Validated Product - CREDANT Mobile Guardian (CMG) Enterprise Edition Version 5.2.1 SP4

PRODUCT DESCRIPTION

The CREDANT Mobile Guardian (CMG) Enterprise Edition Version 5.2.1 SP4 is a distributed security solution designed to control enterprise-wise security for Windows-based PCs.  CMG enforces data encryption and access control security policies designed to protect data at rest on Window-based PCs.  Security policy protection is intended to provide data access protection from unauthorized users accessing a PC in the event of a lost or stolen PC and implementing hierarchical data access controls for authorized PC users.  The CMG is a single base management control system enabling administrators to secure the Windows-based PCs from a single management console.

The TOE includes three software components: the CREDANT Mobile Guardian Enterprise Server; the CREDANT Mobile Guardian Policy Proxy; and the CREDANT Mobile Guardian Shield.

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the CREDANT Mobile Guardian (CMG) Enterprise Edition Version 5.2.1 SP4 meets the security requirements contained in the Security Target.

The criteria against which the CREDANT Mobile Guardian (CMG) Enterprise Edition Version 5.2.1 SP4 was judged is described in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. The COACT, Inc. CAFE Lab determined that the evaluation assurance level (EAL) for the CREDANT Mobile Guardian (CMG) Enterprise Edition Version 5.2.1 SP4 is EAL 3. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target.

A Validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by the COACT, Inc. CAFE Lab. The evaluation was completed in April 2008. Results of the evaluation and associated validation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report.

ENVIRONMENTAL STRENGTHS

The TOE’s Security Functions are:

• Audit Data Generation:  The TOE’s Audit Data Generation Security Function creates audit records recording security-relevant events.

• Audit Data Viewing:  The TOE’s Audit Data Viewing Security Function enables a CMG Enterprise Server Administrator with System or Log role privileges to view audit records.

• Management :  The TOE’s Security Management Security Function provides administrator support functionality that enables authorized administrators to configure and manage the TOE. 

• Self Protection:  The TOE provides for self protection and non-bypassability of functions within the TOE’s scope of control (TSC). 

• User Data Protection:  The TOE encrypts data on the end user device according to the policies supplied by the CMG Enterprise Server.