PRODUCT DESCRIPTION:
SunScreen EFS 3.0 Revision B Routing Mode is a packet filter
and application proxy firewall that makes network based access
control decisions. SunScreen consists of a rules-based, dynamic
packet-filtering engine for network access control, and four
application proxies: FTP, HTTP, SMTP and Telnet.
SunScreen EFS is administered through a graphical user interface
via a secure Web browser connection. SKIP encryption is used
to protect remote administration sessions.
SunScreen also offers high availability (HA) configurations.
HA provides fault tolerance by maintaining multiple firewalls
that are watching the same network traffic. If the active
firewall has a hardware failure, a passive firewall can become
the active firewall.
SunScreen EFS provides flexible logging of packets based
upon configured parameters. Packets may be logged if they
do or do not match a particular rule. For any given program
component, the level of logging can be specified. The value
of the log size and information to be recorded in the administrative
log files is established during the setup of SunScreen EFS.
EVALUATION SUMMARY:
The security protection provided by the SunScreen EFS 3.0
Revision B Routing Mode Firewall, when configured according
to the SunScreen EFS 3.0 Revision B Installation Guide
has been evaluated by Arca Systems. The security features
of the SunScreen EFS 3.0 Revision B Routing Mode Firewall
have been examined against the Security Target (SunScreen
EFS 3.0 Revision B Routing Mode Security Target). The evaluation
was performed using the Common Criteria 2.1: ISO 15048
and the Common Evaluation Methodology 1.0.
The Arca Systems evaluation team has determined the SunScreen
EFS 3.0 Revision B Routing Mode Firewall Security Target
satisfies all the specified requirements of the CC ASE criteria.
The Arca Systems evaluation team has determined the SunScreen
EFS 3.0 Revision B Routing Mode Firewall satisfies all the
specified requirements of the criteria at EAL2. For a complete
description of how the SunScreen EFS 3.0 Revision B Routing
Mode Firewall satisfies each requirement of the Criteria,
see SunScreen EFS 3.0 Revision B Routing Mode EVALUATION
TECHNICAL REPORT Issue: Doc. Ref.: TTAP-FER-0013 -TOE Reference
24 July 2000.
A system that has been evaluated at Evaluation Assurance
Level (EAL) 2 provides a low to moderate level of independently
assured security. The security functions are analyzed using
a functional specification, guidance documentation, and the
high-level design of the TOE to understand the security behavior.
The analysis is supported by independent testing of a subset
of the TOE security functions, evidence of developer testing
based on the functional specification, selective confirmation
of the developer test results, analysis of strength of functions,
and evidence of a developer search for obvious vulnerabilities.
Further assurance is gained through a configuration list
for the TOE and evidence of secure delivery procedures.
ENVIRONMENTAL STRENGTHS
The SunScreen firewall acts as a boundary between an external
and internal network. The firewall provides identification/authentication,
network access policy, audit of firewall events, secure
remote administration and high availability.
|
![[X]](/assets/images/button_close.gif){kind=small}
