Cigent SSD Clients Data Protection is a hardware and software data-at-rest (DAR) security solution built for federal, defense, and intelligence environments. It provides dual-layer encryption on M.2 NVMe SSDs (2230 and 2280 form factors) to meet NSA Commercial Solutions for Classified (CSfC) DAR requirements. Outer Layer Protection: - AES-256 Hardware Full Drive Encryption (HW FDE) with NSA-validated cryptography. Encryption keys are not stored in TPM or in aggregate. - Pre-Boot Authentication (PBA) creates a separate, secure environment to authenticate users before the OS loads. Both components are NIAP-validated and listed on the NSA CSfC DAR component list. Inner Layer Protection: - AES-256 Software Full Drive Encryption (SW FDE) with NSA-validated cryptography, validating authentication prior to OS boot. - Multi-Factor Authentication (MFA) supporting smart card authentication with a physical credential and PIN combination. Additional capabilities include: - Data sanitization via crypto and block erasure methods, executable locally, remotely, or via automated rule-based policies. Patented firmware verification confirms complete data destruction. - Enterprise administration via a Command Line Interface (CLI) tool that integrates with existing enterprise management utilities on Linux and Windows. - Available in M.2 2230 and M.2 2280 form factors. The solution supports compliance with CSfC DAR, FIPS 140-2/140-3, NIAP validation requirements, and Executive Order 14028 mandates including encryption at rest, MFA, and zero-trust access control.