Validated Product - NetIQ Security Manager 5.5

PRODUCT DESCRIPTION

The NetIQ Security Manager is an application that can act as an intrusion detection system for intrusion detection systems as well as for operating systems, firewalls, and antivirus applications. The TOE provides the ability to collect, standardize, and archive collected data from disparate IT systems. The TOE also provides the capability to review the collected data, and generate forensic analysis and trend analysis reports. All communications between the TOE distributed components are encrypted.

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the NetIQ Security Manager TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. SAIC determined that the evaluation assurance level (EAL) for the product is the EAL 2 family of assurance requirements. The product, when configured as specified in the installation guides and user guides, satisfies all of the security functional requirements stated in the NetIQ Security Manager 5.5 Security Target. A validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in August 2007. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report for NetIQ Security Manager 5.5 prepared by CCEVS.

ENVIRONMENTAL STRENGTHS

The NetIQ Security Manager is a commercial IDS application that provides identification and authentication, security management, intrusion detection and event correlation, and protection of the TOE security functions.