NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - SailPoint IdentityIQ File Access Manager Version 8.1

Certificate Date:  2020.12.08

Validation Report Number:  CCEVS-VR-VID11116-2020

Product Type:    Application Software

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for Application Software Version 1.3

CC Testing Lab:  Booz Allen Hamilton Common Criteria Testing Laboratory

CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Product Description

The SailPoint IdentityIQ File Access Manager (FAM) version 8.1 (“IdentityIQ FAM”) application’s primary functionality is to allow its users to review and manage the governed data created by IdentityIQ FAM for the monitoring of enterprise data stored on one or more managed resources. The governed data allows IdentityIQ FAM users to identify and classify data, understand on which managed resources within the network the data is stored, and understand which enterprise users have access to the data.

Evaluated Configuration

In the evaluated configuration, the Target of Evaluation (TOE) is the SailPoint IdentityIQ File Access Manager (FAM) 8.1 (“IdentityIQ FAM”) application is installed on a Windows Server 2019 and through APIs the TOE utilizes several functions of the operating system to perform its operations. The TOE relies on .NET Framework to function and Internet Information Services (IIS) to host its GUI web pages.  The administrative interfaces include a local Fat Client for local access and a web GUI for remote access. The TOE is configured to securely communicate with the following external IT entities: LDAP Server, SQL Database, and Windows File Server(s).    

SailPoint IdentityIQ FAM 8.1 is a software-only TOE and therefore its physical boundary is its software. The TOE does not include the hardware or operating system of the system on which it is installed. It also does not include the third party software which is required for the TOE to run. The following table lists the components that are required for the TOE’s use in the evaluated configuration. These Operational Environment components are expected to be patched to include the latest security fixes for each component.

OE Component


Host Platform

Microsoft Windows Server 2019 Datacenter (1809)

Host Platform OS Type

(includes: IIS, .NET, and SMB services)

Host Server’s Processor


SQL Database

Intel Xeon Gold 6230 (Cascade Lake)

LDAP Server

SQL Server 2016

IdentityIQ FAM’s primary functionality of monitoring enterprise data was not evaluated, except where the product’s functionality relates to the Security Functional Requirements (SFRs) included within the scope of the evaluation.

Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. SailPoint IdentityIQ File Access Manager 8.1 was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 3.1 Revision 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 Revision 5. The product, when installed and configured per the instructions provided in the preparative guidance, satisfies all of the security functional requirements stated in the SailPoint IdentityIQ File Access Manager 8.1 Security Target Version 1.10, November 30, 2020. The evaluation underwent CCEVS Validator review. The evaluation was completed in December 2020. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, CCEVS-VR-VID11116 -2020 prepared by CCEVS.

Environmental Strengths

Cryptographic Support

The TOE invokes the Windows platform’s cryptographic services to secure data in transit communication. Due to this, the TOE does not directly invoke any DRBG functionality nor does the TOE perform generation of asymmetric cryptographic keys. The TOE also uses the Windows platform’s Data Protection API to store the credentials for accessing the SQL database.

User Data Protection

The TOE relies on the Windows platform to handle the following network connections, to include all of their cryptographic operations:

  • respond to TLS connection requests from an Activity Monitor to receive managed resource data,
  • initiate a TLS connection to an LDAP server to perform authentication requests and query enterprise user account information, and
  • initiate a TLS connection to read and write TOE configuration data and governed data to the SQL database.

Security Management

The administrator that installs the TOE will set the initial credentials for accessing the TOE and will also be assigned the owner permissions for the TOE’s software by the Windows platform. Due to the Windows platform’s access permissions and the TOE’s install directory being C:\Program Files, the TOE’s binaries and data files are protected from unprivileged modification. The TOE’s administrators are able to configure the TOE and perform tasks via the TOE’s GUI and fat client. All TOE configuration options are stored in the remote SQL database.


The TOE ensures the privacy of its administrators and users by not providing any ability to collect or transmit personally identifiable information (PII) over the network.

Protection of the TSF

The TOE relies on the Windows platform to request memory and will not request an explicit memory address. The TOE does not allocate any memory region with both write and execute permissions. As a .NET framework application, the TOE has stack-based buffer overflow protections. The TOE uses a number of Windows platform APIs and third party libraries as part of its operation.

Administrators can verify the TOE’s version by checking any of the TOE’s binary files or by authenticating to the fat client. The TOE automatically checks its software version against the latest available software version provided by SailPoint. TOE software, including patch updates, is signed with a DigiCert certificate. Administrators can initiate the software update process through the fat client. The TOE’s uninstallation process results in the deletion of all traces of the application, with the exception of configuration settings, output files, and audit/log events.

Trusted Path/Channels

The TOE invokes the Windows platform to encrypt all data-in-transit communications between itself and another trusted IT product. The trusted IT products, encryption protocols used, and the purpose of the connection have been described under the “User Data Protection” section above.

Vendor Information

SailPoint Technologies
Dan Martillotti
Site Map              Contact Us              Home