NEXOR GAINS EAL4 EVALUATION TO RELAUNCH SELINUX BASED SENTINEL 3E MAIL GUARD
Nexor, the Information Governance Company that connects, transforms and protects sensitive information in cyberspace, has a long track record of providing its Messaging and Guard applications into a wide range of agencies.
Nexor’s Sentinel is a high assurance, single-box mail guard appliance designed to protect organisations by validating that inbound and outbound electronic messages conform to their security policy. Our original Sentinel Mail Guard was a Common Criteria evaluated system which NATO has been using successfully for the past 7 years. As the Sentinel evolved, a number of significant enhancements were made to meet NATO’s stringent requirements; obtaining a NATO ‘authority to operate’ and gaining widespread adoption.
The continued development of Sentinel led us to review the ageing and proprietary hardware and operating system platform upon which it was based and evaluate new platforms. Consequently, we decided to re-engineer an enhanced version of the application on SELinux, choosing the RedHat variant due to the EAL4 evaluation for the platform.
This also meant it could run on readily available commercial hardware. Nexor relaunched the product as Nexor Sentinel 3. SELinux provides the ability to lock-down and control information flow, restricting which processes can talk to each other and what information they can share. This has allowed us to produce a much more secure product, as we could really limit what the system can do to ensure it was only operating as expected.
RedHat SELinux has provided a solid underlying security base as a replacement for the earlier system. We were confident that with the combination of SELinux and Sentinel’s email checking capability meant we could achieve Common Criteria EAL4 with the new version of the product.
Achievement of EAL4 evaluation was confirmed in January 2013, resulting in the launch of the Nexor Sentinel 3E. This now brings the product right up to date, providing a highly secure, future proof appliance for our military, intelligence and government customers.
Nexor’s Technical Director, Colin Robbins, observes “Our commitment to SE Linux has given us a flexible platform to build high assurance solutions; when combined with our mature engineering methodology, it means our customer can have confidence our products are robust against the identified threats.
What is more, the Common Criteria evaluation of Nexor Sentinel 3E means this approach has been thoroughly inspected and audited by an independent third party.”
Steve Kingan, Nexor Chief Executive, comments “This milestone positions Nexor Sentinel as the only messaging guard in the NATO community with a current evaluation against the international Common Criteria Scheme. As an evaluated COTS product, Sentinel represents extraordinary value and an important, but fundamental, building block in Cyber Security, and we are delighted to have received orders for deployment across NATO and several NATO allies.”
We have been developing our specialist expertise and innovative technology for over 25 years. Nexor’s role is to safeguard Government, Military and Critical National Infrastructure by providing readily tailored contributions to Cyber Security Programmes. Our end-to-end capability manages Secure Information Exchange, enables interworking between networks of different security levels, prevents data loss and promotes collaborative working by building solutions to enforce corporate security policies.
For further information please contact: firstname.lastname@example.org
RECENT BLOG POSTS
Nexor are pleased to announce that our Guardian solution has been enhanced with a number of key features in a new release 3.1 of the guard application which is now available: Increased Reliability: Deploy as an active -passive High-Availability ("HA") application...
One year on from our introductory blog on Zero Trust Architecture, what has changed and what friction points have started to appear for organisations after implementation? Crucially, where does Zero Trust fit within the to-do list, or the essential security risk...
What does Cyber Essentials cover? Cyber Essentials is a UK Government backed scheme that helps protect your business against a range of the most common cyber-attacks. Cyber-attacks can come in many forms and may be carried out against businesses of any size of...
Be the first to know about developments in secure information exchange