CSEC Homepage > About IT Security > IT Security Program, Products and Services > Common Criteria > Sterling Commerce Inc., Connect:Direct® with Secure+ Option v3.7 running on UNIX and v4.2 on Windows

Sterling Commerce Inc., Connect:Direct® with Secure+ Option v3.7 running on UNIX and v4.2 on Windows

Sterling Commerce Incorporated
750 W. John Carpenter Freeway,
Irving, TX
United States 75039
Telephone: 1-800-299-4031
Email: inquiry@stercomm.com

Sterling Commerce Inc., Connect:Direct® with Secure+ Option v3.7 running on UNIX and v4.2 on Windows was the subject of a Common Criteria evaluation performed by the Common Criteria Evaluation Facility at EWA-Canada, located in Ottawa, Ontario, Canada. The evaluation was completed on 8 September 2006.

The evaluation of Connect:Direct® with Secure+ Option determined that this Information Technology (IT) product can be trusted, to an assurance level of EAL 2 augmented, to conform to the requirements of the associated security target. The augmentation consisted of the ALC_FLR.2 (Flaw Reporting Procedures).

Connect:Direct® with Secure+ Option is a software application that enables secure peer-to-peer file transfer over an insecure network. The Connect:Direct® with Secure+ Option provides server based software file transfer solutions for high volume applications. Connect:Direct® with Secure+ Option installations perform periodic high capacity file transfers between specific servers. The Transport Layer Security (TLS) protocol is used to perform authentication between servers and to provide an encrypted channel over which file transfers are performed. This provides security to protect against eavesdropping, tampering and message forgery.

The evaluated configuration of the Connect:Direct® with Secure+ Option includes versions for the Windows and UNIX operating systems. For each of the evaluated configurations, an Installation Guide, a Getting Started Guide and a Secure+ Option Implementation Guide provide instructions for installing the software in its evaluated configuration.

The scope of this evaluation is defined by the security target, which identifies assumptions made during the evaluation, the intended environment for the Connect:Direct® with Secure+ Option, the IT security requirements to be met, and the level of confidence (evaluation assurance level) to which it is asserted that the Connect:Direct® with Secure+ Option satisfies its IT security requirements. Consumers are advised to verify that their operating environment is consistent with the security target, and to give due consideration to the recommendations stated in the certification report.

Security Target: PDF * Accessibility Notice * Official Languages Notice

Certification Report: HTML | PDF

Certificate of Evaluation: HTML | PDF