Validated Product - Applied Identity ID-Enforce Hardware Appliance (models 5000, 7000, and 10000) with ID-Enforce Gateway, Version 3.3 including the ID-Enforce Client ID-Mark v3.3 and the Identisphere Manager (ID-Policy v3.3)

Certificate Date: 06 October 2008

Validation Report Number: CCEVS-VR-VID10272-2008

Product Type: Sensitive Data Protection,System Access Control

Conformance Claim: EAL2

PP Identifiers: None

CC Testing Lab: SAIC Common Criteria Testing Laboratory

Security Target [PDF]
Validation Report [PDF]
CC Certificate [PDF]

PRODUCT DESCRIPTION

The Applied Identity ID-Enforce Hardware Appliance (models 5000, 7000, 10000) with ID-Enforce Gateway, Version 3.3, including the ID-Enforce Client (ID-Mark, v3.3) and the Identisphere Manager (ID-Policy, v3.3) is a system that is designed primarily to protect resources located on a protected network from users on an untrusted network.  The client application (i.e., ID-Mark) allows the network users to interact with the TOE in order to access the resources it protects, and the Identisphere Manager (ID-Policy) application offers a Graphical User Interface (GUI) that may be used to define the user access policies stored in the LDAP server.

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Applied Identity ID-Enforce Hardware Appliance (models 5000, 7000, 10000) with ID-Enforce Gateway, Version 3.3, including the ID-Enforce Client (ID-Mark, v3.3) and the Identisphere Manager (ID-Policy, v3.3) TOE was judged as described in the Common Criteria for Information Technology Security Evaluation, Version 2.3.  The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3.  SAIC determined that the evaluation assurance level (EAL) for the product is the EAL 2 family of assurance requirements.  The product, when configured as specified in the installation guides and user guides, satisfies all of the security functional requirements stated in the Applied Identity ID-Enforce Security Target.  A validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC.  The evaluation was completed in September 2008.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report for Applied Identity ID-Enforce Hardware Appliance (models 5000, 7000, 10000) with ID-Enforce Gateway, Version 3.3, including the ID-Enforce Client (ID-Mark, v3.3) and the Identisphere Manager (ID-Policy, v3.3) prepared by CCEVS.

ENVIRONMENTAL STRENGTHS

The TOE is a commercial product whose users require a low to moderate level of security assurance.  The appliances are located within physically protected areas are configured and managed by professionally trained and trusted administrators.  Within such environments, it is assumed that attackers will have a low attack potential.  


The Applied Identity ID-Enforce Hardware Appliance (models 5000, 7000, 10000) with ID-Enforce Gateway, Version 3.3, including the ID-Enforce Client (ID-Mark, v3.3) and the Identisphere Manager (ID-Policy, v3.3) is a system that is designed to protect resources located on a protected network from users on an untrusted network and provides security audit, user data protection, identification and authentication, security management, and protection of the TSF security functions.

Vendor Information


Applied Identity
Dean A. Weber
415-593-2100
415-593-2101 (Fax)
dweber@appliedidentity.com

http://www.appliedidentity.com

--->