McAfee Email Gateway
Security Target
Page 56 of 61
Passwords for the administration interface are not stored in plaintext, and use a salted SHA1 (160 bits
with the first 32 bits being the salt), protected by restricted file permissions.
FIA_PMG_EXT.1 – Password Management
The password authentication mechanism is realized by a probabilistic or permutational security
mechanism. By default, the McAfee TOE appliance requires that passwords used for TSF access contain
greater than or equal to 4 characters. It is required in guidance that an Administrator sets this to a
minimum of 8 characters. Only passwords with a minimum of 8 characters will be accepted by the MEG
appliance in its evaluated configuration. The administrator is also able to specify through the Password
Management interface the requirement to include a mix of upper and lower case letters, numbers an
special characters within the password. The permitted special characters include “!”, “@”, “#”, “$”, “%”,
“^”, “&”, “*”, “(“, and “)”. The administrator can also configure the maximum lifetime (in days) for the
password, and the minimum number of characters that must be altered when the password is changed.
The TOE enforces a 5 second delay between successive login attempts.
FTA_TAB.1 – Default TOE access banners
The TOE will display a configurable access banner when an administrator session is requested. The
administrator must confirm acceptance of the banner before the logon screen is displayed.
6.1.3 Audit
The McAfee MEG Appliance generates audit records and alarms for security related events and all TSF
configuration changes. The Audit security function is supported by a dedicated logging subsystem and
the core application, both housed within the MEG Operating System. The administrator accesses audit
records through the administrator GUI console interface and can view audit records, delete audit records,
perform keyword searches, sort records and create customized reports detailing security related event
detected and action upon by the McAfee Appliance. Records are logged by network user information and
contain details on traffic type, protocol in use; rule violated indicating a security event and the outcome of
the event. Access to audit logs is restricted to authenticated administrators through the authentication
mechanisms detailed in section 6.1.2.
FAU_GEN.1, FAU_GEN.2 – Audit Generation
The TOE generates audit records for the following events (see Table 13 for additional detail):
• Success/Failure of Login to MEG Appliance User Interface;
• Success/Failure of MEG Appliance Configuration Changes;
• Network level communication events;
• Protocol processing events;
• Hardware/Software appliance settings incl. TSF settings;
• .dat Updates;
• Activation or de-activation of the audit function.
All Administrator changes to the TSF, including changes to security attributes, are reflected in audit
records and can only be accessed by the authorized TOE Administrator which is protected by the MEG
Appliance Operating System.
Audit records include the network user and session attributes in use at the time of the logged event.
FPT_STM.1 – Audit records by accurate time stamps
(9 páginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais