What is a Common Criteria Certification?
Common Criteria is an internationally recognized standard and an ISO standard (ISO-IEC15408) for evaluating the security claims of IT products and systems. There are two implementations of the (Common Criteria) standard, community Protection Profile (cPP) and Evaluation Assurance Level (EAL). Each requires a rigorous evaluation to a set of security claims. cPP is a black box prescriptive model with standardized sets of requirements with a focus on conformance to standards, and EAL is a white box model that allows greater scope in defining the set of claims. EAL4 also provides assurance through evaluation of the products design, implementation, company development methodology, internal systems, processes, security systems and architecture and support. The two approaches are complementary, so having cPP and EAL4 provides a higher level of assurance.
Current Common Criteria Certifications:
Quantum Force, Smart-1, Maestro and Harmony Endpoint
| Check Point R81.20 with compliance to 3 NIAP approved protection profiles | View Certificate |
|---|---|
| Check Point R82 at EAL4+ | View Certificate |
| Harmony Endpoint | View Certificate |
Certification Details
The USA NIAP-CCEVS cPP Certificate:
Check Point Quantum Force R81.20 is certified by NIAP-CCEVS as PP compliant to 3 community Protection Profiles (cPP).
The Protections Profiles claimed are listed on the above linked certification certificate
The German Federal Office for Information Security (BSI) EAL4+ TOE certificate summary:
- The Target of Evaluation (TOE) is Check Point R82 for Security Gateway, Security Management, and Maestro Orchestrator Hyperscale Network configurations:
- Complies with internationally recognized Common Criteria for IT Security Evaluation (ISO/IEC 15408) at EAL4+, with augmentation components ALC_FLR.1 and AVA_VAN.4
- Evaluation was independently conducted by TUV Informationstechnik GmbH, a BSI-accredited testing facility
Harmony Endpoint achieved a Common Criteria certification in compliance with 2 NIAP approved Protection Profiles:
Protection Profile for Application Software, Version 1.4
Functional Package for TLS Version 1.1
Testing is as defined in the Security Target according to the claims made. The TOE was configured with the following capabilities enabled.
- Anti Malware
- Anti Bot and URL Filtering
- Anti Ransomware, Behavioral Guard and Forensics
- Threat Emulation and Anti Exploit
- Compliance
The TOE incorporates integrated management available in the cloud.
Check Point Certification Historical Record
Check Point R81 with compliance to 3 NIAP approved protection profiles
Certificate
Check Point R81.10 at EAL4+
Certificate
Check Point R80.30 with claimed compliance to three NIAP approved Protection Profiles
Certificate
Check Point R80.30 at EAL4+
Certificate
Check Point R77.30
Certificate
Check Point R77 with VSX
EAL4+ Certificate
Check Point Endpoint Security E80.30
EAL2+ Certificate
Check Point Firewall Technology (VPN-1 NGX)
augmented with AVA_VLA.3 (Medium Robustness) and ALC_FLR.3 (Flaw Remediation) by NIAP-CCEVS
EAL4+ Certificate
EAL4+ Certificate (with Check Point IP appliances)
Endpoint Security Full Disk Encryption, Pointsec PC 6.3.1 is certified at EAL4
Check Point Endpoint Security Media Encryption is certified at EAL4
Integrity 6.5 Agent is certified at EAL4 with ALC_FLR.2, AVA_VLA.3
NFR Sentivist™ (now Check Point IPS-1™) is certified at EAL2, conformant to the US government IDS/IPS Protection Profile
