{"product_id":10068,"v_id":10068,"product_name":"Promia Intelligent Agent Security Manager, Version 1.2 (IASM)","certification_status":"Not Certified","certification_date":"2006-06-09T00:06:00Z","tech_type":"Enterprise Security Management","vendor_id":{"name":"Promia Incorporated","website":"http://www.promia.com"},"vendor_poc":"David Chizmadia","vendor_phone":"410.694.0322","vendor_email":"sales@promia.com","assigned_lab":{"cctl_name":"DXC.technology"},"product_description":"<p>The IASM TOE is a general-purpose platform for building and deploying security incident management systems (SIMS) that detect and react to security incidents in a specific monitored network. The IASM collects and consolidates operational and security event records from multiple sources, operating at different levels within the TCP/IP protocol stack, within the communications and computing architecture of the monitored system. It then redistributes those events to external Analytic Engines, which create security incidents that are in turn collected and consolidated by the IASM TOE. It also displays the security status of the monitored network to allow effective human intervention when security incidents are detected. Finally, it provides recommended responses to detected security incidents and can use a defined interface to invoke separate software components that automatically implement those responses. The evaluated configuration of the TOE is comprised of the following three distinct components:</p>\r\n<ul>\r\n    <li>The IASM Master Server, which is the core of the IASM product and provides: collection and consolidation of operational and security events; redistribution of those events to one or more external Analytic Engines that are designed to detect security incidents on the monitored network; consolidation and management of security incidents detected by Analytic Engines; and user interfaces that the operations personnel of the monitored network employ to monitor and respond to detected security incidents; </li>\r\n    <li>The IASM Database Server, which implements the IASM TOE security incident management data model and provides scalable persistent storage for information collected or produced by an operational SIMS based on the IASM TOE; </li>\r\n    <li>The IASM Console Server, which provides the human user interfaces for administering and operating the IASM. </li>\r\n</ul>","evaluation_configuration":null,"security_evaluation_summary":"<p>The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the product meets the security requirements contained in the Security Target. The criteria against which the <em>Promia Intelligent Agent Security Manager, Version 1.2 (IASM) </em>was judged as described in the <em>Common Criteria for Information Technology Security Evaluation, Version 2.2</em>. The evaluation methodology used by the evaluation team to conduct the evaluation is the <em>Common Methodology for Information Technology Security Evaluation, Version 2.2</em>. Computer Sciences Corporation determined that the evaluation assurance level (EAL) for the product is EAL 3 Augmented with ALC_FLR.2, and ALC_LCD.1. The product, when configured and installed according to supplied guidance, satisfies all of the security functional requirements stated in the Security Target. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by Computer Sciences Corporation. The evaluation was completed in April 2006. Results of the evaluation can be found in the <em>Evaluation Technical Report for a Target of Evaluation for Promia Intelligent Agent Security Manager, Version 1.2 (IASM) </em>prepared by Computer Sciences Corporation.</p>","environmental_strengths":"<p>The TOE provides the following security features: </p>\r\n<ul>\r\n    <li><strong>Protected External Communications</strong>, which provides the core capability for ensuring that the IASM TOE only communicates with the external entities that it intends and expects to communicate with; </li>\r\n    <li><strong>Protection of Security Functions</strong>, which provides the common self-protection capabilities upon which the implementations of the other security functions rely; </li>\r\n    <li><strong>Security Functions Management</strong>, which provides the interface through which an IASM Administrator establishes, monitors, and manages the security and operational configuration of the IASM; </li>\r\n    <li><strong>User Identification &amp; Authentication</strong>, which provides the identification, authentication, and authentication secret (i.e., password) generation capabilities that provide a substantial proportion of the technical and operational assurance in the security of the TOE; </li>\r\n    <li><strong>Security Information Consolidation</strong>, which both accepts, normalizes, stores, and redistributes (to analytic software components) operational and security events from devices on the monitored network and allows analytic software components to create, modify, and store security incidents in the IASM TOE SIM repository; </li>\r\n    <li><strong>Security Incident Management</strong>, which provides the operational interface by which IASM Operators are alerted to newly detected or changed security incidents and provided with the tools to review and react to the incidents. The IASM_SIM subsystem also provides the related interfaces with which the IASM Analysts and IASM Reporters can accomplish their jobs. </li>\r\n</ul>","features":[]}