{"product_id":10270,"v_id":10270,"product_name":"StillSecure Safe Access V5.0","certification_status":"Not Certified","certification_date":"2007-10-04T00:10:00Z","tech_type":"Network Access Control","vendor_id":{"name":"StillSecure, Inc.","website":"http://www.stillsecure.com"},"vendor_poc":"James Brown","vendor_phone":"303.381.3881","vendor_email":"jbrown@stillsecure.com","assigned_lab":{"cctl_name":"CygnaCom Solutions, Inc"},"product_description":"<p>This Security Target (ST) defines the Information Technology (IT) security requirements for StillSecure Safe Access V5.0.  StillSecure Safe Access is a flexible Network Access Control (NAC) solution that provides three methods of endpoint compliance testing and three methods of NAC policy enforcement.  Safe Access enforces compliance with the NAC security policy by matching endpoint attributes against an administrator configured NAC security policy. If an endpoint fails to meet the NAC security policy requirements the endpoint is quarantined to a specific portion of the network.  This ensures that potentially damaging applications such as peer-to-peer or spyware software and the latest worms and viruses cannot take root inside a protected network.</p>","evaluation_configuration":"<h4><u><strong>Multiple-server installation:</strong></u></h4>\r\n<p><b>MS installation</b></p>\r\n<ul>\r\n    <li>One server-class network  interface card (NIC) and</li>\r\n</ul>\r\n<p>and</p>\r\n<p><b>ES installation</b></p>\r\n<ul>\r\n    <li>DHCP &ndash; Two server-class network interface cards (NICs)</li>\r\n    <li>Inline &ndash; Two server-class network interface cards (NICs)</li>\r\n    <li>802.1x-enabled installation one server-class network interface cards</li>\r\n</ul>\r\n<p><strong>Single-server installation</strong></p>\r\n<ul>\r\n    <li>Two server-class network interface cards (NICs)</li>\r\n</ul>\r\n<p>CD-ROM drive An Internet connection or a web Proxy server that allows outbound HTTPS communications from the MS.</p>\r\n<p>&nbsp;</p>\r\n<h4>Workstation</h4>\r\n<p>A workstation running one of the following browsers with 128-bit encryption:</p>\r\n<p><strong>Windows</strong></p>\r\n<ul>\r\n    <li>Mozilla version 1.7</li>\r\n    <li>Mozilla Firefox version 1.5</li>\r\n    <li>Internet Explorer 6.0</li>\r\n</ul>\r\n<p><strong>Linux</strong></p>\r\n<ul>\r\n    <li>Mozilla version 1.7</li>\r\n    <li>Mozilla Firefox version 1.5</li>\r\n</ul>\r\n<p>&nbsp;</p>\r\n<h4><u>Network Protocols</u></h4>\r\n<ul>\r\n    <li>TCP/IP installed and configured.</li>\r\n    <li>Windows file and print sharing enabled for agentless testing.</li>\r\n</ul>\r\n<p>&nbsp;</p>","security_evaluation_summary":"<p>The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. StillSecure Safe Access was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. CygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies an assurance level of EAL2. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation.  The evaluation was completed in August 2007.</p>","environmental_strengths":"<p>The logical boundary of the TOE will be broken down into the following security class features which are further described in sections 5 and 6 of the ST.  StillSecure Safe Access provides the following security features:</p>\r\n<ul>\r\n    <li><strong>Security audit</strong>&ndash; StillSecure Safe Access provides its own internal auditing capabilities separate from those of the Operating System.  StillSecure Safe Access provides the ability to search and view its own audit records.</li>\r\n    <li><strong>Network Access Control</strong>&ndash; StillSecure Safe Access provides user data protection by enforcing, default or administrator defined NAC policy on endpoints accessing the protected network.  StillSecure Safe Access tests all endpoints for compliance and grants or denies access to the protected network based on test results.</li>\r\n    <li><strong>Identification and authentication </strong>&ndash; StillSecure Safe Access provides TOE user identification and authentication through the use of user accounts and passwords.</li>\r\n    <li><strong>Security management </strong>&ndash; StillSecure Safe Access provides security management through the Management Server&rsquo;s Web-based console and by reporting the endpoint compliance and access activity.  Also, the TOE provides two administrative roles FMT_SMR.1).</li>\r\n    <li><strong>Protection of TSF </strong>&ndash; StillSecure Safe Access partially protects its programs and data from unauthorized access through its own interfaces.</li>\r\n    <li><strong>StillSecure Safe Access Reporting</strong>&ndash; Safe Access provides a provision for Safe Access users with the necessary privileges to generate and view reports providing security status information on endpoint compliance and access activity. System administrators can operate on the reports pertaining to all clusters. Cluster administrator, Help desk technician, and User defined role with explicitly assigned privilege can operate on the reports pertaining to their own clusters.</li>\r\n    <li><strong>Trusted Path/Channel usage</strong>&ndash; The TOE makes use of trusted paths and channel supported in the IT environment.</li>\r\n</ul>","features":[]}