Common Criteria Certification for Nexor Sentinel

Nexor has announced the Common Criteria Certification, to EAL4 of Nexor Sentinel – a high assurance, e-mail guard.

In the announcement I am quoted as saying:

Our commitment to SE Linux has given as a flexible platform to build high assurance solutions; when combined with our mature engineering methodology, it means our customer can have confidence our products are robust against the identified threats. What is more, the Common Criteria evaluation of Nexor Sentinel 3 means this approach has been thoroughly inspected and audited by an independent third-party.

There is not much I can add to that here!

SELinux provides us with enhancements over and above the core RedHat Linux enabling us to ensure there is a trusted execution path through the product – only processes we want to run can run – and can only be triggered by the appropriate business logic / workflow, greatly reducing the potential for Malware to infect the machine.

In a blog to follow, I will explore the evolution of Common Criteria and CESG’s Commercial Product Assurance (CPA), scheme.

See Also