{"product_id":10211,"v_id":10211,"product_name":"McAfee Email Gateway (IronMail) 6.7HF2 (formerly Secure Mail (IronMail) Software Version 6.7HF2)","certification_status":"Not Certified","certification_date":"2008-04-29T00:04:00Z","tech_type":"Secure Messaging","vendor_id":{"name":"McAfee, LLC","website":"www.mcafee.com"},"vendor_poc":"Dwight Colby","vendor_phone":"651-628-1571","vendor_email":"dwight_colby@mcafee.com","assigned_lab":{"cctl_name":"Leidos Common Criteria Testing Laboratory"},"product_description":"<p>Secure Mail (IronMail) Software Version 6.7HF2 is used to provide a secure email connection between an enterprise network and a public network such as the internet.&nbsp; Secure Mail allows an organization to define a complex mail policy to protect itself against a wide variety of known and unknown emerging threats.&nbsp; Secure Mail resides in an all-inclusive device positioned at the network gateway in front of the customer's existing email server and is used to:&nbsp;</p>\r\n<ul>\r\n    <li>Protect: against spam, phishing, directory harvest (DHA), denial of service (DoS) and bounceback attacks; or hackers trying to take down or take over the email system</li>\r\n    <li>Enforce: data leakage prevention of customer and corporate assets like credit card numbers, intellectual property, source code, patents, financial information, patient information, customer lists, etc.</li>\r\n    <li>Encrypt: communication to all mail servers and mail clients, provided by the Secure Mail appliance in the IT Environment.</li>\r\n</ul>\r\n<p><br />\r\nSecure Mail processes incoming messages through a number of filtering queues, which examine the content, envelope, encryption status, and attachments for compliance against relevant organizational policies.&nbsp; Depending upon the policy, Secure Mail will deliver, drop, reroute, modify or quarantine the filtered messages.&nbsp;&nbsp;&nbsp;</p>\r\n<p><br />\r\nSecure Mail (IronMail) software is available for delivery on a complete line of gateway appliance models which are sized to meet the needs of all organizations from small businesses to large enterprises.&nbsp; These appliances include a hardened operating system and are conveniently managed using a secure HTTPS connection from a web browser.&nbsp;</p>\r\n<p>&nbsp;</p>","evaluation_configuration":"<p>Software Identification:<br />\r\n&nbsp;&nbsp;&nbsp;&nbsp; Secure Mail (IronMail) Software Version 6.7HF2<br />\r\n&nbsp;&nbsp;&nbsp;&nbsp; MySQL server version 4.1.21<br />\r\nHenceforth, the above referenced software is referred to as the TOE.</p>\r\n<p>TOE Environment:&nbsp;<br />\r\n&nbsp;&nbsp;&nbsp;&nbsp; Operating System:<br />\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; FreeBSD version 6.2<br />\r\n&nbsp;&nbsp;&nbsp;&nbsp; Tested on Appliances:<br />\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; E-2200 <br />\r\n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; E-5200</p>","security_evaluation_summary":"<p>The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the&nbsp;&nbsp; TOE meets the security requirements contained in the Security Target.&nbsp; The criteria against which the&nbsp;&nbsp; TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3.&nbsp; Science Application International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the TOE is EAL 2 augmented with ALC_FLR.2.&nbsp; The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target.&nbsp; Several validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC.&nbsp; The evaluation was completed in February 2008.&nbsp; Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report for Secure Computing IronMail&reg; Email Security Gateway v6.7 HF2 prepared by CCEVS.</p>","environmental_strengths":"<p>The TOE is a software product that is physically contained within a computer having limited physical interfaces.&nbsp; The computer is configured as a special purpose device or appliance, intended solely to serve as a host for the TOE software.<br />\r\n&nbsp; <br />\r\nThe logical relationship between the TOE and the various network components is depicted in Figure 2. The TOE is logically positioned at the network gateway between the firewall and the mail servers. Every email that enters the internal network first passes through the TOE. Similarly, only the TOE can deliver outgoing messages.</p>\r\n<p>The IT environment is configured such that the TOE is the only entry point for all incoming email messages (destined to internal network) to the mail servers.&nbsp; Similarly, the TOE is the only exit point for all outgoing email messages (destined to external network).</p>\r\n<p>The TOE runs over a hardened operating system and includes a MySQL database that ensures high integrity and speed. The database provides a storage and retrieval mechanism for configuration information, message meta data and statistical data for reporting purposes.</p>\r\n<p>Administrators connect to the IronMail&reg; appliance using an HTTPS secured connection from a web browser in order to maintain and monitor the TOE's operation. Authentication services are provided by the TOE.<br />\r\n&nbsp;</p>","features":[]}