[prev in list] [next in list] [prev in thread] [next in thread] 

List:       focus-ids
Subject:    Re: IDS Certification
From:       Mike Ruscher <Mike.Ruscher () CSE-CST ! GC ! CA>
Date:       2001-01-18 16:33:08
[Download RAW message or body]

 Well perhaps I may offer something on this subject. I think the type of
certification at issue is something along the lines of what used to be a
Trusted Products Evaluation Program (TPEP) evaluations and subsequent orange
book rating on a "preferred products list" (PPL).

 The evaluation criteria for IT security products in place today is the
Common Criteria and the evaluations are largely done at commercial
accredited laboratories in various countries who have agreed to unilateral
acceptance of the results.

 I don't know of any IDS product which have been evaluated offhand, but I
know that there has been some work done on a Protection Profile (PP)
development for IDS products.

 Here are some relevant links to get things started:

http://csrc.nist.gov/cc/index.html
http://www.iatf.net/protection_profiles/profiles.cfm
http://www.cse-cst.gc.ca/cse/criteria/english/index.htm

Mike Ruscher, ITS Specialist I2, CSE/CST
mgruscher@cse-cst.gc.ca
Phone: +1 613 991-8040
ED/C200
http://www.cse-cst.gc.ca

[prev in list] [next in list] [prev in thread] [next in thread]