Firewall Wizards mailing list archives
Re: Firewall certification
From: Neil Lehrer <nlehrer () ibb gov>
Date: Tue, 27 Jul 1999 16:01:51 -0400
you can look at http://www.radium.ncsc.mil/tpep/index.html for info on common criteria. ```````````````` Rick Smith wrote:
At 11:45 AM 7/23/99 +0100, kris.van.opstaele () be arthurandersen com wrote:On their website, you can find their "Product Certification Criteria"(version3.0, currently). Did anybody check out these criteria in detail, or their certification process as a whole ?I haven't looked at it recently, but in the past their certification essentially shows that the firewall is capable of blocking traffic on command. They don't do detailed vulnerability analyses, but then they cost that much (somewhere between $10K and $30K if I remember correctly)Furthermore, are there other similar initiatives (such as ITSEC, Common Criteria) to certify popular firewall products ?NIST has published two draft Common Criteria Protection Profiles for firewalls, and various folks in the government are talking about developing a couple more for higher security boundary protection. At the present there are several firewalls that have completed ITSEC evaluation in the UK. I've only found one firewall that's completed a Common Criteria evaluation and I don't know if it followed a particular protection profile or not. There are international treaties declaring that participating governments (US, UK, Germany, Netherlands, I think) will recognize each others' Common Criteria evaluations. This doesn't automatically extend to TCSEC or ITSEC evaluations, though. Common Criteria evaluation is at least an order of magnitude more expensive then ICSA firewall certification. Rick.
-- regards +++++++++++++++++++++++++++++++++++++++++++++++ + Neil Lehrer + + International Broadcasting Bureau + System Development Division + + voice 202 619-2524 + fax 202 619-3576 + nlehrer () ibb gov + + " is this crisis an opportunity or just + another grab the fire extinguisher moment?" + ++++++++++++++++++++++++++++++++++++++++++++++++
Current thread:
- Firewall certification kris . van . opstaele (Jul 23)
- Re: Firewall certification Rick Smith (Jul 26)
- Re: Firewall certification Neil Lehrer (Jul 27)
- Re: Firewall certification Rick Smith (Jul 26)