The Target of Evaluation (TOE) is wireless intrusion prevention system (WIPS). It consists of SpectraGuard Enterprise Server component (also referred as “Server”), SpectraGuard Enterprise Management Console component (also referred as “Console”), and SpectraGuard Enterprise Sensor component (also referred as “Sensor”).
\r\n\r\n
The Sensors are geographically dispersed to provide full radio coverage of the enterprise premises to be protected against unauthorized wireless activity. These premises typically include enterprise wired local area network that may or may not have managed WiFi extension (managed WiFi access points (APs)) of its own. The Sensors are connected to the Ethernet ports of the wired local area network within the premises to provide full coverage of the local area network subnets. The Sensor application software version 6.5 is embedded in the SpectraGuard Enterprise Sensor appliance SS-300-AT-C-10. The Sensors can be operated with external antennas or with internal antennas. The SS-300-AT-C-10 Sensor with software version 6.2 is FIPS 140-2 Level 2 certified (Certificate #1609). Vendor asserts that there is no change in cryptographic modules in the Sensor from version 6.2 to version 6.5.
\r\n\r\n
The Sensor appliance SS-300-AT-C-10 also includes following third party software to support the Sensor application:
\r\n\r\n
The Server is also connected to the local area network. The Server application software version 6.5 is embedded in the SpectraGuard Enterprise Server appliance SA-350. The Server application SE-SW-VM version 6.5 can also be run on VMware ESX, ESXi and vSphere virtual machines version 4.0 and above. The Server application is FIPS 140-2 Level 1 certified (Certificate #1649).
\r\nThe Server appliance SA-350 and the VMware software SE-SW-VM also include following third party software to support the Server application:
\r\n\r\n
The Console provide graphical user interface (GUI) into the TOE for management of security functions. It runs as Java applet in Internet Explorer web browser on Microsoft Windows machine. There is no need to install any software to run the Console. The Console applet is received from the Server when the Server is accessed from within web browser and is removed from the browser when the web browser is closed.
\r\n\r\n
The following third party software is required to support the Console:
\r\n\r\n
The Sensors scan WiFi radio channels to collect wireless activity information in their vicinity and report this information to the Server. They also scan traffic on the local area network subnets to which they are connected through the Ethernet ports and report the scanned information to the Server. The Server performs analysis of the information reported by Sensors to identify and respond to unauthorized WiFi activity. The Server notifies events related to the unauthorized WiFi activity to administrator, generates compliance reports (DoD, SOX, GLBA, PCI, HIPAA, MITS etc.), and triggers countermeasures to block (prevent) the unauthorized wireless activity.
\r\n\r\n
To accomplish its function, the TOE operates in “overlay” fashion, i.e., Sensors are not inline the wireless connections or the wired connections. Rather, they rely on broadcast nature of the wireless medium to collect wireless scan data. They also rely on broadcast subset of traffic in the wired network to collect wire-side scan data.
\r\n\r\n
The TOE does not provide any traffic forwarding functionality between the wired and wireless media (like the WiFi APs do).
","evaluation_configuration":"The evaluated configuration includes the following:
\r\n\r\n
The Test Configuration will consist of SpectraGuard Enterprise Server appliance SA-350 including Server software version 6.5 and SpectraGuard Enterprise Sensor appliance SS-300-AT-C-10 including Sensor software version 6.5. The SpectraGuard Enterprise Management Console will be accessed using Internet Explorer (IE) version 9.0 using JRE version 1.6u30 on Windows 7 computer.
\r\n\r\n
Another Test Configuration will consist of SpectraGuard Enterprise Server software SE-SW-VM version 6.5 running on VMware ESXi version 4.0 and SpectraGuard Enterprise Sensor appliance SS-300-AT-C-10 including Sensor software version 6.5. It suffices to test one virtual machine environment, as others are equivalent and interoperable with it. The SpectraGuard Enterprise Management Console will be accessed using Internet Explorer (IE) version 9.0 using JRE version 1.6u30 on Windows 7 computer.
\r\n\r\n
The Sensor appliance SS-300-AT-C-10 includes two WiFi radio modules. Any of these radio modules can be tuned via software to monitor any WiFi channel. In the SS-300-AT-C-10 Sensor appliance, the first radio module is tuned to rotate on one subset of WiFi channels (in 2.4 GHz band) and the second radio module is tuned to rotate on the other subset of WiFi channels (in 5 GHz band).
","security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. The TOE was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 3.1 R3.
\r\n\r\n
The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 R2.
\r\n\r\n
CygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies an assurance level of Evaluation Assurance Level (EAL) 2 augmented with ALC_FLR.2.
\r\n\r\n
A team of validators, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed in May 2012.
","environmental_strengths":"The following security functions are in the scope of the evaluation:
\r\n\r\n
The TOE is able to audit the use of the administration/management functions. This function records attempts to access the system itself, such as successful and failed authentication, as well as the actions taken by TOE users once they are authenticated.
\r\n\r\n
The audit data is protected by the access control mechanisms of the database and OS of the TOE components and by the TOE management Console interface. Only Superuser has access to the audit records. The Superuser can download the audit records for viewing. At the time of downloading, sorting and filtering criteria can be specified for the audit records.
\r\n\r\n
The audit records are stored in the TOE for configurable number of days. Once any record becomes older than the configured lifetime, it is automatically deleted. The TOE does not place any limit on the size of the audit trail, the only limit comes from the size of the disk. When the occupied disk size approaches the capacity, the TOE generates early warning.
\r\n\r\n
Security Audit relies on the Operational Environment with a properly configured text editor (such as Microsoft Excel, WordPad etc.) application to support viewing of the downloaded audit logs. It also depends on the Operational Environment to provide secure communication path between the TOE Server and management Console.
\r\nThe TOE performs cryptographic functions for: a) Sensor-Server communication, b) Console-Server communication, c) SSH utility in Sensor and Server. The Sensor-Server communication protocol is proprietary and uses FIPS 140-2 approved algorithms for key generation, encryption and message integrity. The Console-Server communication follows TLS version 1.0 standard and the SSH utility follows SSH version 2 standard. The TOE supports FIPS and non-FIPS operation modes.
\r\n\r\n
The TOE requires all users to provide unique identification and authentication data before any access to the system is granted. User identification and authentication is done by the TOE though username/password authentication, optionally using an external authentication server. The TOE also supports client certificate-based authentication option, such as CAC authentication. For certificate-based authentication, TOE supports optional two-factor authentication with password in addition to client certificate.
\r\n\r\n
All authorized TOE users must have a user account with security attributes that control the user’s access to TSF data and management functions. These security attributes include user name, password, role and location node identity for TOE users.
\r\n\r\n
The TOE enforces a password policy for users who authenticate via the TOE. The TOE will also prevent a user from accessing the system after a configurable number of failed login attempts.
\r\n\r\n
Identification and Authentication depends on the Operational Environment to provide an external authentication server if that feature is configured. It also depends on the Operational Environment to provide a secure communications path between the TOE and the external authentication server.
\r\nThe TOE provides a web-based (using HTTPS) management interface for all run-time TOE administration. The ability to manage various security attributes, system parameters and all TSF data is controlled and limited to those users who have been assigned the appropriate administrative role.
\r\n\r\n
Security Management relies on a management console in the Operational Environment with a properly configured Web Browser to support the web-based management interfaces.
\r\nThe TOE will terminate a user’s interactive session after a configurable inactivity time. Before establishing a user session, the will display an advisory warning message regarding unauthorized use of the TOE.
\r\nThe TOE ensures that data transmitted between separate parts of the TOE are protected from disclosure or modification. This protection is ensured through strong encryption during both setup and the transition of data. The TOE Server is FIPS 140-2 Level 1 certified and the TOE Sensor is FIPS 140-2 Level 2 certified.
\r\nThe TOE detects WiFi threats and vulnerabilities. For this, it collects information from IEEE 802.11 protocol transmission frames detected on WiFi radio channels and IEEE 802.3 protocol traffic detected in the wired part (Ethernet) of the monitored network subnets. Sensors collect the above-mentioned data and send it to the Server.
\r\nThe TOE performs various types of analyses such as signatures, anomaly, wired/wireless traffic correlation and devices configuration check, on the collected data to detect wireless threats and vulnerabilities. When threats/vulnerabilities are detected, the TOE generates alarms and (if optionally configured to do so) sends alarms by email, SNMP, syslog etc. to external servers in the operational environment.
\r\nTOE stores user action logs and events data in the database that is included in the TOE. User action logs can be downloaded by authorized administrator from Console as TSV (tab separated values) format file. Events are displayed in tabular form on Console. The user action logs and events are automatically deleted after administrator configured lifetime expires for them. Events are also automatically deleted when total number of events exceeds the administrator configured thresholds. When auto deletion happens, the most recent logs and events are always maintained. The TOE also proactively notifies the administrator via event if the disc occupancy reaches unsafe limits so that administrator can take appropriate action (e.g., backup) to free up the disc space. TOE also facilitates automatic periodic backup of database.
","features":[]}