SymantecTM Critical System Protection v5.0.5
Symantec Corporation
World Headquarters
20330 Stevens Creek Boulevard
Cupertino, CA
USA 95014-2132
Telephone: 408-517-8000
Fax: 408-517-8186
The SymantecTM Critical System Protection v5.0.5 was the subject of a Common Criteria evaluation performed by the Common Criteria Evaluation Facility at EWA-Canada, located in Ottawa, Ontario, Canada. The evaluation was completed in November 2006.
The evaluation of the SymantecTM Critical System Protection (SCSP) determined that this Information Technology (IT) product can be trusted, at an assurance level of EAL 2 augmented with ALC_FLR.1, to conform to the requirements of the associated security target.
The SCSP is a software-only implementation of a host-based intrusion detection and prevention system, designed to protect an enterprise's internal network. The intrusion detection capabilities monitor files, registry keys and system logs to allow suspicious activity to be identified and reported; the intrusion prevention capabilities mediate access to system resources, such as registry keys, operating system files, important application files, and devices thereby preventing attacks from occurring. The SCSP is comprised of SCSP Agents, the SCSP Management Server, and the SCSP Management Console. SCSP Agents are software entities installed on various servers, workstations, and databases that are to be protected, and apply intrusion detection and prevention policies. The user responsible for managing the SCSP system creates intrusion detection and prevention policies using the SCSP Management Console (a JavaTM application running on a workstation), sends those policies to the SCSP Management Server, which in turn pushes the policies down to the SCSP Agents. The SCSP Management Server (also implemented in JavaTM) is the central management server for the SCSP system, and provides functionality for storing, updating and distributing to the SCSP Management Console and the SCSP Agents all enforcement policies, configuration settings, log events, and alerts.
The scope of this evaluation is defined by the security target, which identifies assumptions made during the evaluation, the intended environment for the SCSP, the IT security requirements to be met, and the level of confidence (evaluation assurance level) to which it is asserted that the SCSP satisfies its IT security requirements.
Consumers are advised to carefully review the certification report to gain an understanding of the security functionality, the evaluated configuration, and the intended operating environment for the SCSP.
Product Type: Intrusion Detection and Prevention System
Security Target: 
* Accessibility Notice * Official Languages Notice