Common Criteria evaluated configuration

The McAfee appliance needs to be installed, configured, and operated in a specific way to be in compliance with the Common Criteria evaluated configuration. Keep these requirements in mind when you are setting up your system.

Type Requirements
Physical The McAfee appliance must be:
  • Protected from unauthorized physical modification.
  • Located within controlled access facilities, which prevent unauthorized physical access.
Intended usage The McAfee appliance must:
  • Have access to all the network traffic to perform its functions.
  • Be managed to allow for address changes in the network traffic that the Target of Evaluation (TOE) monitors.
  • Be scaled to the network traffic that it monitors.
Personnel
  • There must be one or more competent individuals assigned to manage the McAfee appliance and the security of the information it contains. On-site assistance with installation and configuration and on-site training for the operation of the appliance is provided by McAfee engineers for each McAfee customer.
  • The authorized administrators are not careless, willfully negligent, or hostile, and follow and abide by the instructions provided by the McAfee appliance documentation.
  • The McAfee appliance must only be accessed by authorized users.
  • Those responsible for the McAfee appliance must ensure that all access credentials are protected by users in a manner that is consistent with IT security.
Other
  • Do not apply software updates to the McAfee appliance as it will result in a configuration other than the Common Criteria evaluated configuration. Contact McAfee Support to obtain a certified update.
  • On a Nitro IPS device, enabling the Watchdog Timer and Force Bypass settings in the Network Interface Settings page results in a configuration other than the Common Criteria evaluated configuration.
  • On a Nitro IPS device, using an oversubscription mode setting other than drop will result in a configuration other than the Common Criteria evaluated configuration.
  • Enabling the Login Security feature with a RADIUS server will result in secure communication. The IT environment provides for secure transmission of data between the TOE and external entities and external sources. External authentication services can be provided by a RADIUS server.
  • Using the Smart Dashboard functionality of the Check Point firewall console is not part of the TOE.
  • Using Snort Barnyard is not part of the TOE.
  • Using the MEF Client is not part of the TOE.
  • Using the Remedy Ticket System is not part of the TOE.