The TOE is a VPN Appliance that enables secure network access to remote Users. The FirePass Appliance provides SSL network access to corporate applications, intranet resources and file servers.
\r\nThe FirePass appliance supports simultaneous direct layer 3 connections to network resources utilizing Network Access mode and layer 7 (clientless) connections utilizing Web Applications (Portal) mode. Detailed connection rules evaluate client resources and determine access permitted through a series of endpoint security checks during session startup.
\r\nNetwork Access Mode allows remote layer 3 access to corporate network resources through a VPN tunnel established using Point to Point (PPP) over SSL techniques. Network Access Mode sessions are established through a browser in conjunction with plug-in modules which are downloaded during the initial session. A series of configurable endpoint security checks may be executed on the external VPN client workstation prior to and during Network Access mode sessions, to assure required security settings are in place.
\r\nWeb Applications Mode allows for SSL secured access to corporate web portals and intranet applications especially suited for access from public (untrusted) resources. This connection mode features clientless layer 7 access to corporate web applications using only a supported browser. The FirePass appliance evaluates client machine security status during startup to ascertain if minimum security provisions are in place based on Administrator configured connection rules.
","evaluation_configuration":"The TOE evaluated configuration includes a network appliance (hardware and software) and client plug-ins (software) for the Network Access Mode capability. The Common Criteria evaluated configuration requires that the TOE be installed in a high availability pair (qty 2) configuration.
","security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. The TOE was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 2.2. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.2.
\r\n
\r\nInfoGard Laboratories has determined that the product meets the security criteria in the Security Target, which specifies an assurance level of EAL 2 augmented by ALC_FLR.1 and ADV_SPM.1. A team of Validators, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed in September 2007.
The F5 FirePass 4100 is a Virtual Private Networking (VPN) appliance that supports secure VPN sessions to corporate resources requiring only a browser. FirePass implement these features through the following security functions: Security Audit, Identification and Authentication, Endpoint Security, Network Access Mode, Web Applications Mode Access, Policy Based Resource Management, Security Management, Secure Communications and TOE protection.
","features":[]}