OASIS Member News: SARVEGA TO UNDERGO COMMON CRITERIA EAL 4+ EVALUATION AND EXTENDS ITS LEADERSHIP FOR SECURE WEB SERVICES

["Peter Borbely" <peter@sarvega.com>]

SARVEGA TO UNDERGO COMMON CRITERIA EAL 4+ EVALUATION AND EXTENDS ITS
LEADERSHIP FOR SECURE WEB SERVICES

http://www.sarvega.com/press.php?pressID=282


Chicago, IL, April 27, 2005 - SarvegaT, Inc, the leader in XML
Networking solutions, announced today that its XML GuardianT Gateway has
been registered as In Evaluation at EAL 4+ under the Common Criteria
scheme administered by the Communications Security Establishment (CSE).
The company entered into the evaluation as part of its commitment to
deliver the industry's most secure XML Networking products for
governments and enterprises world-wide. 

The Common Criteria for IT Security Evaluation, also known as ISO
standard 15408, were initially developed by the national security
organizations of the United States, Canada, the United Kingdom, France,
Germany, and the Netherlands and is recognized by twenty-one countries
today. The Common Criteria are a comprehensive set of guidelines which
provide consistent criteria for evaluating security products. They
provide a structured framework for the rigorous analysis and testing of
IT security products across a defined set of requirements and
functionality. 

"The EAL 4+ Common Criteria evaluation of the XML GuardianT Gateway is
another example of Sarvega's commitment to deliver the most secure and
robust XML Gateway security solution to enterprises and governments
world wide," said Steve Shepard, vice president of customer services for
Sarvega. "The latest release of the XML GuardianT Gateway, version 5.02,
was successfully validated by independent product security experts at
iSEC Partners against iSEC's extensive suite of penetration and
vulnerability tests. The robustness of the XML Guardian Gateway
platform, combined with its industry leading XML Web Services security
functionality and ease of use, are why global enterprises and
governments select Guardian to secure some of world's largest and most
critical Web Services applications."

Sarvega is working with EWA-Canada, a premier security consulting firm
specializing in Common Criteria evaluations, FIPS 140-2 Cryptographic
testing, IT Security Engineering Consulting and Managed Security
Services.  EWA-Canada is recognized for its comprehensive experience
with Common Criteria evaluations, enabling companies to effectively
manage the evaluation process and ensuring their products meet important
certification requirements. "Sarvega has chosen to pursue a high level
Common Criteria evaluation for its XML Web Services security product,"
said Erin Connor, Lab Director at EWA-Canada.  "EAL 4+ is the highest
assurance level accepted under the Mutual Recognition Arrangement (MRA)
of the Common Criteria.  With this level of commitment and effort to the
Common Criteria, product development companies earn the confidence of
their customers around the world."

The Sarvega XML GuardianT Gateway combines comprehensive security,
performance, and ease of use to deliver XML Firewall and Web Services
protection to enterprises and governments world wide. It is a high
performance XML Web Services security solution that is built from the
ground-up with a "Security DNA" to provide complete standards-compliant
Web Services security and sophisticated XML intrusion protection. The
XML GuardianT Gateway provides complete AAA trust assurance, message
integrity and confidentiality with on-board secure digital forensics.
Powered by Sarvega's wire-speed, portable and flexible XESOST
technology, the XML GuardianT Gateway features a comprehensive list of
XML security features and sophisticated protection mechanisms for a
range of XML attack patterns and anomalies including coercive parsing,
password guessing threats, SQL code injection, dirty word filtering,
external entity protection and XML security vulnerabilities. It is the
first XML Web Services security solution that offers device and service
virtualization and enables each security policy action to dynamically
associate security properties based on real-time traffic.  

The Sarvega Command Center provides a simple visual drag-and-drop
mechanism for security policy configuration, testing, and deployment on
one or many XML Guardian Gateway appliances.  The Sarvega Command Center
provides an open, extensible and interoperable platform that can be
easily extended and integrated into applications security management
environments. Its palette of pre-built security policy actions includes
support for raw-XML and ebXML security, local and delegated
Authentication, Authorization and Access Control (AAA), logging and
auditing, and XML threat mitigation.

About Sarvega
Sarvega, Inc. is the leading manufacturer of XML networking products,
providing enterprises with unprecedented security, performance, and ease
of operation for XML Web Services. Sarvega's underlying technology, the
XML Event Stream Operating System (XESOST, Patent Pending), combines
comprehensive XML security and XML routing functionality with wirespeed
performance, non-stop availability, and hardware platform independence.
Sarvega's XML networking products are available both as secure network
appliances and on multiple third party blade alternatives. Sarvega
introduced the industry's first wirespeed XML appliance, the first XML
content router, and the first XML grid computing solution. Sarvega's
worldwide customer base includes governments and leading companies in
Financial Services, Telecommunications, and Media and Entertainment.
Sarvega is the recipient of numerous technology awards for innovation,
including Computerworld's Innovative Technology Award and CMP Media's
COMET Award. For details, please visit www.sarvega.com, send email to
info@sarvega.com, or call 630-627-3131.

# # #

Sarvega, XML Context Router, XML Guardian, XML Speedway, XML
EventStream, XESOS, and Context Console are trademarks of Sarvega, Inc.
All other names are trademarks of their respective companies. 

Press Contact:

	Peter Borbely
	Sarvega
	(919) 345-5079
	peter@sarvega.com