mjrnfr.net

• Next message: Darren Reed: "Re: Bypassing firewall"
• Previous message: Marcus J. Ranum: "Re: Bypassing firewall"
• In reply to: Rick Smith: "Re: Firewalls - ITSEC Rating?"
• Next in thread: Tim.Wundkecamtech.com.au: "Re: Firewalls - ITSEC Rating?"
• Next in thread: Christopher Nicholls: "Re: Firewalls - ITSEC Rating?"
• Reply: Marcus J. Ranum: "Re: Firewalls - ITSEC Rating?"
• Reply: Tim.Wundkecamtech.com.au: "Re: Firewalls - ITSEC Rating?"
• Reply: Rick Smith: "Re: Firewalls - ITSEC Rating?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>The ITSEC evaluation says that the product met the requirements documented
>in its "Security Target" document.

Right, if I understand correctly, it's a lot like those ISO9000
deals - you're evaluated on whether or not you actually do what
you claim to do. And, since everyone's claims can be subtly
different, in the end the evaluation is useless because a user
of the evaluated product has to re-evaluate the product to see
if the claims make sense for their purpose.

I once thought about trying to get a 10baseT hub ITSEC evaluated
as a firewall (albeit a very permissive one) but the mountains
of paperwork and the huge amount of time and money necessary
are daunting.

I'm sure that many on this list will be shocked to hear me say
this, but the ICSA firewall product certification is orders of
magnitude more valuable to real customers than ITSEC evaluation.

mjr.

• Next message: Darren Reed: "Re: Bypassing firewall"
• Previous message: Marcus J. Ranum: "Re: Bypassing firewall"
• In reply to: Rick Smith: "Re: Firewalls - ITSEC Rating?"
• Next in thread: Tim.Wundkecamtech.com.au: "Re: Firewalls - ITSEC Rating?"
• Next in thread: Christopher Nicholls: "Re: Firewalls - ITSEC Rating?"
• Reply: Marcus J. Ranum: "Re: Firewalls - ITSEC Rating?"
• Reply: Tim.Wundkecamtech.com.au: "Re: Firewalls - ITSEC Rating?"
• Reply: Rick Smith: "Re: Firewalls - ITSEC Rating?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]