{"product_id":10128,"v_id":10128,"product_name":"Check Point Integrity Agent, version 6.5.063.145","certification_status":"Not Certified","certification_date":"2007-01-11T00:01:00Z","tech_type":"Firewall","vendor_id":{"name":"Check Point Software Technologies Ltd.","website":"https://www.checkpoint.com"},"vendor_poc":"David Ambrose, Malcolm Levy","vendor_phone":"703-628-2935; +972 37534561","vendor_email":"product_certifications@checkpoint.com ","assigned_lab":{"cctl_name":"Leidos Common Criteria Testing Laboratory"},"product_description":"<p>The Target of Evaluation (TOE) is Check Point Integrity Agent, version 6.5.063.145.</p>\r\n<p>The TOE is a personal workstation protection application. It is designed to be installed on a workstation and to protect that workstation primarily by mediating network communications and by scanning the workstation for Spyware signatures. It can mediate network traffic based on network IPv4 addresses, protocols, and ports as well as instant message (IM) contents for supported IM services or protocols. It can scan the host workstation files and registry for Spyware identifiable by a set of known signatures. Once Spyware is detected, the TOE will delete it so that any potential damage can be limited.</p>","evaluation_configuration":null,"security_evaluation_summary":"<p>The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Check Point Integrity Agent TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is EAL 4 augmented with ALC_FLR.2 family of assurance requirements. The product, when configured as specified in the Integrity Client Management Guide; Deploying and Managing Integrity Flex and Integrity Agent and User Guide for Integrity Client Software, Version 6.5, satisfies all of the security functional requirements stated in the Check Point Integrity Agent 6.5 Security Target, Issue 1.0, 31 December 2006. The supported platforms in this evaluation are Microsoft Windows 2000 Professional and Microsoft Windows XP. One Validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in December 2006. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, (report number CCEVS-VR-07-0002, dated 24 January 2007) prepared by CCEVS.</p>","environmental_strengths":"<p>The Integrity Agent TOE mediates network traffic between applications (running in the context of the same workstation in the IT environment) and users and other external IT entities (e.g., computers) in the IT environment accessible via attached network interfaces. Integrity Agent supports the following five security functions:</p>\r\n<p><strong>Security Audit:</strong></p>\r\n<p>The TOE generates audit records for exceptions encountered while performing Spyware Mitigation and while enforcing the Personal Firewall Policy rules. The resulting audit log is sent to an authenticated Integrity Server <a href=\"http://www.niap-ccevs.org/cc-scheme/st/ST_VID10128.cfm#footnote1\"><sup>1</sup></a>. Note that the audit log is stored within the hosting workstation, but the events are generated and forwarded to the Integrity Server by the TOE.</p>\r\n<p><strong>User Data Protection (Personal Firewall):</strong> </p>\r\n<p>The TOE implements rules representing a Personal Firewall Policy that can mediate: packets flowing to and from external networks; connections attempted by internal processes to interact with the attached network(s); IM messages based on IM service (or protocol) and content.</p>\r\n<p><strong>Identification and Authentication:</strong></p>\r\n<p>The TOE requires that remote users (i.e., an Integrity server) must be properly identified and authenticated before they can perform TOE operations (e.g., to configure new rules). This is accomplished using SSL-based authentication. The Integrity client and server products support SSL for this purpose and in the evaluated configuration this feature is enabled. Note that the applicable SSL credentials must be configured so that an Integrity client can authenticate the appropriate, corresponding Integrity server. Once SSL-based authentication has occurred, the TOE uses a proprietary encryption scheme to ensure that subsequent communications are appropriately protected.</p>\r\n<p><strong>Security Management:</strong></p>\r\n<p>The TOE offers functions suitable to allow the TOE security functions to be configured and managed appropriately. The ability to configure the TOE in any manner is limited to authorized users. The notion of authorized users includes both local users (i.e., <em>any</em> user on the same workstation as the TOE) operating on the hosting workstation and remote users (i.e., Integrity server) that have been identified and authenticated by the TOE.</p>\r\n<p><strong>Spyware Mitigation (EXP):</strong></p>\r\n<p>The TOE has the ability to scan the hosting workstation for the presence of known Spyware signatures. Any Spyware that is identified is reported in the audit log and can also be deleted to limit potential future damage.</p>","features":[]}