The NetIQ Secure Configuration Manager (SCM) Version 5.6 (hereafter referred to as the NetIQ SCM) is a software application that enables organizations to determine organizational security policy compliance, to identify security vulnerabilities and potential threats, and to assist in correcting exposures in a timely manner to reduce the risk of security breaches, failed compliance audits or downtime. The NetIQ SCM also provides reporting capabilities, risk scoring to assist with prioritizing the discovered potential threats and vulnerabilities, and an update service that integrates new expertise and security knowledge by providing new security checks for the latest vulnerabilities, updated policy templates, and current manufacturer-recommended patches. The term “security knowledge” refers to IT data used to categorize and detect potential vulnerabilities and threats (e.g., object ownership, configuration settings, object permission).
\r\nThe NetIQ SCM can assess and report on multiple systems, including Windows and Solaris.
\r\nThe NetIQ SCM uses both host-based and network-based vulnerability assessment techniques. The NetIQ SCM can leverage NetIQ Security Agents installed on the systems or “audit by proxy” which does not require an agent.
\r\nThe cryptography used in this product has not been FIPS 140-2 validated, nor has it been analyzed or tested to conform to cryptographic standards during this evaluation. All cryptography has only been asserted as tested by the vendor.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the NetIQ Secure Configuration Manager Version 5.6 was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.2 and International Interpretations effective on July 21, September 2005. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.2. InfoGard Laboratories determined that the evaluation assurance level (EAL) for the product is the EAL 2 family of assurance requirements. The TOE, must be configured in accordance with the Common Criteria Guidance identified in Section 6.2 of the ST and supplied with the TOE to satisfy all of the security functional requirements stated in the NetIQ Secure Configuration Manager Version 5.6 Security Target. The CC evaluated configuration eliminates significant TOE features and imposes usage restrictions. This IT product does not conform to a validated Protection Profile. A Validator, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by InfoGard. The evaluation was completed in October 2007. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report for NetIQ Secure Configuration Manager Version 5.6, prepared by CCEVS.
","environmental_strengths":"The NetIQ Secure Configuration Manager Version 5.6 and Solaris executable of the NetIQ Security Agent for Unix Version 5.6 support the following security functions.
\r\nAudit: NetIQ SCM provides security checkup reports to assess how well the assets comply with the organization’s security standards (assess the vulnerability of the endpoints/assets). Users can view the audit records for history of their own actions taken within the User Console. Only console administrators and console users with the View Task History for all Console Users permission can view the history of other users. The user can view the following fields from the console history interface: Console User, Submitted Date & Time, Completed Date & Time, Endpoint, Status, and Task Type. The user can sort the audit records by any of the fields presented in the history interface. The user can also request to filter the audit records based on match criteria for one or more of the fields presented in the history interface. Audit records are stored in the SCM database. The database administrator is responsible for developing database backup, archival and recovery plans.
\r\nCryptographic Operations: NetIQ SCM provides the ability to protect the AutoSync content updates from unauthorized disclosure and to verify the integrity of the content updates so administrators can trust the current security knowledge received from NetIQ Corporation by the AutoSync client. The ability to verify the content integrity of selected files on Solaris endpoints is also provided by the TSF.
\r\nIdentification and Authentication: User console authentication validates the username and password against hashed credentials stored in the SCM database. NetIQ SCM provides a password policy that is enabled by default and offers password rules that apply to all accounts. The password mechanism of the Identification and Authentication security function satisfies the claim of SOF-basic.
\r\nSecure Communications: The TOE uses TLS over TCP/IP to provide secure communication channels between the SCM Core Services and the SCM Agent. (For backwards compatibility, the TOE is capable of negotiating an SSL session with an authorized 3rd party). The transmitted data is encrypted to ensure confidentiality. A message authentication code (MAC) is generated for the transmitted data. This MAC is transmitted with the data to ensure integrity of the transmitted data and provide the ability to detect modification to the transmitted data. TLS/SSL can resend data if modifications are detected. The TOE uses a combination of 56-bit DES and Diffie-Hellman key exchange to secure communication sessions between the SCM Core Services and a user console that are initiated by the user console. The Diffie-Hellman key exchange is used to generate a temporary shared key used to secure communications for each session. This shared key is used to encrypt the communication using 56-bit DES. The TOE uses SSL (which is described above) to secure communications between the SCM Core Services and a user console that are initiated by the SCM Core Services. The SCM Core Services initiates communications for a few items such as notifications when reports are completed or new content is available from the AutoSync server. (Most of the communications between the SCM Core Services and a user console are initiated by the user console.)
\r\nThe SCM User Console also uses SSL to secure communications with the SCM DB, which is hosted on the same machine as the SCM Core Services.
\r\nSecurity Management: The TOE provides security management functions and tools to manage the security features it provides. In addition, the TOE provides permissions to determine what security management functions a particular user can perform.
\r\nProtection of TOE Functions: The User Console external interfaces to the TOE ensure that users must login prior to accessing other TOE resources. The TOE maintains a separate session for each interaction with the TOE. Protection of the TOE from physical and logical tampering from other methods is ensured by the physical security assumptions and by the domain separation requirements on the hardware and operating system in the environment. The IT environment provides protection for the Core Services Configuration Utility by requiring that the SCM Core Services middleware system be physically secured and only provide user accounts to SCM Core Services administrative users.
\r\nSecurity Assessment: Security assessments check endpoint (operating system or software application) configurations and compare them against a set of expected values. Security assessments are performed by maintaining and checking against a set of templates. A template is a collection of security checks against a defined set of security controls and system configurations. Agents collect data from endpoints and store the collected data in the SCM database. A security check gathers the requested data, returns the data to Core Services, and places the data in the completed job queue. The results to the security check are then made available to the administrative user in the completed job queue. The requested data is either gathered by the Agents at the time of the request or from information previously gathered and stored in the DB. The customer can create their own custom security checks and scoring methods. Administrator guidance provides the users with a list of checks that can be performed by NetIQ SCM. NetIQ SCM provides a wizard to simplify the creation of custom security checks. Custom security checks are supported on NetIQ SCM Solaris and Windows agents. Security assessments can be run as needed or scheduled to occur regularly to ensure on-going policy compliance. When a security assessment is performed, the TOE evaluates each endpoint against the expected security settings and generates a report which includes a security risk score. The security risk score represents how well the endpoint matched the expected security settings. Risk-based reports highlight the most critical and most at-risk systems, provide executive-level summaries, and supply the information necessary for taking corrective actions. The Agents execute on the host operating system in privileged mode in order to check the system configuration settings and services. On Solaris operating systems, the Agents run as root. On Windows operating systems, the Agents run as an account which is a member of the Domain Administrators group in the domain of the managed computer or when running locally as a member of the Administrators group.
","features":[]}