RE: IDS Common Criteria

["Greenspan, Howard" <HGreenspan () cau edu>]

I used to work for ISS X-force and I could not recall.  I did some poking
around and this is all I found is what you discovered please correct if
wrong.

Intrusion Detection Systems


Product Name  Manufacturer Conformance Claim Valid. Date CC Scheme 
Intrusion, Inc. SecureNet Pro(tm) Intrusion Detection System Version 4.1
Intrusion, Inc. SecureNet Pro(tm)  EAL 2 Dec 02  

http://niap.nist.gov/cc-scheme/ValidatedProducts.html#ids

Happy New Year
Howard Greenspan
Clark Atlanta University
Sr. Info Sec Engineer


-----Original Message-----
From: Talisker [mailto:talisker () networkintrusion co uk] 
Sent: Monday, January 06, 2003 1:14 PM
To: focus-ids () securityfocus com; ids () mailman vet com au
Subject: IDS Common Criteria


Hi all

Sorry about cross posting this on the SF and Australian IDS list

I received a marketing post this morning from Intrusion Inc saying that
their SecureNetPro is the only IDS to have passed Common Criteria
Certification, I was under the impression that another IDS vendor (ISS) had
already achieved similar.  Is there a RealSecure fan out there that could
confirm this ?

Outside Government and Military circles where I can see Common Criteria
Certification being extremely useful,  how valuable is it, ie within the
financial sector etc ?  More importantly what are it's failings?

take care
-andy
Taliskers Network Security Tools http://www.networkintrusion.co.uk