Re: [IDS] IDS Common Criteria

>Outside Government and Military circles where I can see Common Criteria

CAVEAT: My direct knowledge of the CC is about 2 years old. Maybe things are better. I doubt it.

The Common Criteria has all the markings of what it is: a government created and organized, committee deliberated, process. (That's meant to be really negative, for those who like such things, and exclaimed, "Cool!") Notice the definition on their web page: "The Common Criteria represents the outcome of a series of efforts to develop criteria for evaluation of IT security that are broadly useful within the international community."

The "warning signs" are "series of efforts" and "broadly useful." (And it is over 600 pages.) The CC is a standard for measurement. But there is no "Firewall test," not "IDS test," etc. As long as you understand that it is a set of specific criteria in standard format against which a vendor can document any product, there is no problem.

Example: If we had such a thing for automobiles, you'd be able to lay a chart for every one next to the other and compare across for the things you cared about. They would all use standard notation for the same features.

Wait... that sounds really useful. Yes, except -- using the example I just gave -- you have to create the tables and you have to know the code name for each feature. Oh, and the manufacturer gets to decide what features to highlight and what to leave out. There is no requirement to include and specific criterion. It is *not* a Consumer Reports (sorry, I realize some of you don't know what I mean) evaluation of products with identical selection criteria reporting how each product fared.

Is Common Criteria useful? I don't see how it is.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Fred
Avolio Consulting, Inc.
16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US +1 410-309-6910 (voice) +1 410-309-6911 (fax) http://www.avolio.com/ Received on Tue Jan 7 13:34:50 2003