Radware provides Intelligent Application Switching (IAS) products that provide high-speed hardware switching with software security services across layers 3-7. SynApps is a software module included in Radware IAS appliances that provides the following security functions:
\r\nThe SynApps software module is identical in all Radware products.
\r\nThe CLI provides Security Management of security attributes and data. The SynApps software module and the CLI together constitute the TOE. The Policy definition file is the interface of the CLI and the SynApps module, and is also included in the TOE. The Radware appliance and operating system, which is in the IT environment, provides additional functionality that allows administrators to be identified and authenticated, provides tools for configuring the TOE and provides reliable time stamps in support of the TOE. IAS products produced by Radware that were included in the evaluation are as follows:
The evaluated configuration includes a management station where the TOE’s administrative interface (CLI) is installed. TOE configuration excludes the remote administration authentication functionality, and there is no claim of satisfying a security functional requirement relating to I&A. The only means of Administrator authentication that is compatible with the TOE is through the connected console port. Hence, to authenticate as an administrator, a user must have physical access to the TOE and posses a valid user identifier and authenticator.
\r\nThe evaluated configuration also includes a web server station and an audit station. For the purposes the Common Criteria evaluation, Web Server Director Application Switch II (version WSD v8.21.04) and DefensePro Application Switch III (version DP v1.32.11) were tested.
\r\nThe tested configuration did not include any enabled hardware accelerators or high bandwidth fiber connections.
","security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. The TOE, Radware APSolute OS Version 1.0 (SynApps module version 3.402151), was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 2.2. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.2. CygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies an assurance level of EAL3. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed in February 2006.","environmental_strengths":"The Radware APSolute OS Version 1.0 TOE consists of the SynApps module and the Command Line Interface (CLI). The SynApps module consists of a single subsystem, which performs audit and policy enforcement. Audit functions include generating alarms, generating audit records for specific events defined by the Administrator, and potential violation analysis. Policy enforcement functions include information flow control and security management. The policy enforcement functions require support from the Radware Appliance Software Application for policy configuration by the administrator. The CLI supports the Administrator in setting filters, filter groups, and policies.
\r\n","features":[]}