Symantec Gateway gets Common Criteria

Symantec Corp.'s Gateway Security device, which the company is touting as an integrated defense against the growing threat of blended Internet attacks, has received the Defense Department's Common Criteria certification.

The Evaluation Level 4 (EAL4) status applies to the company's Gateway Security 5400 Series v2.0 product, what Symantec officials describe as a full-inspection device that wraps firewall, antivirus, intrusion detection, content filtering and virtual private network capabilities into a single unit.

Such devices, company officials say, counter the growing problem of application level threats, which firewalls that use packet filtering to scan traffic only at the network level can't catch.

Full application inspection, or content filtering, examines the content of data packets for anomalies and hidden threats, rather than just scanning the headers of the packets as they pass through the firewall.

The company's officials also claim that the integration of security detection that Gateway Security provides is vital to catching blended attacks, which they say are now the majority of network threats they are detecting.

Blended threats use a combination of malicious code and system vulnerabilities to attack systems. Instead of an e-mail worm that simply takes addresses from someone's e-mail address book to broadcast itself to hundreds of others, for example, a blended attack could also include an executable file that would open a backdoor in the user's system, making it vulnerable to other kinds of intrusion.

According to Symantec, more than half of the security threats detected in 2003 were of this blended variety.

Common Criteria certification is required by DOD, and increasingly by other federal agencies.

Brian Robinson is a freelance journalist based in Portland, Ore. He can be reached at hullite@mindspring.com.

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.

Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

  • Cloud
    cloud migration

    DHS cloud push comes with complications

    A pressing data center closure schedule and an ensuing scramble to move applications means that some Homeland Security components might need more than one hop to get to the cloud.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.