We submitted the genugate firewall release 7.0, as four previous versions, to the German Federal Office for Information Security (BSI) for certification. The independent experts have audited the system at the challenging level EAL4 according to the international Common Criteria (CC) standard. For that purpose, full and detailed documentation was compiled on how the security targets were reliably reached by the firewall in spite of all hazards. Level EAL4 certification demands full disclosure of the entire source code, as well as extensive tests of system effectivity. The code audit ensured that all security functions of the system were correctly implemented. The result was certification at the level EAL 4+ with the added endorsement as Highly Resistant.
EAL 4 is the first level to include a source code audit, and at the same time is the highest level that can reasonably be applied to an entire system as complex as a firewall. The additional “+“ however indicates, that the EAL 4 level has been surpassed for certain criteria. The genugate achieved this in its handling of patches. However, this is a criterion other manufacturers also could fulfill in order to improve their certification level.
Far more important for your IT security is the fact that genugate 7.0 meets even higher standards when it comes to self-protection: the firewall uses two different security mechanisms to provide dual systematic protection for all potential points of attack such as interfaces. As a result, the system is highly resistant to direct and intelligently carried out attacks, thus meeting the criteria of component AVA_VAN.5, which fulfills the requirements of level EAL 7.
Self-protection is a critical point: The firewall system must be optimally armed against all attacks and attempted manipulations to consistently provide top quality IT security for the network entrusted to it. Based on this exceptional security performance, the BSI classified the genugate as "Highly Resistant" – the only firewall in the world to achieve this rating. This is our customers' guarantee that they have purchased a high-security solution and this stringent quality assurance test is therefore repeated for every new major release.
genua uses the certifications by the BSI as continuous quality assurance. According to this three previous releases of the genugate firewall have already been certified by the BSI: genugate 6.3 and 6.0 as well to CC, the releases 5.0 and 4.0 still according to the standard ITSEC. These successful BSI certifications are continuous proof of the genugate firewall's high quality, and guarantee our customers they have bought a comprehensive, robust, and highly secure firewall solution.