Corsec would like to congratulate our partner Cisco Systems for achieving an Assurance Continuity (AC) on their Common Criteria listing for the StealthWatch solution. StealhWatch (originally a Lancope product) completed the Common Criteria certification process in May of 2014 under the Network Device Protection Profile (NDPP) v1.1 in Canada. After Lancope was acquired by Cisco, an Assurance Continuity was conducted on the StealthWatch solution; in order to update the products certification. Last month the AC was accepted and now version 6.5.4 is listed as certified under Common Criteria. See more details on the certification here.
About Common Criteria
Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed. There are currently 25 countries involved in the CCRA, including the United States and Canada, with others that follow unofficially such as the EU. The U.S. government mandates Common Criteria certification of security products for federal purchases. The National Information Assurance Acquisition Policy, NSTISSP No. 11, requires agencies to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.
About Assurance Continuity
Common Criteria determines if reevaluation will be necessary through a process called Assurance Continuity. If minor changes have occurred, a vendor can perform an “assurance maintenance,” and submit a report that is attached as an addendum to the original product security certification. If major changes have occurred, evidence will need to be submitted to a laboratory for reevaluation.
The StealthWatch system is a scalable network monitoring system. StealthWatch continuously monitors network traffic for health, performance, and security anomalies. Once the system is installed on a network, it begins gathering data from: flows, hosts, services, and applications.