - I'm not sure that's a negative for folks that just need WiFi to work.

 

[Justinh]

They don't have a WebUI, and pretty limited on what can do for configuration - I'm not sure that's a negative for folks that just need WiFi to work.

Maybe that's how they achieved Level 4 - don't build in or expose any functionality but the bare minimum.