- genugate and genugate Virtual Offer Maximum Protection
- New Main Release 11.0 with up to Ten Times Better Performance
- Quick, Automated Installation in Less than 5 Minutes
- Strong Encryption Without a Smart Card
Kirchheim, March 26, 2026 – For the first time, users can now also safeguard virtualized environments with the highest level of tested protection against targeted and methodical cyberattacks: The new main release 11.0 of the Firewall genugate/genugate Virtual from German IT security specialist genua GmbH, which is part of the Bundesdruckerei Group, has received certification for EAL 4+ and AVA_VAN.5 from the German Federal Office for Information Security (BSI) in accordance with the international Common Criteria standard ISO/IEC 15408.
This makes genua the first provider to offer a firewall with proven high security and tested resilience that can also be virtualized. Moreover, genugate is the first and, to date, only firewall that has been certified by the BSI as "high-resistant," meaning it provides a particularly high level of protection.
What this means for users: genugate offers the highest possible level of protection against cyber threats, both in its appliance version and as a virtual machine (VM). Public sector customers, security-critical industries, and defense organizations can rely on genugate and genugate Virtual to provide a proven, though security standard for both on-premises and cloud-based deployments.
Quick Installation, Extensive Automation
genugate stands for proven high-security protection down to the application level: This highly efficient firewall combines a packet filter with an Application Layer Gateway (ALG). It is one of the core products in genua’s extensive portfolio. With the new main release 11.0, genua was able to improve performance by up to a factor of 10 compared to genugate 10.0.
The updated operations and administration environment now supports Ansible playbooks for automated policy deployment, patch management, and monitoring. The update also includes a modernized user interface, enhanced virtualization and cloud capabilities, a significantly revamped REST API, and numerous security enhancements.
The virtualized version, genugate 11.0 Virtual, is fully compatible with the widely used hypervisors KVM and VMware. A new feature is the vastly simplified, automatable installation process: This enables the rapid deployment of preconfigured genugate virtual instances, thereby facilitating highly efficient, dynamic scaling even in high-availability environments.
Strong Cryptography Without Smart Card
genugate 11.0 uses a jitter random number generator. Jitter RNG generates strong random numbers for highly secure cryptography. Up until now, this required a smart card. genua now offers a much more user-friendly alternative.
"The BSI certification for genugate 11.0, granted by the BSI-accredited inspection body secuvera, is a milestone for genua and for our customers. The customers benefit from significantly higher data throughput, optimized operation, extensive automation, and an even higher level of security," says Matthias Ochs, Managing Director of genua GmbH. "With the successful Common Criteria evaluation, secuvera confirms that our security platform, genugate, meets strict international standards —both as an appliance and as a virtualized solution— and has been proven to provide protection for the world’s most complex environments.
"The successful recertification of genugate 11 demonstrates the high quality and maturity of genua’s security architecture." Particularly noteworthy are the rigorous augmented requirements and modern patch management approaches in accordance with ISO/IEC TS 9569. These enable the efficient integration of updates into the certification process. "At the same time, the project underscores just how crucial experience and methodological depth are in Common Criteria evaluations —and that is precisely the expertise we bring to the table as a inspection body," says Tobias Glemser, Managing Director of secuvera GmbH.
Background: Common Criteria, EAL, and AVA_VAN
The "Common Criteria for Information Technology Security Evaluation (CC)" are internationally recognized criteria for testing and evaluating the security of IT products. The CC criteria serve as a benchmark and are suitable for evaluating the security properties of virtually all information technology products. The audit is generally conducted by an inspection body recognized by the BSI.
Within the Common Criteria (ISO/IEC 15408), the extension component AVA_VAN.5 stands for "Advanced Methodical Vulnerability Analysis." It is the highest level within the AVA_VAN family (Vulnerability Assessment) and is typically required for products with extremely high security requirements (High Assurance). Unlike the lower levels, it assumes an attacker with "high attack potential", whereas the lower levels are designed to stop an attacker with "moderate attack potential".
Further information
- High Resistance Firewall genugate
- High Resistance Firewall genugate Virtual
Image caption
As the first virtualized firewall, genugate Virtual —like the appliance version of genugate— meets the high security standards required by the BSI for EAL 4+ and AVA_VAN.5 certification. © genua GmbH
