Certified Product: Trustwave Secure Web Gateway Version 11.0

Trustwave Holdings, Inc.
70 West Madison Street
Suite 1050
Chicago, IL 60602

Trustwave Secure Web Gateway Version 11.0 (hereafter referred to as SWG), from Trustwave Holdings, Inc., was the subject of a Common Criteria evaluation performed by the Common Criteria Evaluation Facility at EWA-Canada. The evaluation was completed in November 2013.

The evaluation of SWG determined that this Information Technology (IT) product can be trusted, to Evaluation Assurance Level (EAL) 2 augmented with ALC_FLR.2, to conform to the requirements of the associated security target.

SWG protects against next-generation threats from web site access in real time. By detecting new and targeted attacks, it enables users to access the Internet safely.  SWG protects against dynamic, cross-component malware threats using real-time code analysis, analyzing the whole composition of a web page.

SWG Real-Time Code Analysis technology provides functionality to detect and block dynamic malware. As inbound and outbound web communication occurs it is dynamically analyzed and viewed by multiple malware engines to determine intent. These engines run in parallel providing the following abilities:

  • Detection and blocking of dynamic malware from cross-component attacks
  • Detection of malicious code on web pages
  • Web page analysis of both single and multiple component attacks

The scope of this evaluation is defined by the security target, which identifies assumptions made during the evaluation, the intended environment for the SWG, the IT security requirements to be met, and the level of confidence (evaluation assurance level) to which it is asserted that the SWG satisfies its IT security requirements.

Consumers are advised to carefully review the certification report to gain an understanding of the security functionality, the evaluated configuration, and the intended operating environment for SWG.