{"product_id":10137,"v_id":10137,"product_name":"Check Point IPSO 4.2 Build 051c05 (formerly Nokia) with Check Point VPN-1 Power/UTM NGX R65 HFA 30 running on the following platforms: IP150, IP260, IP290, IP390, IP560, IP690, IP1220, IP1260, IP1280 and IP2450","certification_status":"Not Certified","certification_date":"2009-03-25T00:03:00Z","tech_type":"Firewall, Virtual Private Network, Wireless Monitoring","vendor_id":{"name":"Check Point Software Technologies Ltd.","website":"https://www.checkpoint.com"},"vendor_poc":"David Ambrose, Malcolm Levy","vendor_phone":"703-628-2935; +972 37534561","vendor_email":"product_certifications@checkpoint.com","assigned_lab":{"cctl_name":"Leidos Common Criteria Testing Laboratory"},"product_description":"<p>The TOE is one or more network boundary devices managed remotely by a management server, using management GUI interfaces. The product provides controlled connectivity between two or more network environments. It mediates information flows between clients and servers located on internal and external networks governed by the firewalls.</p>\r\n<p>The claimed security functionality described in the Security Target is a subset of the product's full functionality. The evaluated configuration is a subset of the possible configurations of the product, established according to the evaluated configuration guidance.</p>\r\n<p>The security functionality within the scope of the evaluation included information flow control using stateful inspection and application proxies, IKE/IPSec Virtual Private Networking (VPN) and SSL VPN in both gateway to gateway and Remote Access configurations, Intrusion Detection and Prevention (IDS/IPS). Additionally, the TOE provides auditing and centralized management functionality.</p>","evaluation_configuration":"<p><strong>Nokia IPSO 4.2 Build 051c05 with Check Point VPN-1 Power/UTM NGX R65 HFA 30</strong></p>\r\n<p><strong>Hardware/Operating System Identification:</strong></p>\r\n<p>The TOE consists of the Nokia IPSO 4.2 operating system running Check Point VPN-1 Power/UTM security policy enforcement software, on any of the hardware platforms listed in Section listed in Section 2.3.2 of the Security Target (TOE Hardware Platforms).</p>\r\n<p>TOE management software is always installed on a separate platform running the Check Point SecurePlatform operating system, selected from the list given in Appendix A of the Security Target. The platform selected for this purpose is not used for TOE identification.</p>\r\n<p>TOE software also includes a Management GUI product (SmartConsole) that is installed on a standard PC (outside the TOE) running a Microsoft Windows operating system. The evaluated version is: SmartConsole NGX R65 with HFA 01.</p>\r\n<p><strong>Support Program Identification: Enterprise Software Subscription</strong></p>\r\n<p>Enterprise Software Subscription is required for receiving software upgrades, as part of Check Point&rsquo;s flaw remediation procedures. Note that Enterprise Software Subscription is a prerequisite to purchasing all Check Point Enterprise Support Programs</p>","security_evaluation_summary":"<p>The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the TOE<em> </em>meets the security requirements contained in the Security Target. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.2. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.2. Science Application International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the TOE is EAL 4 augmented with ALC_FLR.3. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target. Several validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in February 2009. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report<em> for </em>Nokia Firewall/VPN Appliances with Check Point VPN-1 R65 with HFA 30 prepared by CCEVS.</p>","environmental_strengths":"<p>Nokia IPSO 4.2 Build 051c05 with Check Point VPN-1 Power/UTM NGX R65 HFA 30 is a commercial network perimeter device that provides information flow control, security management, Protection of the TSF, cryptographic functionality, audit security functions, and explicit intrusion detection functionality. Nokia IPSO 4.2 Build 051c05 with Check Point VPN-1 Power/UTM NGX R65 HFA 30provides a level of protection that is appropriate for IT environments that require that information flows be controlled and restricted among network nodes where the Check Point components can be appropriately protected from physical attacks</p>","features":[]}