NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - IBM QRadar Security Intelligence Platform, version 7.3.2

Certificate Date:  2020.01.21

Validation Report Number:  CCEVS-VR-VID11027-2020

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 2.1

CC Testing Lab:  Gossamer Security Solutions


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]


Product Description

The Target of Evaluation (TOE) is QRadar Security Intelligence Platform version 7.3.2. 

IBM Security QRadar Security Intelligence Platform is also known as the IBM QRadar Security Information and Event Management (SIEM). The QRadar SIEM is a network device intended to detect potential threats through the review of audit and event data collected from network sources. The TOE is the QRadar SIEM. The TOE is administered either locally or remotely. The QRadar product consolidates log source event data from thousands of devices endpoints and applications distributed throughout a network.


Evaluated Configuration

The evaluated product is a single All-in-one device running QRadar SIEM 7.3.2 w/ QFlow enabled.  The All-in-One device is a self-contained appliance running the QRadar SIEM in a Red Hat RHEL 7.5 environment.  The appliance makes only those interfaces offered by QRadar available.

The IBM All-In-One:  Dell 3128C, model utilizes an x86 64-bit CPU architecture, with 4 network interface cards, and varying amounts of memory.


Security Evaluation Summary

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance.  The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 5, April 2017.  The product, when delivered and configured as identified in IBM QRadar Common Criteria for NIAP, Version 7.3.2, Revision 1.4 document, satisfies all of the security functional requirements stated in the QRadar Security Intelligence Platform (NDcPP21) Security Target, Version 0.7, 01/15/2020.  The project underwent CCEVS Validator review.  The evaluation was completed in January 2020.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.


Environmental Strengths

The logical boundaries of the TOE are realized in the security functions that it implements. Each of these security functions is summarized below.


Vendor Information


IBM
Brian Coache
774-249-8123
bcoache@us.ibm.com

www.ibm.com
Site Map              Contact Us              Home