Mailguard Bastion including Trusted Solaris 2.5.1 running on Sun Ultra SPARC-1/170 Workstation

Product type: Network and Network Related Devices and Systems
Product Status: Archived
Assurance Level: E3

Version: 1.0

Product Details

Product Description

Certification Country: UNITED KINGDOM (2000)
Certificate Details: CRP144, June 2000
Certification Method: ITSEC
Crypt Evaluation: Not Required
Evaluation Facility: Admiral
Manufacturer/Vendor/Distributor: Clearswift Ltd

Clearswift Ltd



Jim Craigie

Phone: +44 118 903 8903
Fax: +44 118 903 9000
Email: [email protected]

eB2Bcom Pty Ltd (Australian Reseller)
Leon Perry
Phone: +61 2 9779 1597
Mobile: +61 2 9779 1501


Security Target
Certification Report

The MailGuard Bastion is a messaging firewall that allows the exchange of messages between networks of differing security levels or differing security policies. MailGuard Bastion operates as a stand-alone system providing a bi-directional messaging firewall for both X.400 and SMTP/MIME e-mail traffic.

MailGuard Bastion is based upon the Trusted Solaris operating system (itself assured to ITSEC E3/F-B1 and E3/F-C2) and is provided as a turnkey system utilising Sun SPARC hardware.

Messages that need to pass between the networks connected by MailGuard Bastion may only flow through the trusted processes of the application and labelled operating system. No other forms of communication are permitted between the networks, thus providing assurance of network separation.

MailGuard Bastion maintains separate channels for message flow between networks allowing different policies to be applied in each direction, to the extent that all message traffic can be blocked in one direction. An audit trail of all message traffic is maintained.

MailGuard Bastion offers a protected environment (or DMZ) into which modules can be introduced to perform specific inspection and filtering, filtering based on sensitivity labels or digital signature verification. When correctly configured, the architecture of MailGuard Bastion is such that these modules need not be subject to ITSEC evaluation.