RE: IDS Common Criteria

Common Criteria is just a criteria that the us govt uses to insure that the product does what the producers say. It is not a test such as nss, etc. with a grading it is just a check off so that govt. folks can buy the product. The testing for common criteria is done by authorized labs and can cost upwards of 100k to have done. It is more a test of financial resources in getting it done that anything else. We are looking at having it done here as well

alan

Alan Shimel
VP of Sales & Business Development
Latis Networks, Inc.

303-642-4515 Direct
516-857-7409 Mobile
303-642-4501 Fax

www.stillsecure.com
Reducing your risk has never been this easy. . . .
The information transmitted is intended only for the person to which it is addressed and may contain confidential material. Review or other use of this information by persons other than the intended recipient is prohibited. If you've received this in error, please contact the sender and delete from any computer.

-----Original Message-----

From: Talisker [mailto:talisker@networkintrusion.co.uk] Sent: Monday, January 06, 2003 11:14 AM
To: focus-ids@securityfocus.com; ids@mailman.vet.com.au Subject: IDS Common Criteria

Hi all

Sorry about cross posting this on the SF and Australian IDS list

I received a marketing post this morning from Intrusion Inc saying that their SecureNetPro is the only IDS to have passed Common Criteria Certification, I was under the impression that another IDS vendor (ISS) had
already achieved similar. Is there a RealSecure fan out there that could
confirm this ?

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Outside Government and Military circles where I can see Common Criteria Certification being extremely useful, how valuable is it, ie within the financial sector etc ? More importantly what are it's failings?

take care
-andy

Taliskers Network Security Tools
http://www.networkintrusion.co.uk Received on Tue Jan 7 14:51:57 2003