{"product_id":10195,"v_id":10195,"product_name":"AirTight Networks SpectraGuard Enterprise V 5.0 and SpectraGuard SAFE Enterprise Edition V 2.0","certification_status":"Not Certified","certification_date":"2007-06-08T00:06:00Z","tech_type":"Wireless LAN, Wireless Monitoring","vendor_id":{"name":"AirTight Networks, Inc.","website":"http://www.airtightnetworks.com"},"vendor_poc":"Dr. Hemant Chaskar, Director of Technology","vendor_phone":"650-961-1111 ext.228","vendor_email":"hemant.chaskar@airtightnetworks.com","assigned_lab":{"cctl_name":"CygnaCom Solutions, Inc"},"product_description":"<p>The SpectraGuard solutions from AirTight Networks are comprehensive Wi-Fi Firewalls that can protect enterprise networks against over-the-air attacks from WLANs. The SpectraGuard Wi-Fi Firewall solutions comprise AirTight Networks SpectraGuard Enterprise [v 5.0] and SpectraGuard SAFE Enterprise Edition [v 2.0]</p>\r\n<ul type=\"disc\">\r\n    <li>SpectraGuard Enterprise is a wireless intrusion detection and prevention solution consisting of a Server and wireless Sensor devices, which continuously scan the airwaves and provide automatic protection against any unauthorized Wi-Fi activities.</li>\r\n    <li>SpectraGuard SAFE Enterprise Edition (Security Agent For Endpoints) provides wireless security for mobile users.  It monitors and prevents wireless threats and misconfigurations that may pose a security threat to the data on the mobile computer.</li>\r\n    <li>SpectraGuard SAFE Enterprise Edition Server Edition integrates with SpectraGuard Enterprise. It allows all the SpectraGuard SAFE Enterprise Edition users to be managed centrally on the SpectraGuard Enterprise Server.</li>\r\n</ul>\r\n<p>These solutions provide comprehensive prevention for all types of threats, across all bands and (allowed) channels. The products can be configured to block threats automatically and a single sensor is capable of blocking multiple threats.</p>","evaluation_configuration":null,"security_evaluation_summary":"<p>The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. AirTight Networks SpectraGuard Enterprise [v 5.0] and SpectraGuard SAFE Enterprise Edition [v 2.0] were evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. CygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies an assurance level of EAL2. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation.  The evaluation was completed in February 2007.</p>","environmental_strengths":"<p>The TOE provides the following evaluated security services:</p>\r\n<ul>\r\n    <li>Security audit &ndash; The Enterprise Server and SAFE components generate audit records for the actions on the Enterprise Server and SAFE components as well as for the events monitored by the Enterprise Server and SAFE respectively. From each of the Enterprise Server and SAFE component&rsquo;s Management Console, an authorized administrator can read the audit data generated by the Enterprise Server and SAFE component respectively. The audit and event audit data records are provided in tabularized text suitable for the user to interpret the information.  Additionally, SpectraGuard Enterprise (SGE) provides a capability for authorized administrators to review the reports of SpectraGuard SAFE Enterprise Edition Clients registered with the SpectraGuard Enterprise Server through the SGE server&rsquo;s Management Console.</li>\r\n    <li>Information Flow Control &ndash; The TOE enforces information flow control policy by granting or denying access to the protected network based upon the information flow policy defined by an authorized administrator.</li>\r\n    <li>Identification and authentication &ndash; The SpectraGuard Server requires that administrators be properly identified and authenticated prior to performing any administrative tasks on the system. SpectraGuard SAFE Enterprise Edition relies on the underlying OS for identification and authentication</li>\r\n    <li>Security management &ndash; The SpectraGuard Server provides a web-based interface to manage the configuration of the server. SpectraGuard SAFE Enterprise Edition users are managed centrally on the SpectraGuard Enterprise Server through the web-based interface. Authorized Administrators are able to create, modify, and view the Information flow security policy rules and manage the TOE.</li>\r\n    <li>Partial protection of TSF &ndash; The SpectraGuard Server protects its programs and data from unauthorized access through its own interfaces.  The TSF ensures that all information that flows through it must flow through the policy enforcement mechanisms.</li>\r\n</ul>","features":[]}