The Applied Identity ID-Enforce Hardware Appliance (models 5000, 7000, 10000) with ID-Enforce Gateway, Version 3.3, including the ID-Enforce Client (ID-Mark, v3.3) and the Identisphere Manager (ID-Policy, v3.3) is a system that is designed primarily to protect resources located on a protected network from users on an untrusted network. The client application (i.e., ID-Mark) allows the network users to interact with the TOE in order to access the resources it protects, and the Identisphere Manager (ID-Policy) application offers a Graphical User Interface (GUI) that may be used to define the user access policies stored in the LDAP server.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Applied Identity ID-Enforce Hardware Appliance (models 5000, 7000, 10000) with ID-Enforce Gateway, Version 3.3, including the ID-Enforce Client (ID-Mark, v3.3) and the Identisphere Manager (ID-Policy, v3.3) TOE was judged as described in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. SAIC determined that the evaluation assurance level (EAL) for the product is the EAL 2 family of assurance requirements. The product, when configured as specified in the installation guides and user guides, satisfies all of the security functional requirements stated in the Applied Identity ID-Enforce Security Target. A validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in September 2008. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report for Applied Identity ID-Enforce Hardware Appliance (models 5000, 7000, 10000) with ID-Enforce Gateway, Version 3.3, including the ID-Enforce Client (ID-Mark, v3.3) and the Identisphere Manager (ID-Policy, v3.3) prepared by CCEVS.
","environmental_strengths":"The TOE is a commercial product whose users require a low to moderate level of security assurance. The appliances are located within physically protected areas are configured and managed by professionally trained and trusted administrators. Within such environments, it is assumed that attackers will have a low attack potential.
\r\n
\r\nThe Applied Identity ID-Enforce Hardware Appliance (models 5000, 7000, 10000) with ID-Enforce Gateway, Version 3.3, including the ID-Enforce Client (ID-Mark, v3.3) and the Identisphere Manager (ID-Policy, v3.3) is a system that is designed to protect resources located on a protected network from users on an untrusted network and provides security audit, user data protection, identification and authentication, security management, and protection of the TSF security functions.