SOURCE: Secure Computing

December 05, 2007 08:00 ET

Secure Computing's Sidewinder v7 Gateway Security Appliances Achieve EAL4 Common Criteria Certification Against U.S. Government Application-Level Firewall Protection Profile

World's Strongest Firewall Continues to Achieve Highest Internationally Recognized Certification Level

SAN JOSE, CA--(Marketwire - December 5, 2007) - Secure Computing Corporation (NASDAQ: SCUR), a leading enterprise gateway security company, today announced that the company's recently introduced line of Sidewinder ® 7.0 Gateway Security appliances have achieved EAL4 Common Criteria certification from the National Information Assurance Partnership (NIAP), after testing by the U.S.-based Science Applications International Corporation's (NYSE: SAI) Common Criteria Testing Laboratory. EAL4 is presently the highest internationally recognized evaluation assurance level

The Sidewinder 7.0 certification includes compliance with the U.S. Department of Defense (DoD) application-level firewall protection profile for "basic robustness" environments. While this protection profile only requires EAL2, Sidewinder's certification was raised to EAL4, with added augmentation to include the key requirement for tracking and correcting security flaws. The result is far greater product assurance in the areas of design, implementation, test, vulnerability analysis and flaw remediation. With this certification, the Sidewinder 7.0 appliances join the select group of industry-leading Secure Computing firewalls that comply with a U.S. Department of Defense application-level firewall protection profile, at an internationally recognized EAL4. To date, Secure Computing is still the only vendor who has achieved this level of certification.

U.S. Government protection profiles set an extremely credible standard that levels the playing field and helps enable IT professionals to make more informed procurement decisions. Many vendors have entered their firewalls into evaluation against an application-level protection profile and have never completed them. In contrast, Secure Computing's firewalls are the only products to achieve both the basic and medium robustness application layer U.S. DoD protection profile compliant certificates, at EAL4 level multiple times over the past 4 years.

Plans are currently underway to enter Sidewinder into evaluation against the new U.S. Government firewall protection profile for "medium robustness" environments, a certification yet to be obtained by any firewall. This is a logical next step and consistent with Secure Computing's long history of industry leading product security certifications.

The protection profiles developed by the U.S. National Security Agency (NSA) provide an independent set of benchmarks to validate how well competing security products, such as firewalls, address threats that exist in real-world environments. The U.S. National Information Assurance Acquisition Policy (NSTISSP No. 11) now mandates that U.S. government agencies only purchase information security products that have been evaluated against a common set of protection profiles.

"Governments and commercial enterprises around the world are looking for manageable, comprehensive security solutions to control and secure network access," said Mike Gallagher, senior vice president of product development and support for Secure Computing. "This validates that Secure Computing's solutions continue to meet and exceed the stringent requirements established by internationally recognized standards, approval processes and security industry tests to protect networks at all levels."

About Common Criteria

The Common Criteria for Information Technology Security Evaluation (CCITSE) is a set of evaluative criteria agreed to by the National Security Agency/National Institute of Standards and Technologies and equivalent bodies worldwide. It was designed to resolve technical and conceptual differences among existing standards for evaluating network security systems and products. An international standard for levels up to EAL4, the Common Criteria represents the outcome of efforts to develop criteria for evaluating IT security that are widely accepted within the international community and mutually recognized by 25 countries: US, UK, Australia, Austria, Canada, Czech Republic, Denmark, Finland, France, Germany, Greece, Hungary, India, Israel, Italy, Japan, Malaysia, The Netherlands, New Zealand, Norway, Republic of Korea, Singapore, Spain, Sweden and Turkey.

About Sidewinder

The most comprehensive network security gateway appliance in the world, Secure Computing's Sidewinder consolidates all major Internet security functions into a single system. Built on unique Total Stream Protection (TSP) technology, Sidewinder defends the network against all types of threats, both known and unknown. Through its unified threat management (UTM) approach, Sidewinder delivers best-of-breed anti-virus/spyware and anti-spam/fraud protection, Web content filtering, traffic anomaly detection, IDS/IPS, and many other critical protective features.

About Secure Computing

Secure Computing (NASDAQ: SCUR), a leading provider of enterprise gateway security, delivers a comprehensive set of solutions that help customers protect their critical Web, email and network assets. Over half the Fortune 50 and Fortune 500 are part of our more than 20,000 global customers in 106 countries, supported by a worldwide network of more than 2,000 partners. The company is headquartered in San Jose, Calif., and has offices worldwide. For more information, see

This press release contains forward-looking statements relating to the anticipated delivery of Secure Computing's Sidewinder certifications and the expected benefits of such certifications, and such statements involve a number of risks and uncertainties. Among the important factors that could cause actual results to differ materially from those indicated by such forward-looking statements are delays in product development, undetected software errors or bugs, competitive pressures, technical difficulties, changes in customer requirements, general economic conditions and the risk factors detailed from time to time in Secure Computing's periodic reports and registration statements filed with the Securities and Exchange Commission.

Contact Information

    Ally Zwahlen
    Secure Computing Corporation
    Email Contact

    Paula Dunne
    Contos Dunne Communications LLC
    408-893-8750 cell
    Email Contact