Validated Product - Tenix Interactive Link Data Diode Device, Gigabit Variant (P/N FID003)Certificate Date: 16 November 2006 Validation Report Number: CCEVS-VR-06-0051 Product Type: Multiple Domain Solution Conformance Claim: EAL7 Augmented with AVA_CCA.3 PP Identifiers: None CC Testing Lab: COACT Inc. CAFE Laboratory
Maintenance Releases:
PRODUCT DESCRIPTIONThe Interactive Link Data Diode Device (IL-DDD) allows information to flow through the device at Gigabit rates in a single direction from the input to the output. The IL-DDD provides an EAL7-level of assurance that data is passed only from the input port to the output port, and no data or signaling of any kind passes in the opposite direction. Other (non-evaluated) components can be used in combination with the IL-DDD to implement such functionality as email transfer, file transfer and lower classified clipboard information to flow to the higher classified environment and to be pasted into higher classified applications. The IL-DDD data transfer is implemented in hardware at the physical layer of the OSI reference model. It has been implemented using discrete transceivers which have been physically connected such that the low side transceiver can only function as a receiver, and the high side transceiver can only function as a transmitter. This approach has been adopted to minimize the emanation and the TEMPEST security threat. There are no “back channels”, for communication hand shaking, which could be used as a covert channel. Any network protocol could be used to implement the transfer if no hand shaking across the IL-DDD is required. The User Datagram Protocol (UDP) is an example of an acceptable protocol that can accommodate a unidirectional flow of information. The IL-DDD is a trusted platform providing a unidirectional data path from the low side network to the high side network. Key features include:
SECURITY EVALUATION SUMMARYThe evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The TOE represented a change to a previously-evaluated version of this product. An Impact Analysis Report was written by the developer, and the changes were analyzed and tested under appropriate CCEVS processes and procedures. These evaluation activities demonstrated that the Tenix Interactive Link TOE continued to meet the security requirements contained in the original Security Target. The National Security Agency (NSA) determined that the evaluation assurance level (EAL) for the Tenix Interactive Link TOE continued to meet the criteria represented by EAL 7 augmented with AVA_CCA.3. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target. ENVIRONMENTAL STRENGTHSThe Data Diode Device is delivered as ready-to-use hardware units. The Data Diode Device requires no configuration beyond connection of cables to other hardware components in the IT Environment. The IL-DDD is not concerned with the information flowing from its input to its output therefore it does not assess any security attributes of the data. The primary concern is to ensure that the device is installed with the source at the input and the destination at the output. Vendor Information
BAE SYSTEMS DATAGATE (formerly Tenix Datagate) Bob Jones 703-413-6680 703-413-6684 (Fax) interactivelinkus@BAEsystems.com |
![[X]](/assets/images/button_close.gif){kind=small}
![[PDF]](http://www.niap-ccevs.org:443/assets/images/icon_pdf.gif){kind=icon}