Top Banner

Click here to load reader

Network Security Platform (NSP) Security Target · PDF file McAfee Network Security Platform (NSP) Security Target 2010 McAfee® Inc. 5 1 Introduction This section identifies the Security

Apr 30, 2020

ReportDownload

Documents

others

  • McAfee Network Security Platform (NSP) Security Target

     2010 McAfee® Inc. 1

    Network Security Platform (NSP) Security Target

    Release Date: January 10, 2012 Document ID: 10-2280-R-0044 Version: 1.1

    Prepared By: InfoGard Laboratories, Inc.

    Prepared For: McAfee, Incorporated 2821 Mission College Blvd Santa Clara, California 95054

  • McAfee Network Security Platform (NSP) Security Target

     2010 McAfee® Inc. 2

    Table of Contents 1  INTRODUCTION.............................................................................................................................................. 5 

    1.1  SECURITY TARGET REFERENCE ....................................................................................................................... 5  1.2  TARGET OF EVALUATION REFERENCE ............................................................................................................. 5  1.3  ORGANIZATION ................................................................................................................................................ 6  1.4  DOCUMENT TERMINOLOGY ............................................................................................................................. 6 

    1.4.1  ST Specific Terminology ........................................................................................................................ 7  1.4.2  Acronyms ............................................................................................................................................... 9 

    1.5  COMMON CRITERIA PRODUCT TYPE ............................................................................................................... 10  1.6  TOE OVERVIEW............................................................................................................................................. 10  1.7  TARGET OF EVALUATION DESCRIPTION ......................................................................................................... 10  1.8  PRODUCT FEATURES ...................................................................................................................................... 11  1.9  PHYSICAL BOUNDARIES ................................................................................................................................. 12  1.10  TOE COMPONENTS ................................................................................................................................... 13 

    1.10.1  Collection Subsystem ...................................................................................................................... 13  1.10.2  Manager Subsystem ........................................................................................................................ 14 

    1.11  OPERATIONAL ENVIRONMENT .................................................................................................................. 15  1.11.1  Network Access ............................................................................................................................... 15  1.11.2  Management.................................................................................................................................... 15 

    1.12  SOFTWARE/HARDWARE COMPONENTS ..................................................................................................... 16  1.13  TOE GUIDANCE DOCUMENTATION ........................................................................................................... 17  1.14  SYSTEM LEVEL GUIDES.............................................................................................................................. 17  1.15  APPLICABLE SENSOR QUICK START GUIDES ............................................................................................. 17  1.16  APPLICABLE PRODUCT GUIDES ................................................................................................................. 17  1.17  LOGICAL BOUNDARIES .............................................................................................................................. 19 

    1.17.1  Security Audit .................................................................................................................................. 19  1.17.2  Identification and Authentication .................................................................................................... 20  1.17.3  Security Management...................................................................................................................... 20  1.17.4  Protection of TSF ............................................................................................................................ 20  1.17.5  Cryptographic Operations .............................................................................................................. 21  1.17.6  System Data Collection ................................................................................................................... 22  1.17.7  User Data Protection ...................................................................................................................... 23  1.17.8  System Data Analysis ...................................................................................................................... 24  1.17.9  System Data Review, Availability and Loss .................................................................................... 24 

    1.18  ROLES ....................................................................................................................................................... 24  1.19  FEATURES EXCLUDED FROM THE COMMON CRITERIA EVALUATED CONFIGURATION .............................. 24 

    2  CONFORMANCE CLAIMS .......................................................................................................................... 26  2.1  COMMON CRITERIA CONFORMANCE CLAIMS ................................................................................................ 26  2.2  CONFORMANCE TO PROTECTION PROFILES .................................................................................................... 26  2.3  CONFORMANCE TO SECURITY PACKAGES ...................................................................................................... 26  2.4  THREATS AND SECURITY OBJECTIVES NOT APPLICABLE ................................................................................ 26 

    2.4.1  Scanner not applicable ........................................................................................................................ 26  2.4.2  No Transfer of IDS data to non-TOE components ............................................................................... 26 

    2.5  ADDED ASSUMPTIONS ................................................................................................................................... 26  2.6  ADDED ORGANIZATIONAL SECURITY POLICIES ............................................................................................. 27  2.7  SECURITY FUNCTIONAL REQUIREMENTS ....................................................................................................... 27 

    3  SECURITY PROBLEM DEFINITION ......................................................................................................... 29  3.1  ASSUMPTIONS ................................................................................................................................................ 29  3.2  TOE THREATS ............................................................................................................................................... 29  3.3  IT SYSTEM THREATS ..................................................................................................................................... 30  3.4  ORGANIZATIONAL SECURITY POLICIES .......................................................................................................... 30 

  • McAfee Network Security Platform (NSP) Security Target

     2010 McAfee® Inc. 3

    4  SECURITY OBJECTIVES ............................................................................................................................. 32  4.1  SECURITY OBJECTIVES FOR THE ENVIRONMENT ............................................................................................ 32  4.2  MAPPING OF SECURITY ENVIRONMENT TO SECURITY OBJECTIVES ............................................................... 34  4.3  RATIONALE FOR IT SECURITY OBJECTIVES ............................................................................................ 35  4.4  RATIONALE FOR ASSUMPTION COVERAGE ..................................................................................................... 38 

    5  EXTENDED COMPONENTS DEFINITION ............................................................................................... 40 

    6  SECURITY REQUIREMENTS ..................................................................................................................... 41  6.1  CONVENTIONS ............................................................................................................................................... 41  6.2  TOE SECURITY FUNCTIONAL REQUIREMENTS ............................................................................................... 43 

    6.2.1  SECURITY AUDIT (FAU) ................................................................................................................... 43  6.2.2  Cryptographic Operations (FCS) .....................................