PRODUCT DESCRIPTION:
SunScreen EFS 3.0 Revision B Routing Mode is a packet filter and application
proxy firewall that makes network based access control decisions. SunScreen consists
of a rules-based, dynamic packet-filtering engine for network access control,
and four application proxies: FTP, HTTP, SMTP and Telnet.
SunScreen
EFS is administered through a graphical user interface
via a secure Web browser connection. SKIP encryption is
used to protect remote administration sessions.
SunScreen
also offers high availability (HA) configurations. HA provides
fault tolerance by maintaining multiple firewalls that
are watching the same network traffic. If the active firewall
has a hardware failure, a passive firewall can become the
active firewall.
SunScreen
EFS provides flexible logging of packets based upon configured
parameters. Packets may be logged if they do or do not
match a particular rule. For any given program component,
the level of logging can be specified. The value of the
log size and information to be recorded in the administrative
log files is established during the setup of SunScreen
EFS.
EVALUATION SUMMARY:
The security protection provided by the SunScreen EFS 3.0 Revision B Routing
Mode Firewall, when configured according to the SunScreen EFS 3.0 Revision
B Installation Guide has been evaluated by Arca Systems. The security features
of the SunScreen EFS 3.0 Revision B Routing Mode Firewall have been examined
against the Security Target (SunScreen EFS 3.0 Revision B Routing Mode Security
Target). The evaluation was performed using the Common Criteria 2.1: ISO 15048
and the Common Evaluation Methodology 1.0.
The Arca
Systems evaluation team has determined the SunScreen EFS
3.0 Revision B Routing Mode Firewall Security Target satisfies
all the specified requirements of the CC ASE criteria.
The Arca
Systems evaluation team has determined the SunScreen EFS
3.0 Revision B Routing Mode Firewall satisfies all the
specified requirements of the criteria at EAL2. For a complete
description of how the SunScreen EFS 3.0 Revision B Routing
Mode Firewall satisfies each requirement of the Criteria,
see SunScreen EFS 3.0 Revision B Routing Mode EVALUATION
TECHNICAL REPORT Issue: Doc. Ref.: TTAP-FER-0013 -TOE Reference
24 July 2000.
A system
that has been evaluated at Evaluation Assurance Level (EAL)
2 provides a low to moderate level of independently assured
security. The security functions are analyzed using a functional
specification, guidance documentation, and the high-level
design of the TOE to understand the security behavior.
The analysis is supported by independent testing of a subset
of the TOE security functions, evidence of developer testing
based on the functional specification, selective confirmation
of the developer test results, analysis of strength of
functions, and evidence of a developer search for obvious
vulnerabilities. Further assurance is gained through a
configuration list for the TOE and evidence of secure delivery
procedures.
ENVIRONMENTAL STRENGTHS:
The SunScreen firewall acts as a boundary between an external and internal
network. The firewall provides identification/authentication, network access
policy, audit of firewall events, secure remote administration and high availability. |
![[X]](/assets/images/button_close.gif){kind=small}
