CyberGuard to Enter Evaluation for Department of Defense's Rigorous New Medium Robustness Protection Profile for Firewalls.Business Editors FT. LAUDERDALE, Fla.--(BUSINESS WIRE)--March 11, 2003 Testing Validates That Firewalls Protect Mission-Critical Data for US Government Agencies CyberGuard Corporation (AMEX AMEX See: American Stock Exchange :CFW CFW Custom Firmware CFW Call Forward CFW Cystic Fibrosis Worldwide CFW Cache Fast Write CFW Citizens for Florida's Waterways CFW Center for Writing (education) CFW Continuous Fillet Weld (engineering) ), the technology leader in network security, today announced that it will enter evaluation for the new "U.S. Department of Defense Firewall Protection Profile for Medium Robustness Environments" (MRPP MRPP Men's Rape Prevention Project MRPP Movimento Reorganizativo do Partido do Proletariado MRPP Memphis Regional Planned Parenthood ), version 1.0. The new MRPP supersedes earlier versions that address traffic filter and application-level firewalls separately. Developed as an independent means of validating that security products, such as firewalls, address threats that exist in a specific environment, protection profiles serve to extend the National Information Assurance Acquisition Policy (NSTISSP NSTISSP National Security Telecommunications and Information Systems Security Policy No. 11), which took effect July 2002. That policy mandates that government agencies only purchase information security products, including firewalls, which have been evaluated and certified according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. internationally recognized Common Criteria (Common Criteria for Information Technology Security) An international standard process for defining security objectives and for evaluating compliance with those objectives. The Common Criteria have largely replaced the Trusted Computer Security Evaluation Criteria (TCSEC), the Canadian . In August, the DoD issued a memorandum stating further that products must also meet protection profiles. There are no firewall vendors who currently meet the earlier medium robustness protection profiles. Mike Wittig, chief technology officer and vice president of development for CyberGuard Corporation, commented, "Protection profiles provide a link between the high level Common Criteria evaluation and the specific functionality required in a real-world environment. We've been anticipating the release of this new more rigorous set of requirements for some time and are geared up to pursue validation. CyberGuard has a longstanding commitment to independent information security evaluation. We were first to receive a number of certifications, and the only firewall vendor to ever achieve a TCSEC/NCSC Orange Book B1 level certification, which we earned for our secure operating system The term "secure operating system" is a misnomer. Relevant articles include:
CyberGuard is also currently the only firewall provider in the world participating in an ongoing Common Criteria evaluation assurance maintenance program. This is significant because ongoing evaluation assures that, when firewall manufacturers issue new upgrades and revisions to certified technology, the product maintains its certification level. Without ongoing evaluation, when new versions of a security product are released, those products do not retain the original assurance levels. About Common Criteria The Common Criteria for Information Technology Security Evaluation (CCITSE CCITSE Common Criteria for Information Technology Security Evaluation ) is a set of evaluative criteria agreed to by the National Security Agency/National Institute of Standards and Technologies and equivalent bodies worldwide. It was designed to resolve technical and conceptual differences among existing standards for evaluating network security systems and products. An international standard -- ISO (1) See ISO speed. (2) (International Organization for Standardization, Geneva, Switzerland, www.iso.ch) An organization that sets international standards, founded in 1946. The U.S. member body is ANSI. 15408 -- Common Criteria represents the outcome of efforts to develop criteria for evaluating IT security that are widely accepted within the international community and mutually recognized by 16 countries: US, UK, Australia, Austria, Canada, Finland, France, Germany, Greece, Israel, Italy, The Netherlands, New Zealand New Zealand (zē`lənd), island country (2005 est. pop. 4,035,000), 104,454 sq mi (270,534 sq km), in the S Pacific Ocean, over 1,000 mi (1,600 km) SE of Australia. The capital is Wellington; the largest city and leading port is Auckland. , Norway, Spain and Sweden. About CyberGuard Corporation CyberGuard Corporation, the technology leader in network security, provides enterprise and electronic commerce security solutions to Global 2000 companies and governments worldwide. CyberGuard's award winning firewall/VPN products and services protect the integrity of data and applications from unauthorized access. CyberGuard's appliances, which include SL, KS, FS and LX models, hold Common Criteria Evaluation Assurance Level The Evaluation Assurance Level (EAL1 through EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999. 4+ (EAL EAL English as an Additional Language EAL Evaluation Assurance Level EAL Eastern Airlines EAL Emergency Action Level EAL Environmental Analysis Laboratory EAL Evidence Analysis Library (American Dietetic Association) 4+) certification, the most prestigious and rigorous IT security evaluation available. The company has world headquarters in Ft. Lauderdale, Florida, and branch offices worldwide. More information on CyberGuard Corporation can be found at http://www.cyberguard.com. Forward-Looking Statements This press release contains forward-looking statements that involve certain risks, uncertainties and factors, including without limitation, those described in the Company's filings with the Securities and Exchange Commission, that may cause the Company's future actual results to materially differ from the Company's current expectations. The Company assumes no obligation to update any forward-looking statements. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion