PRODUCT DESCRIPTION

The McAfee Network Security Platform (NSP) product is a combination of network appliances (sensors) and Network Security Manager (NSM) software built for the detection of intrusions, denial of service (DoS) attacks, distributed denial of service (DDoS) attacks, and network misuse.

The evaluated sensor appliances are the M-2750, M-1450, M-1250, M-6050, M-4050, M-8000, M3050, I-4010, I-4000, I-3000, I-2700, I-1400, and I-1200 sensors. The sensors provide a flexible, dedicated, and high performance platform for monitoring networks of all sizes. The sensors perform real-time scanning of network data for signature and threshold based attacks. The sensors send alerts to NSM which alerts the administrators.

NSM is a software only component that runs on a Windows server. NSM presents a singular interface for managing and monitoring multiple sensors across large and distributed enterprise networks. Administrative access to NSM is supported through a Java applet that is run on a console machine. This applet is downloaded from NSM for each session. Access to the NSM is authenticated using certificate credentials obtained from a Common Access Card (CAC) in the Operational Environment. Certificates revocation status is checked using an OCSP server.

EVALUATED CONFIGURATION

The McAfee NSP consists of:

• Network Security Manager (NSM) version 5.1.15.14
• Sensor Software:
  • M-Series version 5.1.15.13
  • I-Series version 5.1.5.140
• One or more Sensors (hardware models):
  • M-2750
  • M-1450
  • M-1250
  • M-6050
  • M-4050
  • M-8000
  • M3050
  • I-4010
  • I-4000
  • I-3000
  • I-2700
  • I-1400
  • I-1200

The evaluated configuration of NSP requires the use of CAC authentication; therefore, the Operational Environment must provide an OCSP server and CAC authentication hardware and software.

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that NSP meets the security requirements contained in the Security Target. The criteria against which the NSP was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 Revision 3 and National and International Interpretations effective 24 August 2009. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 Revision 3. InfoGard Laboratories determined that the McAfee Network Security Platform provides the security assurance required by Evaluation Assurance Level 2 (EAL2) and ALC_FLR.2.

The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target. Validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by InfoGard. The evaluation was completed in May of 2010.

ENVIRONMENTAL STRENGTHS

The McAfee Network Security Platform is a commercial network product that provides system (network) data collection, system (network) data analysis, identification and authentication, security management, cryptographic operations, and audit. Additionally, Network Security Platform provides support against bypass and tampering as well as centralized management though a web interface presented by the Network Security Manager component.

SEARCH CCEVS

Announcements

 »  14th International Common Criteria Conference

 »  Revision of NIAP Policy #12

 »  Mobile OS PP Updates

 »  Posting of Software Full Disk Encryption Protection Profile

Quick Links

Available products to assist in making a more secure infrastructure.

Approved protection profiles for use by vendors.

NIAP Technical Communities are key to the development of new Protection Profiles.

Find a lab to evaluate your product.

Find answers to commonly asked questions.

How to become an NVLAP Accredited Lab.

Collaboration Tools

CC Users Forum

NIAP TeamLab