McAfee HARDWARE 1.4 Guida di Installazione Scaricare il pdf (Pagina 54)

McAfee Email Gateway

Security Target

McAfee Incorporated

Page 54 of 61

new user roles with defined limited responsibilities.

FTA_SSL.3 TSF-initiated termination, FTA_SSL.4 User-initiated termination, FTA_SSL_EXT.1 TSF-

initiated session locking

Administrative access to the TOE is established via a supported web browser using a TLSv1 session.

The Administrator Management session may be closed manually by the Administrator through a logoff

button on the GUI. To maintain security during management sessions, the session (whether local or

remote) also automatically closes after an Administrator specified term of inactivity (between 3 and 30

minutes). The default setting enforces termination of sessions after 10 minutes of inactivity.

FMT_SMF.1, FPT_TUD_EXT.1 - Management Functions provided by the TOE

Various types of alerts can be configured by TOE Administrators to execute actions and notify

Administrators via email of security related events detected by the MEG appliance. Through this GUI

based interface, administrators can acknowledge notification of events and actions taken to mitigate the

identified file. Core TOE management functions include:

• Enable and disable operation of the appliance;

• Query and configure audit logs.

Selection of the About the Appliance tab allows the administrator to check the version of the current TOE

software and the packages installed.

The TOE can be updated with software hotfixes and patches. Prior to being applied, the integrity of

hotfixes and patches is verified against the SHA-256 hashes provided on the McAfee website. For

firmware updates (i.e. code embedded in the physical chips) such as the RAID controller, BIOS or

network interface images, SHA-256 hashes are also provided.

Management of the TOE and Restrictions – FMT_MTD.1

Various operational modes and protocol configuration options can also be established through the

management GUI that determine how the appliance intercepts traffic and integrates into the network

architecture. Administrators may also utilize the appliance management function to manage and update

virus signature files that are used for scanning of traffic to specific malicious file structure characteristics.

The McAfee MEG appliance allows an Administrator to configure and manage the audit/logging function,

including searching and sorting of audit data and generation of reports based on various log parameters.

The ability to query, delete or modify the security configuration parameters of the TOE is restricted by the

TSF to Administrators holding the appropriate role, properly authenticated by the MEG operating system.

Initially, the appliance has one administrator account— the Super Administrator, scmadmin — which has

access to all the appliance features. In this default mode the Super Administrator is equivalent to the

Security Administrator in [NDPP]. Using the scmadmin account, any number of other accounts can be

created, including more Super Administrators or other less privileged roles. The appliance will probably be

used by many people, where each user has a different requirement.

For example, two users may need full access to all the appliance features, while another four users need

only to view the reports. This would require two user accounts that are like the Super Administrator, and

four user accounts for administering reports. These types of requirements are referred to as roles.

The appliance has several roles already defined. A Super Administrator can see all the menus and

buttons that are available from the interface. The other administrators can see fewer menus and buttons.

As user accounts are created, each account is assigned a role. New roles can also be created.

1 2 ... 49 50 51 52 53 54 55 56 57 58 59 60 61

Commenti su questo manuale

Nessun commento

McAfee HARDWARE 1.4 Guida di Installazione Pagina 54

Commenti su questo manuale

Prodotti e manuali riguardandi Componenti per dispositivi di sicurezza McAfee HARDWARE 1.4