Sentinel from Novell Version 5.1.1 TOE consists of 2 modules, Sentinel Server and Sentinel Wizard along with a database repository that work together to deliver security event management via a central console. At its core, Sentinel from Novell Version 5.1.1 enables you to view all of your security information in one place, and then report on that entire picture of the enterprise. It’s multi-platform infrastructure event management software.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Arca Common Criteria Test Laboratory processes and procedures that are compliant with the Common Criteria Evaluation and Validation Scheme (CCEVS). The evaluation demonstrated that the Audit, Identification and Authentication, Protection of TOE Security Functions, Data Protection, Management of TOE Security Function and Enterprise Event Data functions of the Sentinel Version 5.1.1 met the security requirements contained in the Security Target. The criteria against which the Sentinel Version 5.1.1 was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.3 Part II and Part III. The evaluation team conducted the evaluation using the Common Methodology for Information Technology Security Evaluation, Version 2.3.
\r\nFor this evaluation, it was appropriate for the Security Target to claim compliance with the external standard for AES and ARC4 for the definition of the encryption algorithm. There are many ways of determining compliance with a standard. Sentinel from Novell Version 5.1.1 has chosen to make a vendor claim of compliance. This means that there has been no independent verification (by either the evaluators or a third party standards body, such as a FIPS laboratory) that the implementation of the cryptographic algorithms actually meets the claimed standards. Potential users of this product should confirm that the cryptographic capabilities are suitable to meet the user's requirements.
\r\nArca determined the product to be CC version 2.3 Part 2 and Part 3 conformant, and concluded that the Common Criteria requirements for Evaluation Assurance Level (EAL) 2 have been met. In addition, the evaluation team confirmed that the TOE uses CCEVS precedent PD-0106, to satisfy SAR AGD_USR.1. The product, configured as outlined in the Wrapper Document and Installation Guidance, satisfies all of the security functional requirements stated in the Security Target. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by Arca. The evaluation was completed in November 2006. Results of the evaluation can be found in the Validation Report prepared by the National Information Assurance Partnership (NIAP) CCEVS.
","environmental_strengths":"The Sentinel Version 5.1.1 TOE claims a minimum strength of function of SOF-basic for the TOE security functional requirements and the TOE as a whole. Appropriate physical and logical protection of the Sentinel Version 5.1.1 host machine and underlying OS is assumed and mandated by SFRs on the IT Environment. The SFR on IT Environment include areas such as Audit Storage Protection, Identification and Authentication, Domain Separation and Non-bypassability.
\r\n","features":[]}