Prism Microsystems, Inc.
8815 Centre Park Drive
Telephone: (410) 953-6776
Fax: (410) 953-6780
EventTracker Version 6.3 Build 93 (hereafter referred to as EventTracker Version 6.3) was the subject of a Common Criteria evaluation performed by the Common Criteria Evaluation Facility at EWA-Canada, located in Ottawa, Canada. The evaluation was completed in August 2010.
The evaluation of EventTracker Version 6.3 determined that this Information Technology (IT) product can be trusted, to an assurance level of EAL 2 augmented with ALC_FLR.2, to conform to the requirements of the associated security target.
EventTracker Version 6.3 is an Enterprise-class Security Information and Event Management (SIEM) solution that automatically collects and provides real-time analysis of logs and events from Windows systems and other devices that support the Syslog protocol. EventTracker Version 6.3 also accepts batch feeds of log files.
EventTracker Version 6.3 performs analysis of the real-time feeds. The feeds are also correlated to detect composite events. Alerts are generated for both single-feed events and composite events according to the configured policy. A cache of recent real-time and composite events is maintained for dashboard displays to administrators. The original logs from all the sources (both real-time and batch) as well as composite events are retained in a secure repository for later analysis and reporting. EventTracker Version 6.3 supplies both analytics and reporting engines for forensic analysis. Reports may be used for long-term trend analysis or compliance purposes.
The scope of this evaluation is defined by the security target, which identifies assumptions made during the evaluation, the intended environment for the EventTracker Version 6.3, the IT security requirements to be met, and the level of confidence (evaluation assurance level) to which it is asserted that the EventTracker Version 6.3 satisfies its IT security requirements.
Consumers are advised to carefully review the certification report to gain an understanding of the security functionality, the evaluated configuration, and the intended operating environment for the EventTracker Version 6.3.
Product Type: Security Information and Event Management