CSEC Homepage > About IT Security > IT Security Program, Products and Services > Common Criteria > Check Point Software Technologies Incorporated VPN-1/FireWall-1 Next Generation Feature Pack 1

Check Point Software Technologies Incorporated VPN-1/FireWall-1 Next Generation Feature Pack 1

Check Point Software Technologies Incorporated
3A Jabotinsky St., Diamond Tower
Ramat Gan, 52520
Israel

The Check Point Software Technologies Incorporated VPN-1/FireWall-1 Next Generation Feature Pack 1 was the subject of a Common Criteria evaluation performed by the Common Criteria Evaluation Facility at EWA-Canada, located in Ottawa, Ontario, Canada. The evaluation was completed in August 2005.

The evaluation of the VPN-1/FireWall-1 Next Generation Feature Pack 1 determined that this Information Technology (IT) product can be trusted, to an assurance level of EAL 4, to conform to the requirements of the associated security target.

The VPN-1/FireWall-1 Next Generation Feature Pack 1 provides firewall and virtual private network functionality to secure the communication between networks. It also provides the capability to securely configure and administer the product itself. The TOE's ability to invoke the VPN when required as per the established security policies was evaluated; however, correct operation of the VPN functionality was not included as a part of this evaluation. The VPN-1/FireWall-1 Next Generation Feature Pack 1 supervises traffic, belonging to the complete IP (Internet Protocol) family of protocols, which passes between networks physically connected to the computer system which hosts the TOE.

The evaluated configuration consists of:

• The Check Point Management Server module running on a system with either the SUN Solaris 8.0 or Windows 2000 operating system and residing on a secure LAN.
• The Check Point Graphical User Interface module running on a system with the Windows 2000 operating system and residing on the same protected LAN as the Management Server.
• The Check Point VPN-1 SecureClient module running on a system with the Windows 2000 operating system and residing outside of the protected LAN.
• One or more Check Point VPN-1/FireWall-1 FP1 modules running on systems with either the SUN Solaris 8.0 or Windows 2000 operating systems and residing either on the same protected LAN as the Management Server or outside of the protected LAN.
• The Check Point Policy Server module running on a system which also has a VPN-1/FireWall-1 FP1 module installed and which resides on the protected LAN.

The scope of this evaluation is defined by the security target, which identifies assumptions made during the evaluation, the intended environment for the VPN-1/FireWall-1 Next Generation Feature Pack 1, the IT security requirements to be met, and the level of confidence (evaluation assurance level) to which it is asserted that the VPN-1/FireWall-1 Next Generation Feature Pack 1 satisfies its IT security requirements. Consumers are advised to verify that their operating environment is consistent with the security target, and to give due consideration to the recommendations stated in the certification report.

Security Target: * Accessibility Notice * Official Languages Notice

Certification Report: HTML | PDF

Certificate of Evaluation: HTML | PDF