NFR Security's Sentivist Achieves Prominent Government Security Certification

June 1, 2005
Real-time threat protection solution earns EAL2 certification

ROCKVILLE, Md. -- NFR Security, the leader in Real-Time Threat Protection(TM), today announced that its award-winning Sentivist(TM) solution has achieved Common Criteria (CC) Evaluation Assurance Level 2 (EAL2) certification, a key requirement for many government purchases of network security products. This prominent certification assures NFR's government customers that Sentivist has completed an extensive, rigorous testing process and conforms to international security standards.

The Common Criteria certification is a worldwide, standardized testing and approval process for security systems and products. It is internationally recognized through ISO 15408, by twenty-two countries through the Common Criteria Recognition Agreement (CCRA). The framework provided by the Common Criteria allows government agencies and other groups to define sets of specific functional and assurance requirements, called "Protection Profiles." The Common Criteria also provides evaluation laboratories with procedures for evaluating the products or systems against the specified requirements.

"Over the years, NFR has developed strong ties to the government market, providing major federal agencies with our robust security solutions that can actively detect and prevent network threats in real-time," said Andre Yee, president and CEO of NFR Security, Inc. "This Common Criteria certification provides our government and commercial customers with the assurance that our Sentivist platform meets the highest levels of performance, reliability and security that are required in today's dynamic security environment."

NFR's Sentivist real-time threat protection solutions are currently installed in several prominent government departments and agencies.

Sentivist, which protects networks against intrusions, vulnerabilities, internal and external threats and patch gaps, was tested by the Arca Common Criteria Test Laboratory (CCTL), a division of SAVVIS, a global information technology services company. Arca CCTL, an independent lab accredited by the National Voluntary Laboratory Accreditation Program and approved by the National Information Assurance Partnership (NIAP), validated the strength of Sentivist to accurately detect network attacks and consequently, a certificate was issued by NIAP. Sentivist will be listed on NIAP's CCEVS web site at: http://niap.nist.gov/cc-scheme/vpl/vpl_type.html

"Arca CCTL has certified numerous products over the last seven years for use by US government agencies," noted Tim Caulfield, Managing Director of Global Solutions at SAVVIS. "Security solutions utilized by our nation's government agencies must provide the highest level of protection against the growing number of network threats. NFR's completion of the Common Criteria evaluation demonstrates that Sentivist meets the Protection Profile for intrusion detection systems and is now validated for use within any government organization's network."

The Common Criteria certification lays out a general structure which allows firms to formally claim the security features which their product will present. The management of the standard within the United States is performed by the National Information Assurance Partnership, a joint effort between the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA).