This point isn't very clear for me now, but here is what I could find out:
Orange book criteria has nothing to do with the firewall's firewalling
functionality. Red book criteria might be applicable more. However when the
firewall's OS has B1 rating, it means better defence in case of buffer
overruns and other programming errors should occur.
Some firewalls use a "hardened OS", which ranges from simple bug fixes to
real B1 security.
However it has been pointed out that an OS can be buggy with B1 certificate
as well (I have been courious how such a buggy OS like HP-UX could have a B1
version), and B1 things not necessarily needed for a firewall, as it just
increaes the complexity.
Some people specifically warned me that who talks about B1 and firewall,
doesn't know what he says, or simply salesperson.
Can you enumerate certifications that are applicabble to firewalls?
The paperpusher people want certificates.
GNU GPL: csak tiszta forrásból