Directory of-infosec-assured-products


Published on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Directory of-infosec-assured-products

  2. 2. CONTENTS INTRODUCTION Page 3-4 IACS Introduction to CESG Infosec Assurance and Certification Services Page 5-8 CLEF Contact Details Page 9 International Certification Body Contact Details Page 9 CC and ITSEC Certified Products • Smart Cards Page 10 • PC Access Control Page 11-13 • Operating Systems Page 14-18 • Networking Page 19-24 • Firewalls Page 24-31 • Communications Page 32-37 • Databases Page 38-43 • Miscellaneous Page 43-44 PROTECTION PROFILES Introduction to Protection Profiles Page 45 List of Protection Profiles products Page 46-49 CAPS Introduction to CESG Approved Products Scheme Page 51-52 CAPS products • Data Encryption Page 53-55 • Communications Security Page 55-57 • Access Control Page 58-61 • Miscellaneous Page 62 TEMPEST Introduction to Tempest Page 63 List of Tempest approved products Page 64-66 Company names and addresses Page 67-68 INDEX Page 69-702
  3. 3. INTRODUCTION This ‘Directory of Infosec Assured Products’ is a new publication that replaces the former UKSP-06. It has been produced as a top-level guide for both product developers, vendors and end-users, and gives details of the means by which security products are approved or certified, an overview of the products’ features, and the context in which they should be used. The Directory will be updated on an annual basis. However, as new products are regularly being approved and certified, these will be reflected on CESG’s websites, accessible via, as and when they become available. The first part of the Directory contains an introduction to CESG’s Infosec Assurance and Certification Services [IACS]. IACS has been created to provideThe Communications-Electronics a seamless service to customers, andSecurity Group [CESG] is the UK’s products listed in the sections whichNational Technical Authority for follow cover the various aspects of IACS.Information Security. As part of this It is recognised that, in practice,remit, CESG works closely with IT customers will require more specificdevelopers and vendors to provide guidance. The IACS management officeend users with a choice of products has therefore been created to providewhose security features have been advice and guidance to developers,objectively assessed and which vendors and end-users on the mostmeet clear standards of security appropriate solution to their specificassurance. assurance requirements. This is followed by a description of the mechanisms by which products are certified under ITSEC or Common Criteria, a list of certified products, and an explanation of ‘protection profiles’. Also contained in the Directory is a brief description of the new ‘Fast Track Assessment’ (FTA) service which has been designed to assess IT security products at the specific behest of customers in government. 3
  4. 4. The Directory next has a section covering the CESG Assisted Products Scheme [CAPS]. This scheme ensures that government and public sector users have access to a wide range of approved products that employ cryptographic security measures. These products have undergone a thorough investigation of the security offered by the cryptography employed, whether this is through implementation of a CESG algorithm or a public domain algorithm. Finally, there is a section containing an introduction to TEMPEST services and a list of TEMPEST certified products. Inevitably, a directory such as this cannot cover all aspects of approved or certified Infosec products and related services. Customers may need more in-depth guidance and advice, and contact details are therefore provided in each of the relevant sections. For any general queries regarding CESG’s wider range of Infosec services, please contact the marketing office, details for which are given on the back page of this directory.4
  5. 5. IACS(IACS) Infosec Assurance and Certification Services The IACS approach For Developers… Technical assessors from IACS will work with developers or end users to define the best solution to their assurance requirements. By understanding the developer’s goals, IACS can define the most effective assessment package to achieve them. An assessment package could include: s Internationally recognised CC or ITSEC Certification s Cryptographic approval for HMG and the CNI (usually carried out under CAPS) s Fast Track assessment of products for HMG and the CNI s Systems assessments at all levels forIT products and systems evolve HMG and commercerapidly and are increasingly diverseand complicated. Similarly, customer For End Users…requirements change and expand to Products which have been certified bycounter new threats and to adapt us, or by our partners around the world,to new ways of working. CESG has offer end users ready-made assurance.brought together its assurance Where a Government or CNI customerservices under IACS to offer has a requirement for assurance in anbespoke solutions to these uncertified product, we can perform anew security challenges. Fast Track Assessment. This allows the customer to determine whether the product is appropriate for his needs. If assurance is required in a system, then a range of packages, including IT Health Check, is available. e-mail: IACS Management Office PO Box 152 Cheltenham Gloucestershire GL52 5UF Tel. +44 (0)1242 238739 Fax: +44 (0)1242 235233 5
  6. 6. Formal Evaluation and Certificate Maintenance Scheme Certification Evaluation results only apply to a The products within this section have specific version of a product, and any been certified against either Common subsequent changes (including patches, Criteria or IT Security Evaluation Criteria hot fixes and service packs) to that (ITSEC). Certificates are awarded product may invalidate those results following extensive testing of the and, therefore, the Certificate. Because product’s IT security features to ensure the evolution of products is so rapid, that those features meet an agreed the Certificate Maintenance Scheme Security Target. Results of a successful (CMS) has been devised in response. evaluation are published in a CMS provides a means of maintaining Certification Report. This contains the same level of assurance in a product additional information and advice on after certification without the need for how the certified product should be re-evaluation. used and any restrictions that may apply in its configuration or use on specific ITSEC platforms. Prospective purchasers of ITSEC is the set of criteria used for the certified products should read both the past decade by Europe and Australasia ST and the CR to ensure that the for the evaluation of products and product is suitable. STs and CRs are systems. ITSEC was a major building available from the developers and, in block in the formulation of the addition, can usually be downloaded Common Criteria. from the CESG web site. Common Criteria What is a Security Target? CC represents the outcome of international efforts to align and This is a document specifying the develop the existing European and security functionality of a product and North American criteria and has been the assurance level against which it is ratified as ISO standard 15408. The evaluated as well as a description approximate assurance correspondence relating the product to the environment between ITSEC and CC is shown below. in which it will operate. A fuller description of the testing carried out at each assurance level is contained Vulnerabilities on the web site. Certification is not a guarantee of freedom from security vulnerabilities; Common Criteria ITSEC there remains a possibility that exploitable vulnerabilities may be EAL1 – discovered after a Certificate has been EAL2 E1 awarded. Users and prospective EAL3 E2 purchasers should check regularly whether any security vulnerabilities have EAL4 E3 been discovered since certification and, EAL5 E4 if appropriate, should check with the EAL6 E5 vendor to see if any patches exist for the product. EAL7 E66
  7. 7. International Mutual Recognition on products which have been assessedDevelopers whose products are certified elsewhere. Links are available from theagainst ITSEC or CC enjoy the benefits of CESG web site and contact details foran internationally recognised Certificate. the other recognised Certification BodiesIn this brochure we detail only those appear on page 9.products which have been evaluated in HMG Departments wishing to usethe UK, but end users should access the foreign certified products inother relevant national web sites to environments where national security isobtain the most up to date information an issue are advised to consult CESG.Our Certificates are currently recognised as follows: Assurance Levels Recognised Evaluation – CESG working Australia & ITSEC E1-E6 with industry New Zealand CC EAL1-4 Formal evaluation in the UK is carried Canada out by independent testing laboratories Israel CC EAL1-4 known as CLEFs which are appointed by USA the Certification Body in CESG. CLEFs meet rigorous security and ISO/IEC France 17025 quality standards. The UK has 5 Finland CLEFs, which can be contracted to carry out both evaluation and preparatory Germany consultancy work. CLEF contact details Greece are on page 9. Italy ITSEC E1-E6 CC EAL 1-7 The results of the testing of the product Netherlands are provided to the Certification Body in Norway an evaluation technical report which Spain forms the basis of the Certification Sweden Report. The CB is part of CESG and is Switzerland itself accredited by UKAS to EN45011 for its ITSEC and CC certifications.CESG recognises Certificates from other international bodies as follows: Certification/Validation Recognised Assurance LevelsAISEP, Australia Common Criteria EAL1 to EAL4, ITSEC E1 to E6BSI, Germany Common Criteria EAL1 to EAL7, ITSEC E1 to E6CSE, Canada Common Criteria EAL1 to EAL4DCSSI, France Common Criteria EAL1 to EAL7, ITSEC E1 to E6NIAP, USA Common Criteria EAL1 to EAL4 7
  8. 8. Fast Track Entering into evaluation Fast Track Assessment (FTA) provides a within IACS fast, flexible, cost-effective process for Developers need to contact both a CLEF the generation of a CESG endorsed and the IACS Management Office in order assessment of the extent to which to determine what sort of evaluation is security-enabled products meet the to be carried out and how much the Infosec requirements of Sponsors, in service will cost. It may be advisable to accordance with national Infosec policy. obtain some technical consultancy Sponsors would be central and local services prior to the commitment to government, and Critical National evaluation, and guidance and advice is Infrastructure (CNI) services, where it is available from the CLEFs, the IACS MO in the national interest. FTA tailors each and CESG Listed Advisor Scheme assessment to the context of the consultants. The need for evaluation intended use of the product, resulting in consultancy should be discussed with the a report that provides authoritative IACS MO and the CLEFs at the start of guidance on the product’s suitability. the product evaluation lifecycle. The FTA service provides the assurance Where cryptography is a key function of required by identified sponsors in products the security functionality offered by the whose market and limited cryptography product and the intended end users do not justify formal evaluation and include HMG clients, then this must be certification, or evaluation under CAPS. assessed by CESG. This can be done The FTA Service is intended to address under the CESG Assisted Products assurance requirements in the low to Scheme (CAPS) and as a single package medium range. with ITSEC/CC or Fast Track evaluations or assessments. The IACS Management Office is happy to System Evaluations provide more information on any of the System evaluation is highly relevant as a Assurance and Certification Services means of minimising risk and as a briefly described here. confidence hallmark for trading partners, especially as systems typically comprise a combination of certified and uncertified products. Important benefits of such evaluations are demonstrable compliance with the provisions of the Data Protection Act (1998), and supporting evidence that will enhance existing ISO17799 accreditation and assist in demonstrating compliance with BS7799 Part 2. CESG offers a number of flexible options including evaluations where only limited functionality is tested and evaluation against an assurance profile (eg E3 for firewall, E2 for authentication, E1 for audit) to meet differing requirements. For Government or CNI users there is also the option of a system IT Health Check.8
  9. 9. CLEF Contact Details Foreign Scheme Contact DetailsCMG Admiral (CLEF) AustraliaKing’s Court High Street The AISEP ManagerCamberley Certification & Evaluation GroupSurrey GU15 3RN Information Security BranchTel. +44 (0) 1276 686678 Defence Signals DirectorateFax. +44 (0) 1276 691028 Locked Bag 5076, Kingston ACT 2604Ralph Worswick Tel. +61 2 6265 Fax. +62 2 6265 0328EDS Ltd (CLEF)Wavendon Tower CanadaWavendon www.cse.dnd.caMilton Keynes Communications Security EstablishmentBucks MK17 8LX Criteria CoordinatorTel. +44 (0) 1908 284234 IT Security Standards and InitiativesFax. +44 (0) 1908 284393 PO Box 9703, TerminalTrevor Hutton Ottawa, Canada K1G Tel. +1 613 991 7600 Fax. +1 613 991 7411IBM Global Services (CLEF)Meudon HouseMeudon Avenue FranceFarnborough www.scssi.gouv.frHants GU14 7NB Direction Centrale de la Sécurité desTel. +44 (0) 1252 558081 Systèmes d’Information,Fax. +44 (0) 1252 558001 18, Rue du Docteur ZamenhofBob Finlay F-92131, Cédex, France Tel. +33 141 463784Logica UK Ltd (CLEF) Fax. +33 141 463701Chaucer HouseThe Office ParkSpringfield Drive GermanyLeatherhead www.bsi.bund.deSurrey KT22 7LP Bundesamt für Sicherheit in derTel. +44 (0) 1372 369831 InformationstechnikFax. +44 (0) 1372 369834 Referat II 2, Godesberger Allee 183Simon Milford 53175 Bonn, Tel. +49 228 9583 141 Fax. +49 228 9582 455Syntegra (CLEF)Guidion House USAHarvest Crescent Park, Fleet National Information AssuranceHants GU13 8UZ PartnershipTel. +44 (0) 1252 778837 100 Bureau Drive (Mailstop 8930)Fax. +44 (0) 1252 811635 Gaithersburg, MD 20899-8930, USAJanet Scruby Tel. Fax. +1.301.948.0279 9
  10. 10. IACS – SMART CARDS MONDEX Purse 2.0 Multos v3 on Hitachi H8/3112 ICC ITSEC E6 ITSEC E6 Certificate Number: P129 September 1999 Certificate Number: P130 September 1999 CLEF: Logica CLEF: Logica The MONDEX Purse is an electronic purse MULTOS is a secure, multi-application operating designed to provide individuals and businesses system for use on an Integrated Circuit Card with an electronic alternative to the use of notes (ICC) (smartcard), to manage, segregate and and coins for making cash payments. Mondex execute applications written for MULTOS (such as electronic cash is stored on Integrated Circuit loyalty, ticketing, credit, debit and electronic Cards (ICCs), also known as smartcards. purse). This implementation of the MULTOS-3 MONDEX Purse Release 2.0, developed by specification, developed by platform seven and platform seven and Mondex International, has Mondex International, has been evaluated on an been evaluated when running on MULTOS Hitachi H8/3112 ICC. Applications are loaded by Version 3, (which has been separately evaluated MULTOS into the ICC’s EEPROM. During the to ITSEC E6) and the Hitachi H8/3112 ICC. production process, each ICC is injected with a unique EEPROM identifier and a unique symmetric key known only to the MULTOS Security Manager. Once loaded, MULTOS ensures that the application is segregated from any other applications present on the card. SUPPLIER: SUPPLIER: MAOSCO Ltd, 47-53 Cannon Street MAOSCO Ltd, 47-53 Cannon Street London EC4M 5SQ London EC4M 5SQ Point of contact: David Meadon Point of contact: David Meadon Telephone: +44 20 7557 5420 Telephone: +44 20 7557 5420 Facsimile: +44 20 7557 5430 Facsimile: +44 20 7557 5430 Email: Email: URL: URL: DEVELOPER: DEVELOPER: Platform7, 6th Floor, 1-2 Finsbury Square Platform7, 6th Floor, 1-2 Finsbury Square London EC2A 1AA London EC2A 1AA Telephone: +44 (0) 20 7714 8492 Telephone: +44 (0) 20 7714 8492 Facsimile: +44 (0) 20 7714 8246 Facsimile: +44 (0) 20 7714 8246 URL: URL: http://www.platform7.com10
  11. 11. IACS – PC ACCESS CONTROLKILGETTY PLUS NT4 v1.0 KILGETTY PLUS v1.2hGovernment use only Government use onlyITSEC E3 ITSEC E3Certificate Number: P112, Issue 2 May 2000 Certificate Number: p105 November 1998CLEF: EDS CLEF: CMG AdmiralKILGETTY PLUS NT4 is a total hard disk KILGETTY PLUS is a total disk encryptionencryption product, which protects government product, which protects government data againstdata (protectively marked up to TOP SECRET) unauthorised access in the event of loss. For useagainst unauthorised access in the event of loss. with IBM compatible computers running Microsoft DOS, Win 3.1 and Win 9x, all data thatKILGETTY PLUS NT4 is for use with IBM is held on the computer’s hard disk is fullycompatible computers running Microsoft encrypted, including data structures, operatingWindows NT4, with hard disks up to 7.8GB in system and applications. Access is via a touchsize. All data that is held on the computer’s hard memory device (read by a reader attached to thedisk is fully encrypted, including data structures, serial port), user identity and password.operating system and applications. Access is via atouch memory device (read by a reader attached KILGETTY PLUS provides CESG approvedto the serial port), user identity and password. protection for data protectively marked up to TOP SECRET and is suitable for hard disks upKILGETTY PLUS NT4 was evaluated on Microsoft to 4GB.Windows NT4 Server and Workstation versionswith Service Packs 3, 4, 5, and 6a.The Software Box The Software BoxGreen Park Business Centre, Goose Lane Green Park Business Centre, Goose LaneSutton on the Forest, York YO6 1ET Sutton on the Forest, York YO6 1ETUnited Kingdom United KingdomPoint of Contact: The Security Group Point of Contact: The Security GroupTelephone: +44 (0) 1347 812100 Telephone: +44 (0) 1347 812100Email: Email: URL: 11
  12. 12. IACS – PC ACCESS CONTROL Portcullis Guardian Angel Reflex Disknet for NT v 5.01D1 v1.20 ITSEC E2 ITSEC E2 Certificate Number: 98/93 January 1998 Certificate Number: P125 July 1999 CLEF: Syntegra CLEF: Logica The security mechanisms of this pre-DOS loader Reflex Disknet for Windows NT Data Security are designed to enforce PC access control for a works by creating a “shield” around every system. hierarchy of users. The security barriers are Disknet denies access to the hard disk if the imposed by: target PC is booted from a floppy and the • Authentication using passwords encrypted by system can be configured to prevent any booting an endorsed implementation of the CESG from floppy if required. It prohibits users FIREGUARD algorithm. tampering with PC configurations and prevents the introduction of unauthorised/illegal software. • User security profiles, auditing and a File PSG module prevents modification or deletion of Access Control Matrix managing access to the existing files, and prevents any changes to data. applications. PSG will also prevent any • Blocking non-authenticated programs to executable files being installed. prevent the introduction of malicious code (e.g. Viruses). • Disk certification preventing the use of floppy disks not formatted by Guardian Angel. • Encryption of data using an endorsed implementation of the CESG RED PIKE algorithm to protect files being exported or transmitted. Portcullis Computer Security Ltd Reflex Magnetics The Grange Barn, Pikes End 31-33 Priory Park Road, London NW6 7HP Pinner, Middlesex HA5 2EX United Kingdom Point of contact: Alan Romanis Point of contact: Andy Campbell Telephone: +44 (0) 208 868 0098 Telephone: +44 (0) 20 7372 6666 Facsimile: +44 (0) 208 868 0017 Facsimile: +44 (0) 20 7372 2507 Email: Email: URL: URL: http://reflex-magnetics.com12
  13. 13. IACS – PC ACCESS CONTROLSeNTry 20/20 STOPLOCK V v2.23a STOPLOCK VSC v2.23 STOPLOCK V SCenSOS v2.23aCOMMON CRITERIA EAL1 ITSEC E3Certificate Number: P100 July 1998 Certificate Number: 96/65a September 1996CLEF: IBM Global Services CLEF: LogicaSeNTry 2020 enables users to store files securely Stoplock V is a software based access controlby generating an encrypted virtual drive on the package for use on IBM PCs and compatibleshost PC hard disk, access to which is restricted running MS-DOS or Windows 3.x. It providesvia a passphrase. The virtual drive can be tools for the controlling, monitoring andformatted to either NTFS or FAT file systems and protection of data. Stoplock V/Sc includes anall files are encrypted in real-time. At any time additional smartcard for user authentication andthe user can dismount the drive or if required, user management, and Stoplock V SCenSOSset an inactivity threshold for automatic provides integration with the SCenSOS operatingdismount. system for networked control and system management.The software can be installed on either aWindows NT Server or NT Workstation The evaluated functions include:(Version 4.0 SP3). The size of the virtual • Identification and Authentication;drive is limited by the OS and can utilise thefollowing encryption algorithms: • Access Control:• MDC/SHS - enhanced boot protection• DC/RIPM - access restrictions to files and directories• Cast - rights defined by administrators only• Square• DES • Trusted Processes defined by a privileged user.• MDC/SHA1 • Accountability and Audit:• Blowfish - Audit trail of various events• Triple DES - audit trail may only be accessed by privileged• Safer users.MIS Corporate Defence SolutionsMIS House, Hermitage Court Conclusive Logic LtdHermitage Lane, Maidstone Babbage House, 55 King Street,Kent ME16 9NT, United Kingdom Maidenhead, Berkshire SL6 1DU United KingdomTelephone: +44 (0) 1622 723400 Point of contact: Steve MathewsFacsimile: +44 (0) 1622 728580 Telephone: +44 (0) 1628 470900Email: Facsimile: +44 (0) 1628 470901URL: URL: 13
  14. 14. IACS – OPERATING SYSTEMS Argus B1/CMW Argus B1/CMW v1.2 for Solaris 2.4 v1.3.2 for Solaris 2.4 Argus C2/TMW Argus C2/TMW v1.2 for Solaris 2.4 v1.3.2 for Solaris 2.4 ITSEC E3 F-B1 CMW ITSEC E3 F-C2 TMW ITSEC E3 F-B1 CMW ITSEC E3 F-C2 TMW Certificate Number: Certificate Number: 96/73a (B1/CMW, x86 platform) 99/89a (B1/CMW, x86 platform) December 1996 September 1999 96/73b (C2/TMW, x86 and SPARC platforms) 99/89b (C2/TMW, x86 and SPARC platforms) December 1996 September 1999 CLEF: CMG Admiral CLEF: CMG Admiral The Argus TMW and CMW products are The Argus TMW and CMW products are workstation/server enhancements that bring an workstation/server enhancements that bring an off-the-shelf Solaris 2.4 system up to labeled-C2 off-the-shelf Solaris 2.4 system up to labeled-C2 and B1 level respectively. Each provides full and B1 level respectively. Each provides full floating information label functionality. The CMW floating information label functionality. The CMW product also provides mandatory access control product also provides mandatory access control (MAC) based on sensitivity labels. Both support (MAC) based on sensitivity labels. Both support labelled printing and a complete labelled X- labelled printing and a complete labelled X- windows subsystem for system-high (TMW) and windows subsystem for system-high (TMW) and multilevel (CMW) operations. Each can operate multilevel (CMW) operations. Each can operate in either X-window or command-line mode for in either X-window or command-line mode for desktop or server applications. The evaluation desktop or server applications. The evaluation included trusted networking, trusted path, least included trusted networking, trusted networked privilege, audit, and other functionality. access, trusted path, least privilege, superuser emulation, audit, and other functionality. Argus Systems Group, Inc. Argus Systems Group, Inc. 1809 Woodfield Drive, Savoy, IL 61874, USA 1809 Woodfield Drive, Savoy, IL 61874, USA Point of contact: Paul A. McNabb Point of contact: Paul A. McNabb Telephone: +1 217 355 6308 Telephone: +1 217 355 6308 Facsimile: +1 217 355 1433 Facsimile: +1 217 355 1433 Email: Email: URL: URL: http://www.argus-systems.com14
  15. 15. IACS – OPERATING SYSTEMSHewlett Packard IBM DYNIX/ptx UnixHP-UX 10.20 v4.1 SLS and 4.1a SLS on Symmetry 5000 Systems (models SE30 and SE40)ITSEC E3 /CESG ASSISTED PRODUCTS SCHEME ITSEC E3Certificate Number: P111 February 1999 Certificate Number: 97/74 February 1997CLEF: CMG ADMIRAL CLEF: LogicaHewlett-Packard’s HP-UX version 10.20 is an DYNIX/ptx is a secure Operating System certifiedX/Open UNIX 95 branded product, meaning that to E3 F-C2, and is IBM’s enhanced version ofit conforms with X/Open’s Single UNIX UNIX for the Symmetry series of symmetricSpecification (SPEC1170). In addition HP-UX multiprocessing systems. DYNIX/ptx conforms to10.20 complies with such standards as X/Open all the leading industry operating systems standards, including IEEE POSIX 1003.1-1990,Portability Guide Issue IV Base Profile (XPG4), FIPS, X-Open, XPG4, Intel ABI+, OSF AES andOSF AES, IEEE POSIX 1003.1 and 1003.2, SVID USLSVID3. DYNIX/ptx includes specific support3 level 1 APIs, as well as all major de facto APIs for operations with concurrent user populationssuch as BSD 4.3. in excess of 1000 and disk volumes in excess of 1000GB. The hardware may be extended byHP-UX 10.20 is designed to exceed the ITSEC F- adding more processors with true linearC2 functionality class, with the following notable performance scalability.extensions:• Terminal-based User Authentication Three additional CESG modules are available for• Time-based User Authentication use in HMG systems and may be applied for,• Boot Authentication namely FIRESTONE, THUNDERBOLT and• Access Control Lists THUNDERFLASH password encryption and generation packages.• ‘Green Book’ compliant Password Management - generation & encryptionHP-UX 10.20 is supported across the full rangeof HP9000 Workstations and ServersHewlett-Packard LtdNine Mile Ride, Wokingham,Berkshire RG40 3LL, United KingdomPoint of contact: Christopher Simpson Point of contact: Valerie AshtonTelephone: 01344-365029 Telephone: +44 (0) 1932 851111Facsimile: 01344-763747 Facsimile: +44 (0) 1932 850011Email: Email: URL: 15
  16. 16. IACS – OPERATING SYSTEMS IBM DYNIX/ptx Microsoft Windows NT v4.4.2 running on Symmetry 5000 Workstations and Win NT systems and NUMA-Q 2000 Server 4.0 ITSEC E3 ITSEC E3 Certificate Number: P108V2 January 2000 Certificate Number: P121 March 1999 CLEF: Logica CLEF: Logica DYNIX/ptx Version 4.4.2 (with CESG algorithms) Windows NT is a multi-tasking operating system is IBM’s enhanced version of UNIX running on for controlling and managing networks of Symmetry 5000 systems (Model SE40) and computers and electronic resources in a NUMA-Q (Non Uniform Memory Access) 2000 distributed multi-user environment. Trusted log (with EMC≈ Symmetrix 3430/3700 disk arrays) on for user authentication, DAC of electronic and is evaluated to E3 F-C2. resources, accounting and audit of user activities, and controlling system policies and user profiles DYNIX/ptx is a robust and reliable in arbitrary network configurations, including implementation of UNIX for secure commercial interconnection of trusted domains, have been projects running enterprise level applications. evaluated. The evaluated Windows NT 4.0 SP3 DYNIX/ptx conforms to all the leading industry security enforcing functions specified in its operating systems standards, including IEEE Security Target provide the essential basis on POSIX 1003.1-1990, FIPS, X-Open, XPG4, Intel which other specialised security enforcing ABI+, OSF AES and USLSVID3. functions of evaluatable systems such as messaging, firewall, virtual private network, and Four optional CESG modules will be available for PKI related systems could depend. Microsoft are use in HMG systems, namely FIREGUARD, participating in the development of Common FIRESTONE, THUNDERBOLT and Criteria Protection Profiles of such systems. THUNDERFLASH password encryption and generation packages. Microsoft Ltd Microsoft Campus, Thames Valley Park, Reading, Berks RG1 1WG, United Kingdom Point of contact: Valerie Ashton Point of contact: Peter Birch Telephone: +44 (0) 1932 851111 Telephone: +44 (0) 870 6010 100 Facsimile: +44 (0) 1932 850011 Facsimile: +44 (0) 870 6020 100 Email: Email: URL: URL:
  17. 17. IACS – OPERATING SYSTEMSSun Solaris 2.6 Sun SolarisCertificate Maintenance Scheme v8 with AdminSuite v 3.0.1ITSEC E3 COMMON CRITERIA EAL4Certificate Number: P101 January 1999 Certificate Number: P148 November 2000CLEF: Logica CLEF: LogicaSolaris 2.6 is the latest version of Sun’s Solaris 8 is a UNIX-based operating system whichcommercial Solaris operating system evaluated to can be configured from a number ofITSEC E3/F-C2. The product was initially workstations and servers to form a singleevaluated on the Sun UltraSPARC-1 Workstation distributed system. AdminSuite 3.0.1 providesand servers sharing information in a distributed tools to configure security aspects of Solaris 8.networking environment. The evaluation includes Both Solaris 8 and AdminSuite 3.0.1 have beenthe following features in addition to the ITSEC developed by Sun Microsystems Inc. Solaris 8,Functionality Class F-C2: with AdminSuite 3.0.1, has been certified as• CDE window system meeting the Common Criteria Part 3 conformant• Networking utilising the TCP/IP protocol requirements of EAL4 for the specified Common• NIS+ Distributed Naming Service Criteria Part 2 extended functionality in the• NFS specified environment when running on the specified Sun SPARC and Intel PentiumIn February 1999, Sun entered into the platforms. It has also met the requirements ofCertificate Maintenance Scheme and the Controlled Access Protection Profile.evaluation is extended to a wide range of Sunplatforms, from uni-processor MicroSPARCworkstations to multi-processor UltraSPARCEnterprise servers.Sun Microsystems Inc Sun Microsystems IncMPK 18-211 rm 2295, 901 San Antonio Road, MPK 18-211 rm 2295, 901 San Antonio Road,Palo Alto, CA 94303, USA Palo Alto, CA 94303, USAPoint of contact : Point of contact :Telephone: Telephone:Facsimile: +1 650 786 5731 Facsimile: +1 650 786 5731Email: Solaris-Security-Target@Eng.Sun.Com Email: Solaris-Security-Target@Eng.Sun.ComURL: URL: 17
  18. 18. IACS – OPERATING SYSTEMS Trusted Solaris 2.5.1 Certificate Maintenance Scheme ITSEC E3 Certificate Number: P104 September 1998 CLEF: Logica Trusted Solaris 2.5.1 is a highly configurable trusted operating system based on Sun’s Solaris 2.5.1 commercial UNIX operating system. It is designed to meet the specific security needs of customer seeking evaluated security systems. Trusted Solaris supports ITSEC E3/F-B1 and ITSEC E3/F-C2 with the following major features, all of which were included in the evaluation: • MAC, DAC and information labels; • Least privilege; • Full identification and authentication facilities, including password generation; • Separate trusted administration and security roles; • Graphical User Interface administration tools; • Centralised Trusted Facilities Management; • NIS+ Naming service; • Secure CDE Windowing environment with support for X11R5 and Motif; • Trusted Networking using TCP/IP and TSIX or MASIX protocols; • Trusted NFS; • Auditing; • Multi-level mail. Sun Microsystems Inc MPK 18-211 rm 2295, 901 San Antonio Road, Palo Alto, CA 94303, USA Point of contact: Telephone: Facsimile: +1 650 786 5731 Email: Solaris-Security-Target@Eng.Sun.Com URL:
  19. 19. IACS – NETWORKINGAuthoriszor Secure Extranet Entrust/Admin &Access Management System Entrust/Authority from Entrust/PKI 4.0aIN EVALUATION COMMON CRITERIA EAL4 COMMON CRITERIA EAL3Projected Certification Date: July 2001 Certificate Number: P122 March 1999CLEF: IBM Global Services CLEF: SyntegraAuthoriszor been developed to provide a secure Entrust/Authority is the core component of anHTTP page delivery system which publishes Entrust public-key infrastructure. Acting as theWWW pages via Microsoft Internet Information Certification Authority (CA), Entrust/AuthorityServer. Content is protected from attack by issues X.509 public-key certificates and performsstoring it in a location that is inaccessible from key and certificate management functions.the Internet whilst webroot is constantly Other Entrust/Authority capabilities include themonitored to protect against file deposition or ability to cross-certify with other CAs, the use ofmodification attacks. flexible certificates (for including X.509v3 certificate extensions), and the use of flexibleThe optional client support allows web content user password be delivered, on demand, in strict accordancewith a client’s pre-defined security profile. Entrust/Admin is an administrative interface to Entrust/Authority and allows operators toIt provides a Management System that will allow: manage users, set the security policy, and control• Multiple site support; the PKI. All messages between Entrust/Admin• Positive Identification of clients; and Entrust/Authority are secured for• Definition of security profiles for clients confidentiality, integrity, and authentication. and content;• Activity logging.Authoriszor Ltd Entrust Technologies Ltd.Windsor House, Cornwall Rd 1000 Innovation Drive, Ottawa, Ontario, Canada,Harrogate HG1 2PN, United Kingdom K2K 3E7Point of contact: Richard Atkinson Point of contact: Darryl StalTelephone: +44 (0) 1423 730300 Telephone: (613) 270-3483Facsimile: +44 (0) 1423 730315 Facsimile: (613) 270-2503Email: E-mail: entrust@entrust.comURL: URL: 19
  20. 20. IACS – NETWORKING Entrust/RA from Entrust/PKI Entrust/RA from Entrust/PKI 5.0 5.1 COMMON CRITERIA EAL3 COMMON CRITERIA EAL3 Certificate Number: P141 March 2000 Certificate Number: P153 February 2001 CLEF: Syntegra CLEF: Syntegra Entrust/RA 5.0 is an administrative interface to Entrust/RA 5.1 is an administrative interface to Entrust/Authority and allows operators to Entrust/Authority and allows operators to manage users, set the security policy, and control manage users, set the security policy, and control the PKI. Security Officers and Administrators the PKI. Security Officers and Administrators connecting to Entrust/Authority authenticate connecting to Entrust/Authority authenticate themselves using digital signatures. themselves using digital signatures. Once complete, all messages between Once complete, all messages between Entrust/RA and Entrust/Authority are then Entrust/RA and Entrust/Authority are then secured for confidentiality, integrity, and secured for confidentiality, integrity, and authentication. Cryptographic operations for authentication. Cryptographic operations for Entrust/RA are performed in the FIPS 140-1 Entrust/RA are performed in the FIPS 140-1 Level 2 validated Entrust cryptographic module. Level 2 validated Entrust cryptographic module. Entrust/RA is currently certified on Microsoft Entrust/RA is being evaluated on Microsoft Windows NT 4.0 Service Pack 3. Windows NT 4.0 Service Pack 6a. Entrust Technologies Ltd. Entrust Technologies Ltd. 1000 Innovation Drive, Ottawa, Ontario, Canada, 1000 Innovation Drive, Ottawa, Ontario, Canada, K2K 3E7 K2K 3E7 Point of contact: Darryl Stal Point of contact: Darryl Stal Telephone: (613) 270-3483 Telephone: (613) 270-3483 Facsimile: (613) 270-2503 Facsimile: (613) 270-2503 E-mail: E-mail: URL: URL: http://www.entrust.com20
  21. 21. IACS – NETWORKINGEntrust/Authority from Entrust/Authority fromEntrust/PKI 5.0 Entrust/PKI 5.1COMMON CRITERIA EAL3 COMMON CRITERIA EAL3Certificate Number: P141 March 2000 Certificate Number: P153 February 2001CLEF: Syntegra CLEF: SyntegraEntrust/Authority 5.0 is the core component of Entrust/Authority 5.1 is the core component ofan Entrust public-key infrastructure. Acting as an Entrust public-key infrastructure. Acting asthe Certification Authority (CA), Entrust/Authority the Certification Authority (CA), Entrust/Authorityissues X.509 public-key certificates and performs issues X.509 public-key certificates and performskey and certificate management functions. key and certificate management functions.Other Entrust/Authority capabilities include the Other Entrust/Authority capabilities include theability to cross-certify with other CAs, the use of ability to cross-certify with other CAs, the use offlexible certificates (for including X.509v3 flexible certificates (for including X.509v3certificate extensions), the use of flexible user certificate extensions), the use of flexible userpassword rules, the ability to specify either RSA password rules, the ability to specify either RSA(1024 or 2048) or DSA 1024 as the CA signing (1024 or 2048) or DSA 1024 as the CA signingalgorithm and CA signing key size, and the ability algorithm and CA signing key size, and the abilityto renew the CA signing key pair before it expires to renew the CA signing key pair before it expiresand to recover from possible CA key and to recover from possible CA keycompromise. compromise.Entrust Technologies Ltd. Entrust Technologies Ltd.1000 Innovation Drive, Ottawa, Ontario, Canada, 1000 Innovation Drive, Ottawa, Ontario, Canada,K2K 3E7 K2K 3E7Point of contact: Darryl Stal Point of contact: Darryl StalTelephone: (613) 270-3483 Telephone: (613) 270-3483Facsimile: (613) 270-2503 Facsimile: (613) 270-2503E-mail: E-mail: entrust@entrust.comURL: URL: 21
  22. 22. IACS – NETWORKING Remote Management Centre Luna® CA3 Token ITSEC E1 IN EVALUATION COMMON CRITERIA EAL4 Certificate Number: S115 January 2001 Projected Certification Date: 1 July 2001 CLEF: CMG Admiral CLEF: SYNTEGRA IBM Remote Management Centre provides a The Luna® CA3 Token, Luna® Dock Card Reader, focal point for Remote Network Management, and Luna® PIN Entry Device combine to provide Remote Systems Management and Remote a robust hardware security module for Environmental Monitoring. The security of the Certification Authorities, Certification Service unit allows multiple customers to be managed Providers and Validation Authorities within Public from a central location whilst maintaining the Key Infrastructures. The product provides secure integrity of the individual networks and mission generation, storage, access control and backup critical systems. The service allows RMC staff to of the private signing key of the Authority. integrate with customers’ networks in a secure It provides advanced security features such as manner using a combination of authentication, trusted path for entry of authentication data, auditing and accounting incorporated into the M of N activation for multi-person control of secure LAN. Several technologies are employed, critical operations and Luna® Key Cloning for including firewalls, controlled access lists, user secure backup of private keys and other authentication and monitoring. The individual sensitive data. customers monitoring stations integrate into this secure environment allowing display of individual alarms on a centralised videowall. Chrysalis-ITS IBM One Chrysalis Way, Ottawa, ON Weybridge Business Park, Addlestone Road, K2G 6P9, Canada Weybridge, Surrey, KT15 2UF, United Kingdom Point of contact: Terry Fletcher, VP Trusted Systems Engineering Point of contact: David Stacey Telephone: 613 723-5076 Telephone: +44 (0) 1932 851111 Facsimile: 6I3 723 5078 Facsimile: +44 (0) 1932 814333 Email: Email: URL: URL: http://www.chrysalis-its.com22
  23. 23. IACS – NETWORKINGSureWare KeyPer v1.0 SureWare Net ED20MITSEC E3 IN EVALUATION ITSEC E3 and CAPSCertificate Number: P154 March 2001 Projected Certification Date: December 2001CLEF: IBM Global Services CLEF: IBM Global ServicesSureWare Keyper is a hardware cryptographic The SureWare Net ED20M is an Ethernet VPNmodule that guarantees the safety and integrity of encryptor that allows users to communicatekey material. SureWare Keyper has been awarded protectively marked material across untrustedFIPS 140-1 level 4. It connects to a host networks by using cryptographic mechanisms tocomputer via standard networking technology in lower the marking of the actual network traffic.order to provide secure cryptographic services tohost computer applications: Features:• Key Generation • Transfer of encrypted user data IP datagrams• Encryption between pairs of encryptors• Message Authentication Code • Configurable security policy for authorising IP• Signing addresses and protocols • Automated key managementThese applications will communicate with • Audit trail of eventsSureWare Keyper via the industry standard • Local and remote management optionsinterface PKCS#11. • Security enforcing remote management communications protected cryptographicallyThe scope of the evaluation covered those • Authenticated local managementmechanisms that protect the cryptographic • Operational and standby modesservices that the TOE provides. Triple DES and • Tamper resistant crypto-kernelSHA-1 contained within the TOE are publicly • Operation with Ethernet V2.0 and IEEE 802.3known. Other cryptographic services provided with SNAP headerssuch as RSA and Diffie Hellman, were outside thescope of the evaluation.Baltimore Technologies Ltd Baltimore Technologies Ltd39/41 Parkgate Street, Dublin 8, Ireland 39/41 Parkgate Street, Dublin 8, IrelandPoint of contact: Point of contact:Telephone: +61 2 9409 0300 Telephone: +61 2 9409 0300Facsimile: +61 2 9409 0301 Facsimile: +61 2 9409 0301Email: Email: info@baltimore.comURL: URL: 23
  24. 24. IACS – NETWORKING IACS – FIREWALLS Tracker 2650 Data Collection BorderWare Firewall Server Unit v6.1.2 ITSEC E2 COMMON CRITERIA EAL4 Certificate Number: P133 March 2000 Certificate Number: P136 January 2000 CLEF: Logica CLEF: Syntegra Tracker is an intelligent modem that reliably logs The BorderWare Firewall server’s EAL4 data in 32 Megabytes of battery backed memory certification covers the integrated operating until polled. It receives data on four RS232 system and a completed set of the facilities ports that can also be used for transparent two- needed to operate a secure and effective Internet way communication with the data source. It will connection. The Firewall’s operating system dial out when it detects alarm conditions. (S-CORE) is hardened to protect against known vulnerabilities and to provide a secure platform When used in a network management system, for the extensive set of application proxies that Tracker prevents subscribers on a switch from control information flow through the Firewall. gaining access to the remote management The proxies are complimented with application system and provides assured separation between server for E-mail, FTP, WWW and dual DNS. subscribers and management traffic. It also The integrated Mail server can be configured to protects the switch from unauthorised access provide a complete e-mail system or operate as a when replacing diagnostic modems. relay delivering mail to protected internal servers. This product was evaluated for the MOD’s Defence Fixed Telecommunications Service. Data Track Technology plc 153 Somerford Road Christchurch Dorset BH23 3TY United Kingdom BorderWare Technologies Inc 1 The Harlequin Centre, Southall Lane, Point of contact: Mike Terry, Business Southall, Middlesex UB2 5NH, United Kingdom Development Manager Point of contact: Telephone: +44 (0) 1425 282022 Telephone: +44 (0) 20 8893 6066 Facsimile: +44 (0) 1425 271978 Facsimile: +44 (0) 20 8574 8384 Email: Email: URL: URL: http://www.borderware.com24
  25. 25. IACS – FIREWALLSBorderWare Firewall Server Check Point Firewall-1v6.5 v4.0 Stateful InspectionIN EVALUATION COMMON CRITERIA EAL4 ITSEC E3PROJECTED CERTIFICATION DATE: 3Q 2001 Certificate Number: P107 March 1999CLEF: Syntegra CLEF: CMG AdmiralThe BorderWare Firewall includes an integrated This evaluation addresses the core elements ofoperating system and a completed set of services Firewall-1 i.e. the Stateful Inspection engine,needed to operate a secure and effective Internet auditing, address translation and the command-connection. The Firewall’s operating system line user interface for Microsoft NT Version 4.0(S-CORE) is hardened to protect against known SP 3, Solaris 2.6, AIX version 4.2.1 and HP-UXvulnerabilities and to provide a secure platform Version 10.10.for the extensive set of application proxies thatcontrol information flow through the Firewall. The Firewall-1 product suite delivers anThe proxies are complimented with application integrated solution that scales to meet theserver for E-mail, FTP, WWW and dual DNS. demands of organizations large and small,The integrated Mail server can be configured to securing your enterprise network – LAN, Internet,provide a complete e-mail system or operate as a intranet and extranets.relay delivering mail to protected internal servers.V6.5 of the Firewall server will be available both Based on Stateful Inspection technology, apackaged on dedicated hardware and as a security technology invented and patented bycomplete software package for easy installation Check Point Software Technologies, FireWall-1on standard hardware. provides security at the highest level currently available. Stateful Inspection incorporates communication, application state and context information, which is stored and updated dynamically.BorderWare Technologies Inc Check Point Software Technologies Ltd1 The Harlequin Centre, Southall Lane, 3A Jabotinsky St., Diamond Tower,Southall, Middlesex UB2 5NH, United Kingdom Ramat-Gan 52520, IsraelPoint of contact: Point of contact: Nigel MouldTelephone: +44 (0) 20 8893 6066 Telephone: +44 (0) 1223 713611Facsimile: +44 (0) 20 8574 8384 Facsimile: +44 (0) 1223 713621Email: Email: nigelm@checkpoint.comURL: URL: 25
  26. 26. IACS – FIREWALLS Check Point VPN-1/Firewall-1 Cisco Secure PIX Firewall v4.1 SP2 Software Version 5.2(3) Hardware Models 515, 520 & 525 ITSEC E3 COMMON CRITERIA EAL4 Certificate Number: P149 January 2001 Certificate Number: P152 January 2001 CLEF: CMG Admiral CLEF: Syntegra This evaluation addresses the core elements of The Cisco Secure PIX Firewall is a dedicated Firewall-1, but also includes the Graphical User firewall appliance from Cisco Systems. The family Interface, Remote Management, Authentication, of firewalls delivers strong security without Encryption and LDAP interface for FireWall-1 impacting network performance. The product Version 4.1 running on Microsoft NT Version 4.0 line scales to meet a range of customer SP 5, Solaris 2.6 and AIX Version 4.3. requirements, and has only two license levels - one restricted licence and an unlimited licence. VPN-1/FireWall-1 is the most comprehensive security suite available today. Providing an The PIX Firewall is an integrated unit and does integrated solution that scales to meet the not have an underlying operating system such as demands of organizations large and small, NT or UNIX, and this increases security and securing your enterprise network – LAN, Internet, performance. The PIX 525 is able to support over intranet and extranets. 340Mbps of throughput and over 250,000 concurrent sessions. VPN-1/Firewall-1 is the center of an extensive policy management framework. The intuitive GUI is used to write the enterprise security policy, which is then applied to all remote or internal gateways. Check Point Software Technologies Ltd Cisco Systems 3A Jabotinsky St., Diamond Tower, 3, The Square, Stockley Park, Ramat-Gan 52520, Israel UXBRIDGE, Middlesex UB11 1BN Point of contact: Nigel Mould Point of contact: Paul King Telephone: +44 (0) 1223 713611 Telephone: +44 (0) 20 8756 8349 Facsimile: +44 (0) 1223 713621 Facsimile: +44 (0) 20 8576 8099 Email: Email: URL: URL:
  27. 27. IACS – FIREWALLSCyberGuard Firewall for CyberGuard Firewall forWindows NT UnixWare 4.1Certificate Maintenance Scheme (also available as CyberGuard Firewall Appliances) Certificate Maintenance SchemeThe latest CMS Approved version of CyberGuard The latest CMS Approved version ofFirewall for Windows NT is 4.2 PSU1. All CyberGuard Firewall for UnixWare 4.1 is 4.2intermediate releases and updates are also CMS PSU1. All intermediate releases and updatesapproved. are also CMS approved.ITSEC E3 ITSEC E3Certificate Number: P118 January 1999 Certificate Number: P117 January 1999CLEF: Logica CLEF: LogicaCyberGuard Firewall for Windows NT is closely CyberGuard® Firewall for UnixWare® is providedlinked to Microsoft Windows NT® to maximise with a MLS UNIX operating system. It safeguardsperformance, accuracy and security of the information held on internal networks, bynetwork. The evaluated firewall is a multi-homed controlling the access of external users andconfiguration providing both IP packet filtering protecting the integrity, availability, authenticationand application-level proxies. A Graphical User data and anonymity of the internal network.Interface (GUI) for configuration and reporting Configuration and Reporting is performed with aand up to 16 multiple network interfaces are local Graphical User Interface (GUI). Additionalavailable. To ease installation and management, network interfaces (up to 32) provide DMZ orthe firewall interacts with and exploits existing further internal/ external network connections.NT domain controllers to obtain user and The firewall runs on either single or multi-authentication information. The Windows NT processor Intel servers with UnixWare 2.1.3.environment is secured with SecureGuard™for CyberGuard Firewall for UnixWare is availableNT, providing protection against security threats from Release 4.2 onwards as a pre-stagedsuch as uncontrolled access to system resources. appliance known as FireSTAR, KnightStar andAvailable for systems with a minimum of STARLord Premium Appliance Firewalls.133MHz Intel Pentium Processor, 32MB Memory These variants are therefore CMS Approved.running Windows NT rev 4.0 with Service Pack 3or 4.CyberGuard Europe Ltd CyberGuard Europe LtdAsmec Centre, Eagle House, The Ring, Asmec Centre, Eagle House, The Ring,Bracknell, Berkshire RG12 1HB Bracknell, Berkshire RG12 1HBPoint of contact: Andrew Clarke Point of contact: Andrew ClarkeTelephone: + 44 (0)1344 382550 Telephone: + 44 (0)1344 382550Facsimile: + 44 (0)1344 382551 Facsimile: + 44 (0)1344 382551Email: Email: aclarke@cyberguard.comURL: URL: 27
  28. 28. IACS – FIREWALLS CyberGuard Firewall v2 CyberGuard Firewall for Certificate Maintenance Scheme UnixWare/Premium CyberGuard Firewall 2.2.1e has CMS Appliance Firewall 4.3 approved versions up to CyberGuard Firewall 2.2.3r9. ITSEC E3 COMMON CRITERIA EAL4 Certificate Number: 97/78 March 1997 Certificate Number: P150 December 2000 CLEF: Logica CLEF: Logica CyberGuard Firewall Version 2 is an appliance CyberGuard Firewall is a packet filter, (stateful firewall that controls and monitors user access to inspection) and application level proxy firewall local- and wide-area networks by leveraging the provided with a MLS (secure) Unix operating advantages of a multi-level secure architecture. system. It safeguards internal networks by CyberGuard Firewall runs on B1 secure operating controlling external access and protects the system and networking products. CyberGuard is integrity, availability, authentication data and designed to reduce the area of risk to a single anonymity of the internal network. system; it operates as a packet-filtering gateway, Configuration/reporting is performed via local a proxy gateway and a Bastion Host in a multi- GUI. Additional interfaces (up to 32) provide system environment. For example, when located DMZ or further internal/external connections. between an internal network, an Intranet and/or Evaluated security features include: Connection the internet, it provides valuable protection of a level Access Control for IP packets; Accounting, company’s computing resources and data. auditing and statistics; Alerts for security events; CyberGuard Firewall has been evaluated on both Network Address Translation and Split Domain the NH4000 and NH5000 platforms, in either Name Server (DNS). The firewall runs on single tower or rack-mounted packaging. or multi-processor Intel IA-32 processors and as a packaged solution – the CyberGuard Premium Appliance family: FireSTAR, KnightSTAR and STARLord. CyberGuard Europe Ltd CyberGuard Europe Ltd Asmec Centre, Eagle House, The Ring, Asmec Centre, Eagle House, The Ring, Bracknell, Berkshire RG12 1HB Bracknell, Berkshire RG12 1HB Point of contact: Andrew Clarke Point of contact: Andrew Clarke Telephone: + 44 (0)1344 382550 Telephone: + 44 (0)1344 382550 Facsimile: + 44 (0)1344 382551 Facsimile: + 44 (0)1344 382551 Email: Email: URL: URL:
  29. 29. IACS – FIREWALLSGauntlet Internet Firewall MailGuard Bastion 1.0for Windows NTv3.01ITSEC E3 ITSEC E3Certificate Number: P127 June 1999 Certificate Number: P144 May 2000CLEF: EDS CLEF: AdmiralThe Gauntlet Internet Firewall for Windows NT is MailGuard Bastion is a high assurance messaginga native development for Windows NT 4.0. firewall that allows the exchange of X.400 andThe Gauntlet Internet Firewall for Windows NT SMTP/MIME messages between networks ofcombines an application gateway with user differing security levels or conflicting securitytransparency and ease of management. Security policies.functions evaluated include:• Prevention of internal IP addess spoofing; MailGuard Bastion is evaluated and assured to• System integrity checking; ITSEC E3, making it ideally suited to meet the• Comprehensive auditing and accounting most stringent security policies. The product functions; builds upon the Trusted Solaris operating system,• Alarms raised to the Administrator on defined which itself is ITSEC E3/F-B1 and E3/F-C2 events; approved. MailGuard Bastion can be supplied as• Packet level filtering; a software package or as a turnkey system• SMTP, telnet, rlogin, HTTP, ftp, SQL*net, pop3 (comprising hardware and software) configured and PLUG proxies; and working to requirements.• Strong user Authentication with the ability to insert user definable mechanisms;• Configurable option to prevent JAVA applets, JAVA scripts and ActiveX;• URL filtration mechanisms;• Content Vectoring Protocol support. NET-TEL Computer Systems LtdNetwork Associates – UK 4 Place Farm, Wheathampstead227 Bath Road, Slough, Berkshire SL1 5PP Herts AL4 8SB, United KingdomPoint of contact: Evan Garricks Point of contact: Nick WardTelephone: +44 (0) 1753 217 500 Telephone: +44 1582 830500Facsimile: +44 (0) 1753 217 520 Facsimile: +44 1582 830501Email: Email: URL: 29
  30. 30. IACS – FIREWALLS Safegate v2.0.2 SWIPSY Firewall Toolkit COMMON CRITERIA EAL3 ITSEC E3 Certificate Number: P139 January 2000 Certificate Number: P147 August 2000 CLEF: Logica CLEF: EDS Safegate (Version 2.0.2) firewall has the The SWIPSY (Switch IP SecurelY) firewall toolkit following functions: provides an extensible framework for • IP packet filtering; constructing assured Bastion Host firewalls. • application gateway (non-transparent and transparent); SWIPSY is based on a stripped down • security management (containing the audit configuration of Sun’s Trusted Solaris (TSol) 2.5.1 functions); operating system. By relying on the mandatory access controls of TSol, SWIPSY provides strong IP packet filtering permits or denies the separation between networks. Controlled transmission of IP packets through Safegate from communication between networks can be the hostile network and the private network configured, using either a filestore or a TCP/UDP according to filtering rules defined by an interface. authorised administrator. The transparent gateway (TCP, UDP, ICMP, FTP, Telnet and various Third party proxies such as Squid or Message multimedia services) allows a direct connection Transfer Agents may be integrated, without the between a client on the private network and a need for re-evaluation, to achieve an E3 firewall, host on the Internet. The non-transparent although formal evaluation of the software may gateway (only FTP and Telnet services) allows be necessary if certain TSol privileges are needed. simultaneous sessions between the client on the private network and the Internet host. Central Enquiry Desk Defence Evaluation and Research Agency, Fujitsu Ltd Ively Road, Farnborough, Hampshire GU14 0LX, 1405, Ohmaru, Inagi-shi, United Kingdom Tokyo 206-8503, Japan Point of contact: Sharon Lewis Point of contact: Takehiko Yahagi Telephone: +44 1684 896535 Telephone: +81 44 370 7637 Facsimile: +44 1684 896660 Facsimile: +81 44 370 7737 Email: Email: URL: URL: business/network_boundary_service.htm30
  31. 31. IACS – FIREWALLSSymantec Enterprise Firewall VCS Firewall v3.0v6.5IN EVALUATION COMMON CRITERIA EAL4 COMMON CRITERIA EAL1Projected Certification Date: July 2001 Certificate Number: P123 March 1999CLEF: Syntegra CLEF: IBM Global ServicesSymantec Enterprise Firewall provides complete The VCS Firewall manages data andperimeter protection by integrating application communications between trusted and untrustedproxies, network circuits and packet filtering into networks. It supports four independent networksits hybrid architecture. Its intuitive management and can manage simultaneously traffic betweenand high-performance characteristics work all pairs of networks. The VCS Firewall is proxy-together comprising the most secure, based. Proxies for HTTP, Telnet, FTP and Mailmanageable, flexible firewall for enterprise Exchange, as well as a Generic proxy for all otherprotection. Integrated components, such as proxiable protocols, are included. Packet filteringapplication proxy architecture and a multi-firewall of TCP, UDP and ICMP is also GUI enable the Symantec Enterprise All configuration of the VCS Firewall is by way ofFirewall to address the broad perimeter security a Graphical User Interface. This makes the VCSneeds of companies connecting to the Internet. Firewall easy to configure, as well as providingSome of the features unique to the Symantec sanity checking on the configuration.Enterprise Firewall include:(1) initial & continuous system hardening,(2) DDoS attack protection,(3) support for authenticating sessions,(4) consolidated, non-order-dependent rule setting, and(5) generic and port-range service proxies supporting legacy, proprietary or emerging protocols. The Knowledge GroupSYMANTEC Corporation Knowledge House, Concorde Road,266 Second Avenue, Waltham, Patchway, Bristol BS34 5TB, United KingdomMassachusetts 02451Point of contact: Regina Hammond Point of contact: Alan JonesTelephone: +1 781-530-2305 Telephone: +44 (0) 117 900 7500Facsimile: +1 781-487-6755 Facsimile: +44 (0) 117 900 7501Email: Email:URL: URL: 31
  32. 32. IACS – COMMUNICATIONS Baltimore ED2048R3 Baltimore ED600RTS Government Use Only ITSEC E3 and CAPS approved ITSEC E3 and CAPS approved Certificate Number: 96/60 April 1996 Certificate Number: 95/55 September 1995 CLEF: IBM Global Services CLEF: Syntegra The ED2048R3 provides cryptographic The ED600RTS is a RAMBUTAN Encryptor for protection for up to 2.048 Mbps point-to-point synchronous data transmitted on a point-to-point links. The ED2048R3 has 2 interface options: link, at speeds of up to 128 Kbps using an X.21 • X21 interface. The ED2048R3 offers a two-tier key • G.703/G.732/G704 hierarchy. Four data encryption keys (DEKs) can The X.21 interface is suited to protecting flexible be entered into the master encryptor from a bandwidth services as line speeds swipe card and downloaded over the link to slave can be increased without reconfiguration. units. Alternatively, the ED2048R3 can be The G704 interfaces support an nx64 Kbps managed from the Baltimore Network Security fractional service. Workstation, to provide automated key and equipment management The ED2048R3 offers a two-tier key hierarchy. Four data encryption keys (DEKs) can be entered into the master encryptor from a swipe card and downloaded over the link to slave units. Alternatively, the ED2048R3 can be managed from the Baltimore Network Security Workstation, to provide automated key and equipment management. Baltimore Technologies Ltd Baltimore Technologies Ltd 39/41 Parkgate Street, Dublin 8, Ireland 39/41 Parkgate Street, Dublin 8, Ireland Point of contact: Point of contact: Telephone: +61 2 9409 0300 Telephone: +61 2 9409 0300 Facsimile: +61 2 9409 0301 Facsimile: +61 2 9409 0301 Email: Email: URL: URL:
  33. 33. IACS – COMMUNICATIONSBaltimore ED8000RL Cisco 3640 RouterGovernment Use OnlyITSEC E3 and CAPS approved IN EVALUATION ITSEC E2Certificate Number: 97/92 December 1997 PROJECTED CERTIFICATION DATE: MAY 2001CLEF: IBM Global Services CLEF: CMG AdmiralThe ED8000RL is an Ethernet encryptor The Cisco 3640 is a multifunction platform thatusing the RAMBUTAN algorithm. It provides combines dial access, routing, LAN-to-LANcryptographic protection for user data services and multiservice integration of voice andtransmitted between LANs using Internet data in the same device. As a modular solution,Protocol across WANs. The encryptor is the Cisco 3640 has the flexibility to meet bothinterposed between a local Ethernet LAN subnet current and future connectivity requirements.and the router giving access to the WAN. The Cisco 3640 is fully supported by Cisco• Central management IOSTM software, which includes LAN-to-LAN• Supports Ethernet V2.0 and IEEE 802.3 frame routing, data and access security and WAN format incorporating SNAP optimization. Applications supported are• Holds up to 16 data keys to enable creation of asynchronous and synchronous serial interfaces. separate cryptographic zones• Supports up to 512 destination IP subnet or device addresses• Data rate exceeds 2Mbits per second• SNMP TRAPs can be sent to a separate NMC SUPPLIER: Cisco Systems Limited 3 The Square, Stockley Park, Uxbridge, Middlesex UB11 1BN, United Kingdom Point of contact: Jon Arnold (For Cisco) Telephone: +44 (0) 208 756 8651 URL: SYSTEM DESIGNER:Baltimore Technologies Ltd INCA39/41 Parkgate Street, Dublin 8, Ireland Post Point C2, North Star House,Point of contact: North Star Avenue, Swindon, Wiltshire SN2 1BSTelephone: +61 2 9409 0300 Point of contact: David GrantFacsimile: +61 2 9409 0301 Telephone: +44 (0) 1793 863173Email: Facsimile: +44 (0) 1793 863010URL: Email: 33
  34. 34. IACS – COMMUNICATIONS DataCryptor 2000 Meridian Option 1 (22.46) (Synchronous Line Encryptor) SPC Switch ITSEC E3 IN EVALUATION ITSEC E2 Certificate Number: P126 August 1999 Projected Certification Date: 2Q 2001 CLEF: CMG Admiral CLEF: CMG Admiral The Datacryptor 2000 Link product range are The Meridian Option 61C (22.46) is a state-of- encryption devices specifically designed to the-art Software Stored Program Control Digital provide secure communications over circuits at Switch. Utilised as a platform for integrated voice speeds of up to 2Mbps using a variety of line and data, Meridian Option 61C (22.46) delivers interfaces. The Datacryptor 2000 prevents sophisticated messaging, call centre and unauthorised information access and protects computer telephony integration (CTI) applications against eavesdropping for data transmissions for Asynchronous Transfer Mode (ATM) using both private and public networks. The unit technology. These support WAN bandwidth provides both Tamper Evidence and Tamper consolidation, transport and delivery of Resistance, and once commissioned, will operate multimedia communications. When configured as automatically without further intervention. part of a communications network the switch The Datacryptor 2000 series employ the Zaxus prevents subscribers from gaining access to the Key Management Scheme to securely generate management system and thus provides an and distribute data encryption keys. This assured separation between subscribers and dispenses with the previously time-consuming management traffic. This product is being and laborious tasks associated with secure key evaluated specifically for the MOD’s Defence management which significantly reduces the cost Fixed Telecommunications Service. of ownership. SUPPLIER: Nortel Networks Maidenhead Office Park, Westacott Way, Maidenhead, Berkshire SL1 3OH, United Kingdom Point of contact: Nortel Telephone: +44 (0) 1628 432566 Facsimile: +44 (0) 1628 432657 Zaxus Technical Sales URL: Sussex Innovation Centre, Science Park Square, University of Sussex, Brighton BN1 9SB, SYSTEM DESIGNER: United Kingdom INCA Point of contact: Chris Woods, Product Manager Post Point C2, North Star House, (Network Security) North Star Avenue, Swindon, Wiltshire SN2 1BS Telephone: +44 (0)1273 384600 Point of contact: David Grant Facsimile: +44 (0)1273 384601 Telephone: +44 (0) 1793 863173 Email: Facsimile: +44 (0) 1793 863010 URL: Email: david.w.grant@marconi.com34