Sanctuary Device Control
|Product type: Network and Network Related Devices and Systems|
Product Status: Completed
Assurance Level: EAL2
Certification Country: UNITED STATES (2007)
Lumension SecurityLevel 20, Tower II, Darling Pack 201 Sussex Street
Sydney NSW 2000 Australia
The Target of Evaluation (TOE), Sanctuary Device Control version 3.2, is a three-tiered client/server application that provides the capability to centrally control the I/O devices users are able to access on their client computers. The TOE controls authorization of I/O devices by maintaining a database of access permissions and associating the permissions with users or user groups. When a user logs on to a client that is protected by the TOE, the TOE client driver contacts the server and downloads the list of permissions for the user. Whenever the user attempts to access an I/O device on the client, the TOE client driver intercepts the operating system. If the TOE determines the user is authorized to access the I/O device, the TOE grants access; otherwise, access to the I/O device is blocked.
The three tiers of a Sanctuary Device Control (SDC) deployment comprise:
An administrative toolkit, comprising a GUI-based application (the Sanctuary Device Console) and various command-line tools, also operates in the client tier, and is supported on Windows 2000 (SP3 or later) Server or Professional, Windows XP Professional, or Windows Server 2003.