The Target of Evaluation (TOE) is Check Point Integrity Agent, version 6.5.063.145.
\r\nThe evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Check Point Integrity Agent TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is EAL 4 augmented with ALC_FLR.2 and AVA_VLA.3 family of assurance requirements. The product, when configured as specified in the Integrity Client Management Guide; Deploying and Managing Integrity Flex and Integrity Agent and User Guide for Integrity Client Software, Version 6.5, satisfies all of the security functional requirements stated in the Check Point Integrity Agent 6.5 Security Target, Issue 1.2, 22 June 2008. The supported platforms in this evaluation are Microsoft Windows 2000 Professional and Microsoft Windows XP. One Validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in July 2008. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, (report number CCEVS-VR-VID10287-2008, dated 23 July 2008) prepared by CCEVS.
","environmental_strengths":"The Integrity Agent TOE mediates network traffic between applications (running in the context of the same workstation in the IT environment) and users and other external IT entities (e.g., computers) in the IT environment accessible via attached network interfaces. Integrity Agent supports the following five security functions:
\r\nSecurity Audit: The TOE generates audit records for exceptions encountered while performing Spyware Mitigation and while enforcing the Personal Firewall Policy rules. The resulting audit log is sent to an authenticated Integrity Server
\r\nUser Data Protection (Personal Firewall): The TOE implements rules representing a Personal Firewall Policy that can mediate: packets flowing to and from external networks and connections attempted by internal processes to interact with the attached network(s).
\r\nIdentification and Authentication: The TOE requires that remote users (i.e., an Integrity server) must be properly identified and authenticated before they can perform TOE operations (e.g., to configure new rules). This is accomplished using SSL-based authentication. The Integrity client and server products support SSL for this purpose and in the evaluated configuration this feature is enabled. Note that the applicable SSL credentials must be configured so that an Integrity client can authenticate the appropriate, corresponding Integrity server. Once SSL-based authentication has occurred, the TOE uses a proprietary encryption scheme to ensure that subsequent communications are appropriately protected.
\r\nSecurity Management: The TOE offers functions suitable to allow the TOE security functions to be configured and managed appropriately. The ability to configure the TOE in any manner is limited to authorized users. The notion of authorized users includes both local users (i.e., any user on the same workstation as the TOE) operating on the hosting workstation and remote users (i.e., Integrity server) that have been identified and authenticated by the TOE.
\r\nSpyware Mitigation (EXP): The TOE has the ability to scan the hosting workstation for the presence of known Spyware signatures. Any Spyware that is identified is reported in the audit log and can also be deleted to limit potential future damage.
","features":[]}