The TOE is the McAfee, Inc., IntruShield Intrusion Detection System product. The TOE consists of three main components that are: the IntruShield sensor(s), the IntruShield Security Management system, and the Update server.
\r\nThe IntruShield IDS system is composed of a family of sensor appliances, an IntruShield ISM system, and an Update Server. The sensor appliances are stand-alone appliances from McAfee. The three sensor appliances are the IntruShield 1200, IntruShield 2600, and the IntruShield 4000. All other components of the product are software only components that run on a Windows workstation. The ISM system is an IDS management solution for managing IntruShield sensor appliance deployments for large and distributed enterprise networks. The ISM operates with an MYSQL DATABASE to persist configuration information and alert data.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the IntruShield Intrusion Detection System TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1 and International Interpretations effective on 10 April, 2003.
\r\nThe evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is EAL 3 family of assurance requirements. The product, when configured as specified in the installation guides and release notes, satisfies all of the security functional requirements stated in the IntruShield Product Family Intrusion Detection System Security Target.
\r\nThe IntruShield Intrusion Detection System meets the assumptions, threats, organizational policies, security objectives and security functional requirements of the Intrusion Detection System System Protection Profile, Version 1.4, February 4, 2002 (IDSSPP) with the exception of the timestamp, FPT_STM.1 which is met by a combination of the TOE and its IT Environment, threats, security objectives and other security functional requirements not applicable to TOE.
\r\nThree validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in July 2004. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report for IntruShield Intrusion Detection System, prepared by CCEVS.","environmental_strengths":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the IntruShield Intrusion Detection System TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1 and International Interpretations effective on 10 April, 2003.
\r\nThe evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is EAL 3 family of assurance requirements. The product, when configured as specified in the installation guides and release notes, satisfies all of the security functional requirements stated in the IntruShield Product Family Intrusion Detection System Security Target.
\r\nThe IntruShield Intrusion Detection System meets the assumptions, threats, organizational policies, security objectives and security functional requirements of the Intrusion Detection System System Protection Profile, Version 1.4, February 4, 2002 (IDSSPP) with the exception of the timestamp, FPT_STM.1 which is met by a combination of the TOE and its IT Environment, threats, security objectives and other security functional requirements not applicable to TOE.
\r\nThree validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in July 2004. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report for IntruShield Intrusion Detection System, prepared by CCEVS.
","features":[]}