All:
I have been reading and collecting responses to my
original post regarding DoD and CheckPoint with keen
interest. After the thread remisses, I will see if
I can compile a summary.
Meanwhile, I received this email. In posting it, I
hope that it will quelch the backdoor issue or open
another can of worm.
Trang
-----Original Message-----
From: Robert Deitz [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 28, 2000 6:04 PM
To: Nguyen Trang
Cc: Jeff Deitz
Subject: DoD Firewall Policy
Nguyen,
I was forwarded your e-mail requesting information on Check Point Firewalls
and DoD. We are very familiar with this issue - we have been working with
the NSA, Army, OSD and Check Point on this for about 2 years. While it is
true the the Army some time ago sent out a memo requiring all Check Point
Firewalls to be uninstalled because of a "supposed back door" found by NSA
that is actually past history. I think you are aware of the NIAP
certification program and web page. This is sponsored by NSA/NIST and is the
only official standard for DoD/Federal certifications. This has put the DoD
into a precarious situation as the Army's main Firewall - Gauntlet, the Air
Force's main Firewall - Sidewinder, and the Navy's main Firewall - Raptor
(they have a bigger mix than other Departments however) all are not approved
by NIAP. Thus, NSA's suggestion (a Federal Requirement via Executive order
effective Jan, 2002) for secure and tested products is not being followed by
the DoD. The web page has been up since Oct of 1999 so it has been over a
year that these products and what was certified has been public. This would
tend to indicate that DoD is not following it's own guidelines thus any
previous mandate to remove a particular product would not seem to have
carried any DoD wide mandate.
If I can answer any other questions please feel free to contact me.
Robert Deitz
Government Technology Solutions
530-621-1163
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
