Symantec Messaging Gateway
|Product type: Other Devices and Systems|
Product Status: In Evaluation
Assurance Level: EAL2
Components: Hardware Appliances- 8340, 8360, 8380; Messaging Gateway Virtual Edition running on Microsoft Hyper-V and/or VMWare ESXi/vSphere 5.0/5.1/5.5/6.0 server.
Cert Progress: Progressing
Estimated Approval: Q3 2016
Evaluation Facility: BAE Systems Applied Intelligence
Symantec Corporation350 Ellis Street Mountain View CA 94043 United States
Product Website: http://www.symantec.com
Symantec Messaging Gateway offers enterprises a gateway-based message-security solution. Symantec Messaging Gateway delivers inbound and outbound messaging security, real-time antispam and antivirus protection, advanced content filtering, and data loss prevention in a single platform. Symantec Messaging Gateway does the following to protect the customer environment:
The TOE generates spam reports and virus reports to provide the Administrator with insight on the filtering activity. Additionally, the TOE supports the provision of log data from each system component and supports the ability to notify an Administrator when a specific event is triggered.
User data protection
The spam detection, virus detection, monitoring, and managing capabilities of the TOE ensure that the information received by the customer network is free of potential risks.
Identification and authentication
The TOE supports identity-based identification and authentication of an Operator. Operators authenticate via a Web-based HTTPS GUI connected to the Control Center, and operators can assume a role of Administrator or Limited Administrator.
The TOE provides administrators with the capabilities to configure, monitor, and manage the TOE to fulfill the Security Objectives. Security Management principles relate to Security Audit, SMTP Information Flow Control, and Component Services. Administrators configure the TOE via web-based connection.
The TOE requires remote users to initiate a trusted communication path using HTTPS for initial user authentication. The TOE also requires that the trusted path be used for the transmission of all Symantec Messaging Gateway administrative communication. HTTPS ensures the administrative session communication pathway is secured from disclosure and modification.