The Gilian G-Server is an appliance designed to protect organizations from the crippling consequences of having misinformation appear on their Web sites, even in the event of a hack. It is connected transparently in front of one or more HTTP/S Web servers, and presents no IP address of its own to the untrusted side of the network. It examines all incoming and outgoing traffic for anomalies, and performs two main functions:
\r\nEntryControl - protection against application-level attacks on the Web server;
\r\nExitControl - prevents maliciously modified Web resources from being sent out to end-users.
The G-Server's EntryControl provides protection against known HTTP application-level attacks with known signature patterns, as well as unknown attacks that can be distinguished by anomalous request characteristics. When an HTTP request is received by the G-Server for a protected site, it can be tested against a set of predefined signature patterns. When an anomalous request is detected, the connection is closed, and an alert is optionally generated.
\r\nThe G-Server's ExitControl mechanism prevents the unauthorized modification of a Web site by monitoring the objects (Web pages, images, applets, etc.) that the Web server serves, checking each for authenticity and replacing unauthorized objects with its own authorized copy of the object. If an attacker manages to break into the Web server, take full control of its functions and successfully modify the Web site content, the end user will continue to get authentic copies of the protected objects as if nothing had changed. Simultaneously the administrators will be alerted to the potential problem. The G-Server achieves its objectives by providing management tools for digitally signing authentic Web resources ahead of time, and performing real-time verification of data that is flowing out of the Web server using the signatures stored in its database.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the CygnaCom Solutions Common Criteria Testing Laboratory processes and procedures that are compliant with the Common Criteria Evaluation and Validation Scheme (CCEVS). The evaluation demonstrated that the entry and exit control functions of the Gilian G-Server Version 2.5 met the security requirements contained in the Security Target. The criteria against which the G?Server was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1 Part II and Part III. The evaluation team conducted the evaluation using the Common Methodology for Information Technology Security Evaluation, Version 1.0.
\r\nCygnaCom Solutions determined that the evaluation assurance level (EAL) for the product is EAL 1. The product, configured as outlined in the Administrator and User Guidance, satisfies all of the security functional requirements stated in the Security Target. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by CygnaCom Solutions. The evaluation was completed in July 2003. Results of the evaluation can be found in the Validation Report prepared by the National Information Assurance Partnership (NIAP) CCEVS-VR-03-0044.
\r\nFor this evaluation, it was appropriate for the Security Target to claim compliance with the external standards for MD5 and SHA-1 for the definition of the encryption algorithms. There are many ways of determining compliance with a standard. Gilian Technologies, Inc. has chosen to make a developer claim of compliance. This means that there has been no independent verification (by either the evaluators or a third party standards body, such as a FIPS laboratory) that the implementation of the cryptographic algorithms actually meets the claimed standards. Potential users of this product should confirm that the cryptographic capabilities are suitable to meet the user's requirements.
","environmental_strengths":"The evaluation of Gilian G-Server Version 2.5 provides a basic level of independently assured security in a conventional TOE and is suitable for the environment specification in this ST. The assurance requirements were chosen to be consistent with this goal.
","features":[]}