* Keith [2010-02-02 00:16]:
> I've used OpenBSD & PF for a number of years without issue and am
> now in the position that I want to create a dmz between the Internet
> and my organisations WAN. Our security people are asking if the
> firewall that we use is accreditated by ITSEC and I am pretty s
On 2 February 2010 10:06, Keith wrote:
> I've used OpenBSD & PF for a number of years without issue and am now in the
> position that I want to create a dmz between the Internet and my
> organisations WAN. Our security people are asking if the firewall that we
> use is accreditated by ITSEC and I
On Wed, Feb 03, 2010 at 11:10:59PM +0100, Martin Schr?der wrote:
> 2010/2/3 Jean-Francois :
> > Not clear for me, does this firewall reach EAL4+ or EAL6 as stated in their
> > doc
> "Certified by the BSI according to CC at the level EAL 4+"
> http://www.genua.de/genua/kunden/index.en.html
ITYM h
2010/2/3 Jean-Francois :
> Not clear for me, does this firewall reach EAL4+ or EAL6 as stated in their
> doc
"Certified by the BSI according to CC at the level EAL 4+"
http://www.genua.de/genua/kunden/index.en.html
Best
Martin
Le mardi 02 fivrier 2010 20:29:29, Martin Schrvder a icrit :
> 2010/2/2 Keith :
> > Can anyone help me out ?
>
> If you need professional services:
> http://www.genua.de/produkte/firewall/genugate/index.en.html
>
> Their firewalls are OpenBSD based.
>
> Best
> Martin
>
Not clear for me, does t
Eugene Yunak wrote:
2010/2/2 Keith :
organisations WAN. Our security people are asking if the firewall that we
use is accreditated by ITSEC and I am pretty sure it isn't but it turns out
that our security people will be happy is the firewall is accredited for use
by another government !
Ukrain
2010/2/2 Keith :
> I've used OpenBSD & PF for a number of years without issue and am now in the
> position that I want to create a dmz between the Internet and my
> organisations WAN. Our security people are asking if the firewall that we
> use is accreditated by ITSEC and I am pretty sure it isn't
On Tue, Feb 02, 2010 at 02:15:00PM -0500, Brad Tilley wrote:
> Common Criteria - http://www.iso15408.net
[...]
> I think the certification process can be very narrowly focused on a
> few parts of the system
[...]
Yup, that's the whole idea behind CC - all the evaluation does is verify
the claims t
On 03/02/2010, at 8:49 PM, Stuart Henderson wrote:
> On 2010-02-01, Keith wrote:
>> I've used OpenBSD & PF for a number of years without issue and am now in
>> the position that I want to create a dmz between the Internet and my
>> organisations WAN. Our security people are asking if the firewa
On 2010-02-01, Keith wrote:
> I've used OpenBSD & PF for a number of years without issue and am now in
> the position that I want to create a dmz between the Internet and my
> organisations WAN. Our security people are asking if the firewall that
> we use is accreditated by ITSEC and I am prett
> Given such limitations, perhaps you might propose a more
> open evaluation and make code access for audit, including by escrow
> access for an established third-party authority, as a major criteria?
To simplify things, I have just certified the 4.6/i386 GENERIC
that runs my router as "The Best
Oh come on. Security certification is a laughably stupid concept.
Giving it any sort of lip service is disingenuous.
On Tue, Feb 02, 2010 at 02:15:00PM -0500, Brad Tilley wrote:
> On Tue, 02 Feb 2010 18:09 +, "Bayard Bell"
> wrote:
> > Formal evaluation just means that the features judged r
2010/2/2 Keith :
> Can anyone help me out ?
If you need professional services:
http://www.genua.de/produkte/firewall/genugate/index.en.html
Their firewalls are OpenBSD based.
Best
Martin
On Mon, Feb 1, 2010 at 18:06, Keith wrote:
> I am very happy with my PF firewalls and their reliability and don't want to
> be forced into purchasing some cisco / forenet comercial firewall that I've
> never used before so am desperate to find some details of any foreign
> governments that are usi
On Tue, 02 Feb 2010 18:09 +, "Bayard Bell"
wrote:
> Formal evaluation just means that the features judged relevant to the
> evaluation can be minimally verified. On the flip side, there's David
> Litchfield's observation in the introduction to The Oracle Hacker's
> Handbook: "The Oracle
Formal evaluation just means that the features judged relevant to the
evaluation can be minimally verified. On the flip side, there's David
Litchfield's observation in the introduction to The Oracle Hacker's
Handbook: "The Oracle RDBMS was evaluated under Common Criteria to
EAL4... However,
On Mon, Feb 01, 2010 at 11:06:12PM +, Keith wrote:
> firewall that I've never used before so am desperate to find some
> details of any foreign governments that are using OpenBSD / PF as a
> firewall or any details of any certification of the PF firewall.
Did you see the "Governments" section
those are some funny clowns.
OMGITSEC hilarious!
On Mon, Feb 01, 2010 at 11:06:12PM +, Keith wrote:
> I've used OpenBSD & PF for a number of years without issue and am now in
> the position that I want to create a dmz between the Internet and my
> organisations WAN. Our security people ar
I've used OpenBSD & PF for a number of years without issue and am now in
the position that I want to create a dmz between the Internet and my
organisations WAN. Our security people are asking if the firewall that
we use is accreditated by ITSEC and I am pretty sure it isn't but it
turns out tha
19 matches
Mail list logo