At 08:30 AM 02/03/2000 -0500, Marcus J. Ranum wrote: >I'm sure that many on this list will be shocked to hear me say >this, but the ICSA firewall product certification is orders of >magnitude more valuable to real customers than ITSEC evaluation. The Common Criteria is supposed to fix this problem by defining "Protection Profiles" that establish functional requirements for particular types of products. There are two firewall profiles already, with more on the way. The first two aren't much use to most firewall customers because the requirements are 'way too abstract. You could build all sorts of arcane devices that meet the criteria while remaining steadfastly useless for most security purposes. At least a hub is useful for something. Rick.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:00:35 PDT