Validated Product - McAfee VirusScan Enterprise v8.8 and ePolicy Orchestrator v4.5Certificate Date: 17 October 2011 Validation Report Number: CCEVS-VR-VID10421-2011 Product Type: AntiVirus Conformance Claim: EAL2 Augmented with ALC_FLR.2 PP Identifier: U.S. Government Protection Profile Anti-Virus Applications for Workstations in Basic Robustness Environments Version 1.2 CC Testing Lab: COACT Inc. CAFE Laboratory
PRODUCT DESCRIPTIONMcAfee VirusScan Enterprise 8.8 (VSE) and ePolicy Orchestrator 4.5 (ePO) is a software package designed to protect Microsoft Windows-based desktop and server computers from viruses, worms, Trojans, as well as unwanted code and programs. VSE can be configured to scan local and network drives, as well as Microsoft Outlook and Lotus Notes email messages and attachments. It is possible to configure VSE to respond to infections and malicious code that it finds by identifying the intrusive entities, removing them, and reporting on them. The management capabilities for VSE are provided by ePO. ePO manages McAfee Agents and VSE software that reside on client systems. By using ePO you can manage a large enterprise network from a centralized system. ePO also provides scheduling capabilities to distribute updated VSE security policies and maintains audit files. Communication between the distributed components of the TOE is protected from disclosure and modification by cryptographic functionality provided by the operational environment. SECURITY EVALUATION SUMMARYThe evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the McAfee VirusScan Enterprise 8.8 and ePolicy Orchestrator 4.5 meets the security requirements contained in the Security Target. The criteria against which the McAfee VirusScan Enterprise 8.8 and ePolicy Orchestrator 4.5 Common Criteria Security Target, Version 1.3 was judged is described in the Common Criteria for Information Technology Security Evaluation, Version 3.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1. The COACT, Inc. CAFE Lab determined that the evaluation assurance level (EAL) for the McAfee VirusScan Enterprise 8.8 and ePolicy Orchestrator 4.5 Common Criteria Security Target, Version 1.3 is EAL 2 + ALC_FLR.2. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target. A Validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by the COACT, Inc. CAFE Lab. The evaluation was completed in August 2011. Results of the evaluation and associated validation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report. The TOE’s Security Functions are: A) Audit – The OnAccess Scan Log provides audit viewing capabilities on the client for that system. Audit information is concurrently generated for transmission to the ePO management databases. Audit logs for all clients can be reviewed from the ePO console. B) Cryptographic Operation – VirusScan anti-virus packages are distributed to the workstation with a SHA-1 hash value used to verify the integrity of the package. C) Management – ePO enables the Central Administrator to centrally manage virus scan settings on workstations, configure and manage the actions the virus scan component takes when detection of an infection occurs, and manage the audit logs. D) Virus Scanning and Alerts – VSE provides the following functionality related to virus scanning and alerts:
|
![[X]](/assets/images/button_close.gif){kind=small}
![[PDF]](http://www.niap-ccevs.org:80/assets/images/icon_pdf.gif){kind=icon}
