{"product_id":10158,"v_id":10158,"product_name":"CA Integrated Threat Management r.8.0.445","certification_status":"Not Certified","certification_date":"2007-06-10T00:06:00Z","tech_type":"AntiVirus","vendor_id":{"name":"CA Technologies","website":"www.ca.com"},"vendor_poc":"William F. Clark","vendor_phone":"703-708-3501","vendor_email":"william.clark@ca.com","assigned_lab":{"cctl_name":"CygnaCom Solutions, Inc"},"product_description":"<p>CA Integrated Threat Management (ITM) is comprised of the eTrust Antivirus r8.0 and eTrust PestPatrol r8.0 products.  eTrust Antivirus (eAV) provides anti-virus protection for devices on an enterprise network.  It detects and eliminates both file and memory based viruses such as worms and trojan horses.  eTrust PestPatrol (ePP) software is a spyware solution for Windows based networks.  It detects and eliminates known viruses and spyware including file based and memory based threats.  Using eAV and ePP together provides both an anti-virus and anti-spyware solution; thus an anti-malware solution.  Additionally CA ITM provides centralized management capabilities for both eAV and ePP through the ITM Console</p>","evaluation_configuration":null,"security_evaluation_summary":"<p>The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. CA Integrated Threat Management r8 was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. CygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies an assurance level of EAL3. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation.  The evaluation was completed in June 2007.</p>","environmental_strengths":"<p>The TOE provides the following evaluated security services:</p>\r\n<ul>\r\n    <li><strong>Security audit</strong> &ndash; ITM provides security auditing capabilities.  The ITM Server audits the discovery information of devices, information malware scans, and information on the scan policies that are created and propagated to the ITM Clients.  The ITM Clients audit the scans that have been run and the actions taken when malware is detected.</li>\r\n    <li><strong>Anti-Malware</strong> &ndash; ITM provides for discovery data collection of the devices on the target network.  The ITM Client invokes scans, detects, and takes action against malware.  Alerts and data reporting are provided by the TOE.</li>\r\n    <li><strong>Identification and authentication</strong> &ndash; ITM provides user identification and authentication through the use of user accounts and passwords for Administrators.  Administrators have to identify and authenticate themselves before being allowed access to the ITM Console.</li>\r\n    <li><strong>Security management</strong> &ndash; ITM provides security management through the use of the ITM Console.  Administrators are able to discover devices, configure and propagate scan policies, and manage access permissions.  Through the enforcement of access permissions, the ability to manage access to TSF data is controlled.</li>\r\n    <li><strong>Partial protection of TSF</strong> &ndash; The ITM Server and client provides partial protection of TSF data. The TOE presents limited access to end users.  It maintains and controls individual sessions for Administrators.</li>\r\n</ul>","features":[]}