Government Quality Mark Directory of CESG Claims Tested Mark - PDF by courtneyanderson

VIEWS: 0 PAGES: 19

									                          Government Quality Mark




                       Directory of
         CESG Claims Tested Mark (CCTM) Awards
                for Products and Services




                                  May 2009




CCTM Directory May 2009                             Page 1 of 19
 “In line with Transformational Government Policy and to ensure trust and confidence, Government
information systems must use appropriate security products and services which have a minimum
assurance of the CCTM.”
Central Sponsor for Information Assurance

"If I am going to buy a product or service I need to know that I can trust in it. If I find something
that I know will work for us, and it has the CCTM which will also be recognised by our partners,
then it's a win-win. As new products go through the CCTM process we hope to end up with a raft
of products we know we can trust, choosing the right products also means that our citizen's data
should be safe."
David Sifleet, London Borough of Brent, GC Supplement July/August 2007



The CESG Claims Tested Mark (CCTM)- a mark for assurance, a mark for
confidence, a mark for quality, a mark to trust.

The CCTM scheme provides a government quality mark for the public and private sectors
based on accredited independent testing, designed to prove the validity of security
functionality claims made by vendors. The CCTM is designed to assure public bodies that
a product or service “does what it says on the box”. Additionally, the CCTM scheme
provides compliance testing against technical standards for degaussing (data erasure) set
by CESG as the National Technical Authority for IA. The CCTM is aimed primarily at
products and services to meet IA requirements at Government Impact Levels 1 and 2.

To see details of the claims tested and a test report summary for each product or service
in this catalogue visit the Awards page on the CCTM website.


                                      Claims Testing Process

To be awarded the CCTM, each product or service must go through the following process:

   •   Vendors translate marketing statements about their product or service into claims
       and produce an Information Assurance Claims Document (ICD)

   •   Vendor selects and agrees a contract with a Test Laboratory for claims testing.

   •   Vendor registers with CESG CCTM Secretariat to have their product or service
       tested against their ICD.

   •   The Scheme reviews the claims made by the vendor about their product or service,
       as well as looking at marketing and guidance documentation and accepts the
       application for claims testing.

   •   Vendor’s chosen CCTM Test Laboratory starts testing the functionality of the
       product or service against the claims that are made in the ICD and issues a test
       report.

   •   If successful the Scheme awards the CCTM for a period of two years for a product
       and one year for a service. Details are published on the Government website.


CCTM Directory May 2009                                                                 Page 2 of 19
CCTM Directory May 2009   Page 3 of 19
                               Quick Overview of CCTM Awards




                                                                                                                                        Network Link Protection
                                                                                                                Media and Information




                                                                                                                                                                  Verification Facilities
                                                                        Integrity Protection
                                                   Erasure & Disposal




                                                                                               Media & Device
                                                                                               Authentication



                                                                                                                     Protection
                         Company
           AEP Networks                                                                                                                    x
           Aladdin                                                        x
           Barron McCann                             x
           BeCrypt                                                                                 x                   x
           CGI Group                                                                               x
           Check Point                                                                                                 x                   x
           Credant                                                                                 x
           Data Eliminate                            x
           Data Encryption Systems                                                                                     x
           Digital Assurance Consulting                                                                                                                              x
           Future Technology Industry                x
           IBM                                                                                                         x
           Juniper Networks                                                                                                                x
           Lumension                                                                               x
           Message Labs                                                   x
           The National Archives                                          x
           Netintelligence                                                x
           Pointsec                                                                                                    x
           SDMS                                                                                    x
           Thales e-Security                                                                                                               x
           TruDate Integrity                                              x




Descriptors

The following defines the meaning of the categories used in this document.

Connection Protection: focused on protecting Systems, Data and Information in transit at the Application
Level.

Erasure and Disposal Protection: focused on protecting Data and Information when the Media on which it
is contained is to be reused or disposed off.

Information Preservation & Investigation: focused on preserving Data and Information for Recovery or
Investigative purposes. No Products and Services have yet been awarded in this category.

Integrity Protection: focused on protecting Systems, Data and Information from Unauthorised Modification
or Deletion, typically at the Application Level

Media & Device Authentication: focused on ensuring that Systems only accept approved media or devices
at the Infrastructure Level

Media & Information Protection: focused on ensuring that Data and Information is protected from
Unauthorised Access, typically at the Application Level

Network Link Protection: focused on protecting Data and Information in transit at the Communications or
Infrastructure Levels

Verification Facilities: focused on ensuring the correct operation of other IA facilities.




CCTM Directory May 2009                                                                                                                                                                     Page 4 of 19
                                    Latest CCTM Awards

                                      Integrity Protection
  Aladdin Knowledge Systems              eSafe Version 7.1

                                         Founded by pioneers in the anti-malware industry and
Certificate Number: 2009/04/0045         grounded in ongoing product innovation and patented
CCTM Awarded: 28th April 2009            technologies, eSafe provides strong content security solutions
                                         with the capacity, manageability, scalability and reliability to
        For more information:            effectively protect against Internet-borne threats, reducing risk
          www.aladdin.com                and increasing productivity.


                                    Network Link Protection
      Check Point Software               Check Point UTM-1 Edge Version 7.5
         Technologies                    Check Point UTM-1 EDGE W Series delivers a tightly
                                         integrated set of security and connectivity features to ensure
Certificate Number : 2009/02/0044        remote sites remain as secure as larger corporate sites.
CCTM Awarded: 25th February 2009         Security features include a stateful inspection firewall, NAT,
                                         IPSec VPN for both site-to-site and remote access.
        For more information:            Connectivity features include internal network support with a 4
        www.checkpoint.com               port switch supporting VLANs and either a DMZ or second
                                         WAN port. The integrated Wireless Access Point (802.11b/g)
                                         supporting multiple authentication protocols can include up to
                                         4 separate virtual access points. Additionally, the appliance
                                         includes an ADSL modem or support for USB Cellular
                                         modems for WAN connectivity. For large scale deployments,
                                         UTM-1 Edge seamlessly integrates with Check Point’s SMART
                                         management solutions to greatly simplify security
                                         management.




CCTM Directory May 2009                                                                     Page 5 of 19
                      Products/Services Awarded the CCTM


                                     Erasure and Disposal
  Barron McCann Technology             Managed Service for Secure Destruction of Data on
                                       Magnetic Media Version 1.0
Certificate Number: 2008/11/0038       Barron McCann’s Secure Data Destruction Service is an end-to-
CCTM Awarded: 28th November 2008       end managed service for dealing with end-of-life IT equipment in
                                       central and local government, law enforcement, military and
       For more information:           health environments holding data with protective markings of up
         www.bemac.com                 to and including (IL6) HMG Top Secret. The service offers a
                                       data destruction service that ensures data stored on magnetic
                                       media such as hard drives and tape is destroyed before the
                                       equipment is recycled. Our service allows your organisation to
                                       meet both your WEEE and Data Protection Act legal
                                       responsibilities.

                                       When carrying out the service we follow all relevant security
                                       standards in data destruction using CESG approved equipment
                                       backed by the CESG Claim Tested Mark with full compliance to
                                       HMG IS5 & CESG Manual S.

                                       The service is offered Off-site at our secure List-X data
                                       destruction facility for Media of up to & including (IL3) Restricted
                                       or we can carry out the service at your own location anywhere in
                                       the UK. All of our data destruction engineers hold at least SC
                                       clearances.

                                       Secure Destruction of Data on Hard Drives and Magnetic
     Data Eliminate Limited            Storage Media V 1.0

Certificate Number: 2008/09/0037       Our service helps ensure that your organisation is not at risk
CCTM Awarded: 11th September 2008      from a breach of data classified as HMG RESTRICTED or
                                       below. It helps protect your reputation and reduces the legal and
      For more information:            financial risks that could result from an incident of data loss or
 www.secure-data-destruction.co.uk     unauthorised disclosure. The service is provided on site at your
                                       premises. It lets you witness that your sensitive data is
                                       eliminated from hard drives and magnetic storage media before
                                       any IT equipment leaves your control. It is carried out under your
                                       supervision and at a time convenient to you.

                                       The process uses CESG approved degaussing equipment. It is
                                       fully auditable and certificates of destruction are issued. It
                                       facilitates compliance with UK and EU Data Protection and
                                       Environmental Recycling regulations (WEEE) and the USA’s
                                       Sarbanes Oxley Act.

                                       The service is not suitable for material with a protective marking
                                       of HMG CONFIDENTIAL or above.




CCTM Directory May 2009                                                                      Page 6 of 19
                      Products/Services Awarded the CCTM

                                   Erasure and Disposal
    Future Technology Industry          Hard Disk Magnetic Crusher Model: HC-3000

                                        The consequences of your data being made public are
Certificate Number: 2007/06/0021        embarrassment, financial loss and reputational loss. To
CCTM Awarded: 13th June 2007            mitigate data theft from discarded computer hard drives and
                                        other magnetic recording media, you should destroy the data
         For more information:          at source. The HC-3000 is an office-based magnetic media
   www.futuretechnologyindustry.com     degausser the size of a desktop computer and can be used
                                        to clear all data from the media before disposal. When you
                                        need a robust security policy, you need a robust end-of-life
                                        data destruction process.


    Future Technology Industry          Hard Disk Magnetic Crusher Model: COMBO
                                        The consequences of your data being made public are
Certificate Number: 2007/06/0022        embarrassment, financial loss and reputational loss. To
CCTM Awarded: 13th June 2007            mitigate data theft from discarded computer hard drives and
                                        other magnetic recording media, you should destroy the data
                                        at source. The Combo’s dual function will magnetically
         For more information:          degauss and physically destroy the magnetic media to clear
   www.futuretechnologyindustry.com     all data before disposal. When you need a robust security
                                        policy, you need a robust end-of-life data destruction
                                        process.


    Future Technology Industry          Hard Disk Magnetic Crusher Model: HC-7800

                                        The consequences of your data being made public are
Certificate Number: 2007/08/0025        embarrassment, financial loss and reputational loss. To
CCTM Awarded: 6th August 2007           mitigate data theft from discarded computer hard drives and
                                        other magnetic recording media, you should destroy the data
         For more information:          at source. The HC7800 is a high-power magnetic media
   www.futuretechnologyindustry.com     degausser which and can be used to clear all data from the
                                        media before disposal. When you need a robust security
                                        policy, you need a robust end-of-life data destruction
                                        process. Additionally, HC7800 has large storage which can
                                        be accommodated up to 15'' Laptop PC and erase the data
                                        without taking the hard drive from the Laptop PC.




CCTM Directory May 2009                                                               Page 7 of 19
                      Products/Services Awarded the CCTM

                                   Integrity Protection
   Aladdin Knowledge Systems           eSafe Version 7.1

                                       Founded by pioneers in the anti-malware industry and
Certificate Number: 2009/04/0045       grounded in ongoing product innovation and patented
CCTM Awarded: 28th April 2009          technologies, eSafe provides strong content security
                                       solutions with the capacity, manageability, scalability and
         For more information:         reliability to effectively protect against Internet-borne threats,
           www.aladdin.com             reducing risk and increasing productivity.


            MessageLabs                MessageLabs Anti-Virus Service Version: 5.1

                                       MessageLabs Anti–Virus email service provides protection
Certificate Number: 2007/10/0032       against email threats, such as viruses and Trojans, saving
CCTM Awarded: 5th November 2007        businesses valuable time and resource otherwise spent
                                       dealing with unwanted outbreaks and the associated clean
         For more information:         up.
        www.messagelabs.com
                                       The service uses multiple commercial virus scanners to
                                       identify existing threats and SkepticTM, MessageLabs
                                       predictive proprietary technology. Skeptic is supported by an
                                       internationally recognised anti–virus team who researches
                                       and identifies new threats and pre–emptively updates the
                                       service to offer up–to–date 24x7x365 protection.

                                       With 99.999% availability and backed by a service level
                                       agreement which offers compensation in the very unlikely
                                       event that a virus reaches your network, the service is run in
                                       secure data centres on multiple sites to ensure continuous
                                       availability in the event of a disaster. Even with
                                       MessageLabs global infrastructure client email can still be
                                       guaranteed to be scanned within certain countries or regions
                                       to ensure compliance with data protection legislation and
                                       specific client requirements.


           NetIntelligence             Ni Enterprise Manager Version: 5.0

                                       IT user management & control gets the hosted service
Certificate Number: 2007/11/0031       treatment, with Ni Enterprise Manager offering a simple way
CCTM Awarded: 30th October 2007        of enforcing endpoint policy regardless of the physical
                                       location of the users.
         For more information:
        www.netintelligence.com        An ‘all in one software as a service’ solution that combines
                                       core physical security functionality of anti virus/spyware,
                                       firewall, web filtering, IM & P2P control, asset management,
                                       with comprehensive end point usage reporting, Ni Enterprise
                                       Manager offers a truly unique ‘plug and play’ web based
                                       management, protection and control service. Ni Enterprise
                                       Manager enables the central application and enforcement of
                                       policies across de-perimeterised networks and physical
                                       boundaries.




CCTM Directory May 2009                                                                   Page 8 of 19
                      Products/Services Awarded the CCTM

                                   Integrity Protection
          TruData Integrity            TruSeal Version: 2.0

                                       The Tru Data Integrity TruSeal product provides a solution to
Certificate Number: 2007/11/0033       the question of what happens to information once it leaves
CCTM Awarded: 8th November 2007        the originator; the product provides a means of ensuring that
                                       copies of original data continue to hold evidential weight
        For more information:          even once they have moved into the hands of third parties.
       www.tru-dataintegrity.com       The product delivers proof (in line with BIP0008) of integrity
                                       and origin, for legal and Information Integrity purposes, by
                                       sealing data and ensuring that the seal remains with all
                                       copies of data, regardless of ownership or location.


                                       Digital Record Object Identification (DROID) Version: 3.0
       The National Archives
                                       Departments and other public bodies are unclear about the
Certificate Number: 2008/02/0035       depth and breadth variations in file formats in use for
CCTM Awarded: 27th February 2008       electronic records.

       For more information:           To support an ongoing identification and monitoring of this
     www.nationalarchives.gov.uk       information, the National Archives has produced:
                                       • The PRONOM technical registry which provides a way of
                                          identifying file formats
                                       • The DROID (Digital Record Object Identification) tool to
                                          perform trusted, automated batch identification of file
                                          formats, using both file extension and byte sequence
                                          signatures from PRONOM to identify and report file
                                          format versions of digital files

                                       These tools were joint winners of the 2007 Digital
                                       Preservation Award sponsored by the Digital Preservation
                                       Coalition, and DROID has been awarded the government’s
                                       CSIA Claims Tested (CCT) Mark, Certificate Number
                                       2008/02/0035 which independently validates the trusted
                                       nature of the product.




CCTM Directory May 2009                                                                Page 9 of 19
                      Products/Services Awarded the CCTM
                               Media and Device Authentication
                                      Trusted Client Platform Version: 1.2
             BeCrypt
                                      BeCryptTM Trusted Client Platform is a secure portable
Certificate Number: 2007/09/0027      computing environment that can be used on unmanaged and
CCTM Awarded: 27th September 2007     unsecured computers. The platform is an enterprise security
                                      solution designed to ensure reduced operational risk by
                                      protecting information on bootable USB flash devices on which
       For more information:          critical information could be compromised if lost or stolen. It is a
         www.becrypt.com              solution that is easy to design, deploy and support in line with
                                      organisational security requirements. Implementation and
                                      ongoing management can be achieved with a low Total Cost of
                                      Ownership.

   Credant Technologies Inc.          Credant Mobile Guardian Enterprise Edition Version 5.2.1

                                      CREDANT Mobile Guardian (CMG) Enterprise Edition is a
Certificate Number: 2008/02/0034      scalable mobile security and management software platform that
CCTM Awarded: 18th February 2008      enables organizations to easily secure and manage disparate
                                      mobile & wireless devices from a single management console.
       For more information:          CREDANT Mobile Guardian provides strong authentication,
         www.credant.com              Intelligent Encryption, usage controls, and automated key
                                      management that guarantees data recovery. With CREDANT
                                      deployed, organizations can easily increase the speed of
                                      business execution by enabling business processes to reduce
                                      the risk of going mobile safely “go mobile”.


      CGI Group (Europe)              Excelsior Security Manager Version: 1

                                      Excelsior Security Manager provides a comprehensive identity
Certificate Number: 2007/09/0030      management platform for Local Authorities for providing
CCTM Awarded: 27th September 2007     registration and authentication features. It provides the flexibility
                                      for Local Authorities to make their own decisions on
       For more information:          authentication solutions, while at the same time delivering out of
         www.cgigov.com               the box compatibility with other government initiatives.

           Lumension                  Lumension Device Control Version 4.3.2

                                      Lumension Device Control (formerly named as Lumension
Certificate Number: 2009/02/0041      Security - Sanctuary Device Control) enforces organisation-wide
CCTM Awarded: 25th February 2009      usage policies for removable devices (e.g., USB sticks),
                                      removable media (e.g., CDs/DVDs), and data (e.g., read/write,
                                      encryption). Using a whitelist / “default deny” approach,
                                      administrators can centrally:
       For more information:          • control access of “plug and play” devices by class, model
       www.lumension.com              and/or specific ID;
                                      • uniquely identify and authorise specific media;
                                      • implement file copy limitations (amount-per-day, time-of-day),
                                      file type filtering, and forced encryption;
                                      • apply permissions to specific and/or groups of ports, devices,
                                      endpoints, and users (both on-line/off-line), including temporary
                                      access;
                                      • create role-based Admin accounts (e.g., regional sites);
                                      • log either file name or complete file contents; and
                                      • Create standard & customised reports on system activity to be
                                      saved into a repository, shared via email, and/or imported into
                                      other applications.
                                      • Lumension Device Control enables organisations to use
                                      productivity-enhancing tools whilst limiting the potential of data
                                      leakage (and impacts thereof).
CCTM Directory May 2009                                                                     Page 10 of 19
                       Products/Services Awarded the CCTM

                              Media and Device Authentication
                 SDMS                    Secure Data Media Solutions Service Version: 1.0

                                         The SDMS service provides for the supply of premium
Certificate Number: 2008/12/0040         brand, security marked, printed, accountable and auditable
CCTM Awarded: 19th December 2008         computer, audio and video storage media.

          For more information:          The marking, printing and identification of media can be
       information@sdms.uk.com           customised to meet specific customer security requirements.

                                         Packing and distribution is performed within a government
                                         accredited secure location.

                                         Records of despatched products are retained for at least 7
                                         years, to assist in any related incident investigation by the
                                         customer.




                              Media and Information Protection
               BeCrypt                 Disk Protect Version: 4.1

                                       BeCrypt™ DISK Protect is a feature rich enterprise security
Certificate Number : 2006/10/0014      solution designed to ensure reduced operational risk by
CCTM Awarded: 23rd October 2006        protecting information on mobile devices and smart media on
                                       which critical information could be compromised if lost or
         For more information:         stolen. It is a flexible and scalable solution that is easy to
           www.becrypt.com             design, deploy and support in line with organisational security
                                       requirements on a range of Windows™ platforms.
                                       Implementation and ongoing management can be achieved
                                       with a low Total Cost of Ownership.


               BeCrypt                 PDA Protect Version: 4.1

                                       BeCryptTM PDA Protect is a feature rich enterprise security
Certificate Number : 2006/11/0017      solution     designed     to ensure     reduced    operational
CCTM Awarded: 30th November 2006       risk by protecting information on mobile computing devices on
                                       which critical information could be compromised if lost or
         For more information:         stolen. It is a flexible and scalable solution that is easy to
           www.becrypt.com             design, deploy and support in line with organisational security
                                       requirements on a range of Windows CE platforms.
                                       Implementation and ongoing management can be achieved
                                       with a low Total Cost of Ownership.




CCTM Directory May 2009                                                                 Page 11 of 19
                       Products/Services Awarded the CCTM
                               Media and Information Protection
     Check Point Software            Check Point Endpoint Media Encryption Version 4.93
        Technologies                 Based on market-leading Pointsec® technologies, Check Point
                                     Endpoint Security Media Encryption™ addresses the internal
Certificate Number : 2009/02/0043    threat from unauthorized copying of enterprise data to personal
CCTM Awarded: 25th February 2009     storage devices and removable media through a powerful
                                     combination of port management, content filtering, centralized
       For more information:         auditing and management of storage devices, and optional media
       www.checkpoint.com            encryption. Check Point Media Encryption plugs these potential
                                     leak points and provides a comprehensive audit-reporting
                                     capability of how data files move to and from these devices, giving
                                     enterprises complete control of their security policies. Check Point
                                     Media Encryption is centrally managed so the solution can be
                                     deployed easily across all endpoints, and policy settings can be
                                     updated as business needs change. This fine level of granularity
                                     over policy settings keeps enterprises in control, allowing them to
                                     optimize security while minimizing the effect on user work patterns
                                     and IT operational costs.

   Data Encryption Systems           DESlock+ Ver 3.2.7

Certificate Number: 2008/05/0036     DESlock+ is a flexible, transparent encryption tool aimed at
CCTM Awarded: 13th May 2008          providing information assurance at Government Impact Levels 1
                                     and 2, for purchase by central government and the wider public
                                     sector, particularly the NHS, education, local authorities, police
       For more information:         and criminal justice. DESlock+ provides encryption, decryption and
        www.deslock.com              deletion of data on Hard disk drives and removable media at file
                                     and folder levels, and also the facility to easily Email encrypted
                                     data. Each software token holds up to 64 different keys, which can
                                     be shared with other users, providing a multilevel solution to Data
                                     Security needs

     IBM United Kingdom              Virtual Infrastructure Access Services Version: 5.5b

                                     The IBM Virtual Infrastructure Access Services product allows
Certificate Number : 2007/06/0024    authorised users to connect through any Java enabled Web
CCTM Awarded: 28th June 2007         browser securely over the internet to an enabled application within
                                     their enterprise. The solution combines portal, Thin client,
      For more information:          messaging, and security technologies delivered through a single,
  www-935.ibm.com/services/uk/       consistent delivery framework founded upon a standard and
  index.wss/offering/its/a1024853    scalable set of Internet architecture principles.
                                     IBM Virtual Infrastructure Access Services is an effective way of
                                     delivering distributed infrastructure solutions featuring:
                                          • Single Sign On;
                                          • Single Logical Access point; one entry point allows greater
                                              control;
                                              Simplified Portal presentation
                                     Note: The scope of the claims testing is the IBM Virtual
                                     Infrastructure Access Services product infrastructure only. Testing
                                     of client specific applications on the IBM Virtual Infrastructure
                                     Access Services infrastructure has not been undertaken.

            Pointsec                 Pointsec for Pocket PC

                                     PointsecTM for Pocket PC combines enforceable mandatory
Certificate Number : 2006/10/0015    access control and strong encryption to create an advanced
CCTM Awarded: 30th October 2006      enterprise security solution. This has been proven under the CSIA
                                     Claims Tested Scheme, on Windows 2003 Mobile for Pocket PC.
       For more information:         User credentials and confidential data remain private, enabling
        www.pointsec.com             organisations and agencies to take advantage of today’s mobile
                                     PC technology without compromising security.
CCTM Directory May 2009                                                                   Page 12 of 19
                       Products/Services Awarded the CCTM


                                    Network Link Protection
           AEP Networks                  AEP Netilla Security Platform

                                         The AEP Netilla Security Platform (NSP) is SSL VPN
Certificate Number : 2006/11/0016        appliances that enables organisations to simply, securely, and
CCTM Awarded: 30th November 2006         cost effectively provide users with browser-based access to
                                         corporate applications and files from through the security and
        For more information:            convenience of a web browser. With any browser enabled
        www.aepnetworks.com              computer, telecommuters, branch office employees, business
                                         partners and a mobile sales force can quickly and securely
                                         reach virtually any resource used in your business.


       Check Point Software              Check Point UTM-1 Edge Version 7.5
          Technologies                   Check Point UTM-1 EDGE W Series delivers a tightly
                                         integrated set of security and connectivity features to ensure
Certificate Number : 2009/02/0044        remote sites remain as secure as larger corporate sites.
CCTM Awarded: 25th February 2009         Security features include a stateful inspection firewall, NAT,
                                         IPSec VPN for both site-to-site and remote access.
         For more information:           Connectivity features include internal network support with a 4
         www.checkpoint.com              port switch supporting VLANs and either a DMZ or second
                                         WAN port. The integrated Wireless Access Point (802.11b/g)
                                         supporting multiple authentication protocols can include up to
                                         4 separate virtual access points. Additionally, the appliance
                                         includes an ADSL modem or support for USB Cellular
                                         modems for WAN connectivity. For large scale deployments,
                                         UTM-1 Edge seamlessly integrates with Check Point’s SMART
                                         management solutions to greatly simplify security
                                         management.


         Juniper Networks                Juniper Networks Secure Access Family Version: 5.4R2.1

                                         The Juniper Secure Access 4000/6000-FIPS appliances can
Certificate Number : 2007/04/0020        be deployed to provide secure, anywhere, anytime remote
CCTM Awarded: 24th April 2007            access services to public sector employees from a wide variety
                                         of end devices and locations. By leveraging the advanced
         For more information:           client endpoint assessment features, administrators can
           www.juniper.net               provide many levels of differentiated access, consistent with a
                                         centralised security policy. Ease of integration into existing
                                         AAA environments makes the SA an extremely compelling
                                         solution to support Web, Application and Network connectivity
                                         for a remote workforce. Following CSIA guidelines and subject
                                         to a risk assessment and accreditor approval, the SA4000FIPS
                                         and SA6000FIPS, combining FIPS 140-2 Level 3 and the
                                         CCTM can be used in the Public Sector for networks carrying
                                         information up to Restricted data.




CCTM Directory May 2009                                                                   Page 13 of 19
                                    Network Link Protection
         Thales e-Security               Thales SafeMove Version 4.0

                                         Thales SafeMove is a simple-to-use Mobile VPN (Virtual
Certificate Number : 2009/02/0042        Private Network) solution that enables private and public
CCTM Awarded: 25th February 2009         sector organisations to increase the mobility of their workforce,
                                         helping them improve efficiency, reduce costs and minimise
       For more information:             their carbon footprint.
      www.thales-esecurity.com
                                         Using SafeMove, workers can securely access information and
                                         applications on their office network at any time and place.
                                         Robust VPN technology protects the security of all
                                         communications, whilst resilient Mobile IP technology
                                         maximises availability by providing seamless mobility across a
                                         broad range of wired, wireless and mobile networks. Unlike
                                         traditional VPN solutions, the SafeMove client transparently
                                         switches between networks to maintain the best possible
                                         connection without breaking application sessions or requiring
                                         re-authentication.

                                         The SafeMove central site gateway solution is highly scalable
                                         and supports multiple servers to ensure optimal performance
                                         and resilience in mission-critical environments, whilst a
                                         powerful management platform provides complete control over
                                         client configuration and simplifies end-user support.




                                     Verification Facilities
  Digital Assurance Consulting           Health Check Version 1.0

                                         The Digital Assurance Health Check service offers customers
                                         a range of ethical information security testing services
Certificate Number: 2008/12/0039         including penetration testing, IT Health Checks and
CCTM Awarded: 04th December 2008         vulnerability assessments. These services are undertaken in a
                                         professional manner by certified testers.
        For more information:
      www.digitalassurance.com




CCTM Directory May 2009                                                                     Page 14 of 19
                  Lapsed CCTM Awards for Products/Services

                                   Connection Protection
                  HP                    HP ProtectTools Email Release Manager Version: 5.0

                                        HP ProtectTools Email Release Manager enforces an email
Certificate Number: 2006/05/0011        security policy by providing facilities to electronically sign,
CCTM Lapsed: 16th May 2008              encrypt, and audit emails to ensure your organisation is in
                                        control of email activity with minimum impact on users.


                                   Erasure and Disposal
R & R Data Managed Services Ltd         Secure Destruction of Data on Magnetic Media
                                        Version: 1
Certificate Number: 2007/02/0018        Our unique mobile Data Destruction Service makes it easy
CCTM Lapsed: 27th February 2008         for clients to comply with their statutory duty to securely
                                        remove data classified at RESTRICTED and below from
                                        obsolete and surplus IT equipment and media. The data
                                        destruction process can be part of the quality and security
                                        policy of any organisation, allowing proof of compliance with
                                        security needs and the law. In addition, the media can be
                                        safely destroyed in an environmentally approved way to
                                        comply with statutory disposal requirements.

             Ultratec Ltd               Secure Destruction of Data on Magnetic Media
                                        Version: 1
Certificate Number: 2007/09/0026        This service provides cost effective Secure Data Destruction
CCTM Lapsed: 13th September 2008        on your site for a variety of magnetic data storage media.
                                        This service uses a CESG approved degausser to remove
                                        all data on media marked RESTRICTED or below. This
                                        service is operated by our own Defence Vetting Agency
                                        Security Check (‘SC’) engineers. Van, Engineer, and
                                        equipment will arrive on the customer site. If the option for
                                        environmentally compliant (WEEE directive) disposal of the
                                        processed media has been taken, then the engineer will
                                        remove the media for smelting and refining. A certificate
                                        detailing all media processed is issued on completion.

                                    Integrity Protection
               Aladdin                  eSafe Version: 5.2

                                        Founded by pioneers in the anti-malware industry and
Certificate Number: 2007/03/0019        grounded in ongoing product innovation and patented
CCTM Lapsed: 6th March 2009             technologies, eSafe provides strong content security
                                        solutions with the capacity, manageability, scalability and
                                        reliability to effectively protect against Internet-borne threats
                                        – reducing risk and increasing productivity.


              AppSense                  Application Manager Version: 6.0

                                        AppSense Application Manager blocks the execution of all
Certificate Number: 2005/10/0004        unauthorized software, including executable viruses, trojans,
CCTM Lapsed: 21st October 2007          spyware, P2P and hacking tools.




CCTM Directory May 2009                                                                   Page 15 of 19
                                    Integrity Protection
            Secure Wave                Sanctuary Standard Edition Version: 2.8.0

                                       Sanctuary Application Control provides total control over the
Certificate Number: 2005/09/0002       execution of all applications on Microsoft based networks.
CCTM Lapsed: 8th September 2007        Sanctuary Application Control Desktop works on the basis that
                                       the use of all executables is denied unless authorised.




                              Media and Device Authentication
               BeCrypt                 Connect Protect Version: 2.0

                                       Connect Protect 2.0 introduces further functionality over its
Certificate Number: 2006/04/0009       predecessor version 1.6.2. Version 2.0 now allows finer
CCTM Lapsed: 25th April 2008           grained control over external memory devices and provides
                                       support for audited file copies to and from otherwise restricted
                                       removable media.


               BeCrypt                 Connect Protect Version: 1.6.2.5

                                       Connect Protect is an enterprise Plug and Play device access
Certificate Number: 2005/09/0001       control solution designed to secure desktop or laptop
CCTM Lapsed: 8th September 2007        computers from data leakage via devices such as USB
                                       memory sticks, removable disk drives and printer.


       Centennial Software             DeviceWall Version: 4.01

                                       DeviceWall facilitates the granular management of endpoint
Certificate Number : 2006/08/0012      communications ports, removable media and other peripheral
CCTM Lapsed: 4th September 2008        devices in accordance with security privileges assigned to
                                       groups and users in the Control Center. DeviceWall manages
                                       all common device types, including USB drives, CDs, PDAs
                                       and other external data storage devices. Where appropriate,
                                       DeviceWall can further secure files legitimately copied to USB
                                       flash drives by automatically encrypting the data.


         Reflex Magnetics              Reflex Disknet Pro Version: 4.50.1

                                       Reflex Disknet Pro manages the use of all I/O devices allowing
Certificate Number: 2005/11/0005       granular access to devices; denying all access, providing read-
CCTM Lapsed: 7th November 2007         only access or allowing full authorised access and full content
                                       management.


            Secure Wave                Sanctuary Device Control Version: 2.8.7

                                       Sanctuary Device Control extends the standard Windows
Certificate Number: 2005/09/0003       security model to control I/O devices. Based on the White List
CCTM Lapsed: 8th September 2007        concept, device access for users is not allowed by default.




CCTM Directory May 2009                                                                  Page 16 of 19
                              Media and Information Protection
              Pointsec                   PC Enterprise Workplace Edition Version: 5.2.2

                                         Pointsec for PC combines enforceable mandatory access
Certificate Number: 2006/04/0008         control and strong encryption to create an advanced enterprise
CCTM Lapsed: 25th April 2008             security solution. User credentials and confidential data remain
                                         private, enabling organisations and agencies to take
                                         advantage of today’s mobile PC technology without
                                         compromising security.


              Safeboot                   Safeboot Device Encryption for PC/Laptop Version: 5.0

                                         SafeBoot® Device Encryption™ for PC/Laptop uses strong
Certificate Number : 2006/09/0013        access control and pre-boot authentication for both users and
CCTM Lapsed: 4th September 2008          machines to prevent unauthorized access to PCs and laptops.
                                         Encryption and decryption on hard disk drives are performed
                                         on the fly, in a process which is transparent to the user, with
                                         virtually no performance degradation. SafeBoot® Device
                                         Encryption™ for PC/Laptop also offers secure hibernation,
                                         password rules (for content, length, etc.), and extensive central
                                         management capabilities integrated into existing enterprise
                                         tools and Active Directory.


      Ultra Electronics Datel            Syntaxis Shared Collaborative Working Environment
                                         Service Version: 2.7
Certificate Number : 2007/06/0023        Ultra Electronics Datel recognises that team working is crucial
CCTM Lapsed: 28th June 2008              to many modern enterprises. Teams are often geographically
                                         dispersed and reliant on modern technology for
                                         communication. With time being one of today's most precious
                                         resources; there's a requirement for teams to share
                                         information and knowledge safely and securely in real time.

                                         By use of the Syntaxis product, Ultra Eletronics Datel provides
                                         a Secure Collaborative Working Environment to a wide cross–
                                         section of Industry and Government customers, delivering real
                                         time collaborative working.

                                         Syntaxis not only enables joint Government and/or Industry to
                                         communicate freely on engagements, but allows teams to
                                         share material and contribute to work–in–progress, providing
                                         project stakeholders with the right information at the right time
                                         in the right place.

                                         Accessible from the Internet, the RLI and the GSI, Syntaxis
                                         provides the flexibility needed for all stakeholders, regardless
                                         of location, to contribute.


                                    Network Link Protection
                                         Whale Intelligent Application Gateway
     Whale Communications                (Previously called e-Gap Remote Access Appliance Vers: 3.1)

Certificate Number: 2006/02/0006         Whale's Intelligent Application Gateway is an enterprise-class
CCTM Lapsed: 27th February 2008          SSL VPN that enables organisations to simply, securely, and
                                         cost effectively provide users with browser-based access to
                                         corporate applications and files from anywhere.




CCTM Directory May 2009                                                                     Page 17 of 19
                              Accredited Test Laboratories


The CCTM Scheme has appointed seven test laboratories to validate the security
functionality claims of products and services submitted to the Scheme.

Vendors can approach these test laboratories to:

     • Provide advice and assistance in preparing their claims document.

     • Undertake the claims testing of their product or service

For more information please consult the Test Laboratories page of the CCTM website:

                                   www.cctmark.gov.uk



         TEST LABORATORY                    CATEGORIES OF CLAIMS TESTING


                                                       Generalist


                                                       Generalist


                                                       Generalist


                                                       Generalist


                                                      Generalist,
                                     Specialist - Hardware and Smartcard testing,
                                    Data Erasure (CESG Degaussing Lower Level)


                                                       Generalist


                                     Generalist and Specialist testing – Anti Virus




CCTM Directory May 2009                                                          Page 18 of 19
For more information about the CCTM Scheme go to
www.cctmark.gov.uk

You can e-mail us at: secretariat@cctmark.gov.uk

Please write to:
CCTM Secretariat
35 Endell Street
London
WC2H 9BA

General Enquiries: 020 7240 7220




CCTM Directory May 2009                            Page 19 of 19

								
To top