{"product_id":3011,"v_id":3011,"product_name":"Securify SecurVantage Version 3.1","certification_status":"Not Certified","certification_date":"2004-01-26T00:01:00Z","tech_type":"Network Management","vendor_id":{"name":"Securify, Inc.","website":"http://www.securify.com"},"vendor_poc":"Jose Caldera","vendor_phone":"650.812.9401","vendor_email":"jcaldera@securify.com","assigned_lab":{"cctl_name":"CygnaCom Solutions, Inc"},"product_description":"<p>Securify SecurVantage&trade; is an automated security system that enables customers to generate business-driven security policies, monitor networks in real-time for compliance and produces relevant security and network operations information. This software product consists of an environment for policy development and security analysis, a real-time monitoring system to continuously verify conformance to business practices and security policies, and an enterprise management and trend reporting system. The SecurVantage&trade; system is driven by a customer-specific policy that formally describes the desired operation of the network.</p>\r\n<p>SecurVantage&trade; relies on a proprietary policy language that translates business requirements and security policies into a formal, machine monitored specification (a &ldquo;policy&rdquo;) describing the &ldquo;correct&rdquo; behavior of the network. SecurVantage&trade; then evaluates, in real time, the packets flowing through the network at all levels of the protocol stack and makes decisions on whether the traffic is consistent with the policy specification. This information is then presented in a web-based analysis environment in terms that are specific to the business, and actionable for the network, operations and security teams responsible for the network.</p>\r\n<p>SecurVantageTM consists of three major components:</p>\r\n<ul>\r\n    <li>SecurVantage&trade; Studio that provides an interface that allows for the authoring of network security policy at multiple levels and for analyzing the results of actual network traffic vs. desired network behavior via the network security policy. </li>\r\n    <li>SecurVantage&trade; Monitor that evaluates network traffic in real-time according to the network security policy on a continuous basis generating real-time network security conformance events and risk information. </li>\r\n    <li>SecurVantage&trade; Enterprise that aggregates real-time events and (remotely) manages multiple SecurVantage Monitors. </li>\r\n</ul>","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. Securify SecurVantage&trade; Version 3.1 was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 2.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. CygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies an assurance level of EAL 2. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed in January 2004.","environmental_strengths":"It is assumed that the there is no un-trusted software on the SecurVantage&trade; hosts and the users and Administrators on SecurVantage&trade; hosts are trusted. Users have different roles with different privileges. SecurVantage&trade; relies upon the underlying operating system platforms to provide reliable time stamps and to protect the SecurVantageTM hosts from other interference or tampering. SecurVantage&trade; relies upon widely used third-party software to provide protection of data transfer between the product components and for a trusted communication path between authorized administrators and the product.\r\n<p>Securify SecurVantage&trade; Version 3.1 components communicate using the Secure Sockets Layer (SSL) protocol that provides data encryption and server authentication.</p>\r\n<p>&nbsp;</p>","features":[]}