Lumension Security STAT Scanner Professional Version 5.08
Lumension Security
15880 N. Greenway-Hayden Loop, Suite 100
Scottsdale, AZ 85260
Telephone: 480-970-1025
Fax: 480.970.6323
www.lumension.com
STAT® Scanner Professional version 5.08 was the subject of a Common Criteria evaluation performed by the Common Criteria Evaluation Facility at EWA-Canada, located in Ottawa, Ontario, Canada. The evaluation was completed on 7 April 2003.
The evaluation of STAT® Scanner Professional determined that this Information Technology (IT) product can be trusted, to an assurance level of EAL 2 augmented, to conform to the requirements of the associated security target. The augmentations consisted of the following: ACM_CAP.4 (Generation support and acceptance procedures), ACM_SCP.1 (Configuration management coverage), ALC_DVS.1 (Identification of security measures), ALC_FLR.3 (Systematic flaw remediation), ALC_LCD.1 (Developer defined life-cycle model), and AVA_MSU.1 (Examination of guidance).
STAT® Scanner Professional is a vulnerability assessment scanner that statically monitors a set of IT resources in order to identify configurations that may be indicative of potential vulnerabilities in, or misuse of, those IT resources. Through the use of Windows® operating system resources and IT administration best practices for code and data protection, the STAT® Scanner protects itself, its associated data, and output report database from unauthorized access or modification, and ensures accountability for authorized actions. STAT® Scanner Professional supports the following range of target operating systems: Windows® NT/95/98/Me/2000/XP; RedHatTM Linux 6.2 and later; MandrakeTM Linux 7.1 and later; and SunTM Solaris 2.5.1 and later.
The evaluated configuration comprises: the STAT® Scanner Professional Version 5.08 software; a Windows® 2000 platform with supporting devices, including a Network Interface Card (NIC); and user guidance documentation describing the correct configuration and operation of the STAT® Scanner Professional. The correct configuration is described in detail in the STAT® Scanner Professional Edition Installation and User's Guide, Version 5.
The scope of this evaluation is defined by the security target, which identifies assumptions made during the evaluation, the intended environment for the STAT® Scanner Professional, the IT security requirements to be met, and the level of confidence (evaluation assurance level) to which it is asserted that the STAT® Scanner Professional satisfies its IT security requirements. Consumers are advised to verify that their operating environment is consistent with the security target, and to give due consideration to the recommendations stated in the certification report.
Security Target: 
* Accessibility Notice * Official Languages Notice