Validated Product - BladeLogic Operations Manager 7.4

Certificate Date: 11 November 2009

Validation Report Number: CCEVS-VR-VID10206-2009

Product Type: Network Management

Conformance Claim: EAL3

PP Identifiers: None

CC Testing Lab: Booz Allen Hamilton Common Criteria Testing Laboratory

CC Certificate [PDF]
Security Target [PDF]
Validation Report [PDF]

PRODUCT DESCRIPTION

BladeLogic Operations Manager 7.4.2 provides a data center configuration management solution for remote servers. It allows enterprise administrators to view and manage server configurations, deploy software and complex packages of files and server assets, store server configurations, and compare servers to detect discrepancies in their configurations.

EVALUATED CONFIGURATION

The TOE was evaluated on the following platforms:

Configuration Manager, Network Shell, BladeLogic CLI, Application Server: Windows Server 2003

  • CPU:                Pentium III 500 MHz or equivalent minimum
  • Memory:           256 MB system RAM minimum
  • Disk Space:      200 MB minimum
  • Windows Server 2003
  • Microsoft SQL Server 2005
  • VGA Display Adapater

 

Reports Server

  • CPU:                2x Intel Xeon 2.00 GHz
  • Memory:           1 GB system RAM
  • Disk Space:      50 GB
  • Windows Server 2003

 

RSCD Agents:

  • Memory:           1 MB system RAM minimum
  • Disk Space:      10 MB minimum
  • Evaluated Operating Systems:
    • Red Hat Advanced Server 4.0
    • Solaris 9.0 Server
    • Windows Server 2003

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. BladeLogic Operations Manager 7.4.2 software was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3. It has been determined that the product meets the security criteria in the Security Target, which specifies an assurance level of EAL3 augmented with ALC_FLR.1. Validators, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed in November 2009.

ENVIRONMENTAL STRENGTHS

Authentication

Authentication services use the Secure Remote Password (SRP) protocol. The TOE is able to enforce password length requirements and authentication failure. A definable number of failed authentications disables access to the TOE for a definable period of time. The different management components of the TOE (Configuration Manager, Network Shell, and BladeLogic CLI) can be configured for single sign-on to remove the need for re-authentication of an administrator’s session.

Audit

The TOE generates audit records for selected security events. Events are tracked based on occurrence and who triggered them. Audit data is written to a SQL database on the machine to which BladeLogic has been installed. Anyone who wishes to review the database directly must have Administrator (or root) privileges on that machine. Alternatively, audit privileges can be granted within the TOE’s Configuration Manager application so that administrators can view audit data using the TOE.

The TOE generates snapshots and patch analysis reports of remote servers which have RSCD agents installed on them. These reports can show the configuration of remote servers and assess their patch configuration against some organizational baseline.

Data Protection

The TOE uses Role-Based Access Control (RBAC) to define allowed operations for administrator roles. Administrators can be assigned multiple roles but can only assume one particular role at a time. Roles are assigned authorizations which represent different types of operations on the TOE. By creating multiple roles with different sets of authorizations, fine-grained access control and separation of duties can be achieved.

The TOE maintains the concept of Access Control Lists (ACLs) for managed servers. In order for an administrator to perform an action against a managed server, their role must allow the operation and the server itself must allow the role to perform it as well. By maintaining ACLs, the TOE is able to define both the operations a role is allowed to perform as well as the objects for which those operations are allowed.

Protected Data Transmission

The TOE uses 256-bit AES encryption to establish a TLS connection to the Report Server’s web interface. Authentication is performed using the SRP protocol. This protocol offers a greater level of security than SSH.

Security Management

Security Management is handled by an administrator using the application-based Configuration Manager. Some management operations can be performed using the console-based BladeLogic CLI. In addition, the Network Shell can be used to access remote servers which have RSCD agents installed on them.

Compliance Management

Compliance Management refers to the ability for an administrator to execute various types of jobs against managed servers using the TOE. Jobs can be used to determine the configuration of remote servers, deploy (push) content to remote servers, execute network shell scripts, or perform any of the reporting functions discussed in Audit above. In addition, multiple jobs can be combined as a Batch Job and executed sequentially.

The Network Shell allows authorized administrators to execute scripts and commands directly. The TOE is configured to have a role assume the identity of a user account on a managed server. This provides the ability to limit allowed Network Shell commands to the specific requirements of the role.

Vendor Information

logo
BladeLogic, Inc
Chet Birger
781-257-3500
781-861-0171 (Fax)
cbirger@bmc.com

http://www.bladelogic.com