Trustwave Network Access Control (NAC) Software Version 3.4.0
Trustwave
70 West Madison Street
Suite 1050
Chicago, IL 60602
The Trustwave Network Access Control (NAC) Software 3.4.0, hereafter referred to as Trustwave NAC, was the subject of a Common Criteria evaluation performed by the Common Criteria Evaluation Facility at DOMUS IT Security Laboratory, located in Ottawa, Ontario, Canada. The evaluation was completed in November 2009.
The evaluation of Trustwave NAC determined that this Information Technology (IT) product can be trusted, at an assurance level of EAL 2 augmented with ALC_FLR.1, to conform to the requirements of the associated security target.
The Trustwave NAC solution enables network administrators to control which devices gain admission to the network and what network services they may invoke. Sensors are connected to the network segments that are controlled, and monitor all the network traffic to detect any policy violations configured by administrators. As devices attempt to gain access to the network, Trustwave NAC immediately identifies the device and can run a policy check to determine if the device complies with the security policies in the network segment that it is attempting to join. When performing policy checks on managed devices, Trustwave NAC can perform monitoring of network traffic to identify attributes of the device, and/or a deep scan via a Java applet downloaded.
Network monitoring determines the device type, whether it is known or unknown, network function (e.g. IP telephony device, wireless device), and what services are currently running - such as instant messaging, file transfer protocol services, or peer-to-peer networking. Deep scans obtain more detailed information about the device configuration such as anti-virus version, signature update levels, OS patch levels, and the absence or presence of spyware and firewall software. Devices can be re-checked throughout their lifecycle on the network. After admission, Trustwave NAC monitors all network traffic, detects exceptions to the administrator configured behavioral policy, and re-evaluates the network access permitted to the managed devices as new information about them is learned.
The scope of this evaluation is defined by the Security Target, which identifies assumptions made during the evaluation, the intended environment for Trustwave NAC, the IT security requirements to be met, and the level of confidence (evaluation assurance level) to which it is asserted that Trustwave NAC satisfies its IT security requirements.
Consumers are advised to carefully review the Certification Report to gain an understanding of the security functionality, the evaluated configuration, and the intended operating environment for Trustwave NAC.
Product Type: Network Access Control
Security Target: PDF (502KB) * Accessibility Notice * Official Languages Notice