Validated Product - BMC Software PATROL, Version 3.4.11

PRODUCT DESCRIPTION

BMC Software PATROL® Version 3.4.11 is a systems application and event management tool. It provides an environment by which the status of every vital resource in the distributed environment being managed can be monitored. The Target of Evaluation (TOE) is PATROLÒ version 3.4.11, as a suite of products consisting of:

• PATROL® Console,
• PATROL® Agents,
• PATROL® Event Manager (PEM), and
• PATROL® Knowledge Modules (KMs)
  (only PATROL® KM for UNIX V8.3 and PATROL® KM for NT V.3.5 are included in the TOE)

There were two evaluated TOE configurations, one a SUN platform, the other a PC platform. Specifically these consisted of a Sun Ultra 5 running Solaris 2.7, and a Dell GX1 running Windows NT 4.0 SP6a. Each platform had the corresponding TOE binaries installed and configured, per Installation, Generation and Startup (IGS), by a BMC engineer.

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the product meets the security requirements contained in the Security Target. The criteria against which the BMC Software PATROL® Version 3.4.11 was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Computer Sciences Corporation determined that the target evaluation assurance level (EAL) for the product is EAL 2. The product, configured as installed by the BMC Software technician, satisfies all of the security functional requirements stated in the Security Target (ST). A validator, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by Computer Sciences Corporation. The ST conforms to CC part 2 extended and is CC part 3 conformant at the EAL 2 level of assurance. The evaluation was completed in September 2002. Results of the evaluation can be found in the Validation Report BMC Software PATROL® Version 3.4.11 prepared by National Information Assurance Partnership (NIAP) Common Criteria Evaluation and Validation Scheme (CCEVS).

ENVIRONMENTAL STRENGTHS

The TOE provides the following security features
Auditing - PATROL® has the capability to generate audit logs. Audit information generated by the system is based on PATROL® Agent audit logs. Audit functionality provided by the IT Environment is outside the scope of this evaluation. The PATROL® Agent audit log feature permits the recording of various security-related aspects of PATROL® operation.

User Data Protection - PATROL® provides discretionary access control restrictions, inter-TSF user data confidentiality, and data exchange integrity. PATROL® uses access control lists (ACLs) to restrict access to PATROL® Agents.

Identification and Authentication - PATROL® provides for identification and authentication of users on PATROL® Consoles and Agents.

Security Management - PATROL® includes access control lists (ACLs) and security role definitions/assignments to assist in the management of security policy implementation. The PATROL System Administrator can define the following:

• Which users have access to the Agent,
• Which hosts have access to the Agent,
• Which type of PATROL® consoles and utilities have access to the agent, and
• Any combination of the above three types of control.

The tasks controlled through user roles include:

• Committing PATROL® KM changes to a PATROL® Agent,
• Issuing operating system commands at the PATROL® system output window,
• Modifying the PATROL® Agent's parameter attributes,
• Launching a PATROL® Console in developer mode.