IT security vendor McAfee (Quote, Chart) has gone where no other security vendor has gone, so far at least. The company said its intrusion protection system (IPS), Intrushield, has achieved Common Criteria Certification EAL 3. . . .
Common Criteria Certification is typically a critically important certification for defense and other highly sensitive areas of governmental IT operations. Many are mandated to only buy certified products. The rigorous certification standard is recognized in 20 countries and in the U.S is backed by the National Security Agency (NSA) and evaluated under a program called Common Criteria Evaluation and Validation Scheme (CCEVS).

"Defense related business worldwide is highly dependant on Common Criteria certification both in the U.S and in other countries that are signatories to the common criteria mutual recognition agreement," McAfee Intrushield Director of Product Management John Parker told internetnews.com. "We find that it is very important to have this certification in order to do defense related business."

McAfee claims that it is the first IPS vendor to achieve the important certification, though its competitor Symantec (Quote, Chart) does have EAL 3 certification for its Manhunt Intrusion Detection System (IDS).

The difference between IDS and an IPS is that an IDS does not contain the prevention mechanisms that are included in an IPS system. EAL 3 is currently the highest level at which either an IDS or IPS is certified. According to McAfee's John Parker, no vendor has certified to EAL 4 and no one has announced an intention to certify to EAL 4.

The link for this article located at Sean Michael Kerner is no longer available.