The BorderWare Firewall Server (BFS) is an application proxy firewall designed to combine robust security with the necessary set of ancillary services to implement an Internet connection or to provide secure Intranet connections.
BFS is built on the S-CORE operating system. S-CORE is a hardened Free BSD UNIX Version 4.4 operating system that has been specially modified by BorderWare Technologies Inc to compliment the functionality offered by the BFS.
The S-CORE operating system provides a separate domain of execution for each critical subsystem and implements kernel-level packet filtering to compliment the application proxies and to enhance security.
These subsystems include most of the common proxies and applications servers needed to implement a secure Firewall environment. The specific proxies and servers are listed in the Security Target.
The BFS does not permit any user logins, all configuration and administration is carried out on a console GUI or from a secure remote management application. All connections to the administration system are authenticated. BFS provides an audit trail for all connections and generates alarms for unsuccessful connection attempts.
BFS runs on standard Intel hardware platforms and can operate with two or three network cards. The optional third network interface provides a Secure Server Network (SSN) to act as a demilitarised zone (DMZ) for connecting application servers.
The EAL4 certification awarded to the BFS includes the S-CORE operating system, all specified application servers and system defined outbound application proxies, and the remote management capability when used from the protected network.