Validated Product - McAfee Foundstone 5.0.4

Certificate Date: 07 December 2007

Validation Report Number: CCEVS-VR-VID10241-2007

Product Type: IDS/IPS

Conformance Claim: EAL2

PP Identifiers: None

CC Testing Lab: COACT Inc. CAFE Laboratory

Security Target [PDF]
Validation Report [PDF]
CC Certificate [PDF]

PRODUCT DESCRIPTION

Foundstone Enterprise is a software only product that provides a Vulnerability Management System that scans specified targets for IP-level vulnerabilities based on the available ports and protocols used by the target systems. It provides a management interface to configure the system and generate reports regarding the results of the scans.

Foundstone Enterprise consists of three main components:

  1. The Foundstone Enterprise Manager uses Microsoft Internet Information Services (IIS) to provide authorized users with access to Foundstone Enterprise through their Web browsers. It allows them to manage and run Foundstone Enterprise from anywhere on the network. Access is protected by user identification and authentication.
  2. One or more FoundScan Engines scan the network environment. Depending on the logistics and size of the network, more than one FoundScan Engine may be needed to scan the network. The one required FoundScan Engine is referred to as the primary engine. All others (if present) are referred to as secondary engines.
  3. The Foundstone Database is the data repository for the Foundstone system. It uses Microsoft SQL Server to store everything from scan settings and results to user accounts and FoundScan Engine settings. It contains all of the information needed to track organizations and workgroups, manage users and groups, run scans, and generate reports.

All traffic between the components is encrypted for secure communication.

Microsoft IIS and SQL Server 2000 are considered to be part of the Information Technology Environment and were not evaluated as part of the product.

The following functionality of Foundstone Enterprise was not included in the evaluation and should not be used in the evaluated configuration:

  1. The optional Remediation Module.
  2. The optional Threat Correlation Module.
  3. The optional Notification Module.
  4. The Foundstone Configuration Manager/Foundstone Update (software updates).
  5. Integration with a third-party Single-Sign-On server.
  6. Management via FoundScan Console. As part of the TOE installation process, all ability to manage users and reports via FoundScan Console is disabled. FoundScan Console is used for initial configuration of the local FoundScan Engine only.

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the McAfee Foundstone Enterprise Vulnerability Management Solution Version 5.0.4 meets the security requirements contained in the Security Target.

The criterion against which the McAfee Foundstone Enterprise Vulnerability Management Solution Version 5.0.4 was judged is described in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. The COACT, Inc. CAFE Lab determined that the evaluation assurance level (EAL) for the McAfee Foundstone Enterprise Vulnerability Management Solution Version 5.0.4 is EAL 2. The TOE, configured as specified in the general installation guide and supplemental installation guide, satisfies all of the security functional requirements stated in the Security Target.

A Validators, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by the COACT, Inc. CAFE Lab. The evaluation was completed in September 2007. Results of the evaluation and associated validation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report.

ENVIRONMENTAL STRENGTHS

The TOE provides the following security features:

Scanning: The TOE scans designated systems to detect known vulnerabilities on those systems. Results of the scans are stored in the database (the DBMS is in the IT Environment), and reports based upon completed scans may be retrieved via the GUI interface of the Foundstone Enterprise manager.

Authentication: The TOE requires users to identify and authenticate themselves before accessing the TOE software or before viewing any TSF data or configuring any portion of the TOE. No action can be initiated before proper identification and authentication. Each TOE user has security attributes associated with their user account that defines the functionality the user is allowed to perform.

When interacting with the TOE via the Foundstone Enterprise Manager GUI, Identification and Authentication (I&A) is performed by the TOE. On all three components, I&A for local login to the operating system (i.e., via the local console) is performed by Windows (IT Environment).

Self Protection: The TOE provides for self protection and non-bypassability of functions within the TOE’s scope of control (TSC). The TOE controls actions carried out by an administrator by controlling a session and the actions carried out during a session. When multiple administrators are connected simultaneously, the roles (and therefore permissions) are tracked individually to ensure proper access restrictions are applied to each session. By maintaining and controlling each user session a user has with the TOE, the TOE ensures that no security functions within the TSC are bypassed and that there is a separate domain for the TOE which prevents an inadvertent interference or tampering with the TOE from within the TSC.

Since the TOE consists of a set of applications, the TOE cannot provide complete self-protection for itself. The TOE depends on the operating system and hardware (IT Environment) to protect the TOE from interference or bypass from users or processes outside the TSC. The IT Environment also provides the SSL functionality used to protect communications between the TOE components.

Security Management: The TOE’s Management Security Function provides administrator support functionality that enables a human user to configure and manage TOE components.

Management of the TOE is performed via the Foundstone Enterprise Manager. All user types use the Foundstone Enterprise Manager.

The TOE provides the following management functions:

  1. User management,
  2. Root organization management,
  3. Workgroup management,
  4. FoundScan Engine management,
  5. Asset management,
  6. Scan management,
  7. Report management

Auditing: The TOE’s Audit Security Function provides auditing of management actions performed by administrators. All audit records include the date and time of the event, type of event, and subject identity performing the action (the user identifier supplied by the user and/or IP address of the browser session associated with the event). The type of event implicitly states whether or not the action succeeded (i.e., there are separate event types for successful and unsuccessful I&A attempts).

Vendor Information


McAfee, Inc.
David Gerendas
949-860-3369
949-297-5600 (Fax)
david_gerendas@mcafee.com

http://www.mcafee.com