McAfee® Email Gateway Appliance Version 7.0.1 NDPP Compliance Security Target Release Date: 8 August 2013 Version: 2.3 niap Prepared By: Primasec Ltd. Prepared For: McAfee Inc. 2821 Mission College Blvd.
McAfee Email Gateway Security Target McAfee Incorporated Table of Contents 1 INTRODUCTION ............................................................................................... 6 1.1 1.1.1 1.1.2 1.2 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.3 1.4 1.4.1 1.4.2 1.5 1.6 1.6.1 1.6.2 1.6.3 1.6.4 1.7 1.7.1 1.7.2 1.7.3 1.8 1.8.1 1.8.2 1.8.3 1.8.4 1.9 IDENTIFICATION.........................................................................................................................6 TOE Identification ..
McAfee Email Gateway Security Target 4.6 5 McAfee Incorporated RATIONALE FOR ASSUMPTION COVERAGE ................................................................................26 IT SECURITY REQUIREMENTS .........................................................................27 5.1 5.1.1 5.1.2 5.1.3 5.1.4 5.1.5 5.1.6 5.1.7 5.1.8 5.1.9 5.1.10 5.1.11 5.1.12 5.1.13 5.1.14 5.2 5.2.1 5.2.2 5.2.3 5.2.4 5.2.5 5.2.6 5.2.7 5.2.8 5.2.9 5.3 5.4 5.4.1 5.4.2 5.5 6 EXTENDED COMPONENTS DEFINITION ................
McAfee Email Gateway Security Target McAfee Incorporated Table 5 - Physical Scope and Boundary: Software .....................................................................................16 Table 6 - Assumptions .................................................................................................................................21 Table 7 - Threats .........................................................................................................................................
McAfee Email Gateway Security Target McAfee Incorporated Document History Release Number Date Author Details 1.0 1 June 2011 Primasec First release to evaluators 2.0 16 October 2012 Primasec Final release for certification 2.1 niap 19 June 2013 Primasec NIAP PP compliance adjustments 2.2 niap 18 July 2013 Primasec NIAP PP compliance adjustments 2.
McAfee Email Gateway Security Target McAfee Incorporated 1 Introduction This section identifies the Security Target (ST), Target of Evaluation (TOE), ST organization, document conventions, and terminology. It also includes an overview and description of the evaluated product. 1.1 Identification 1.1.1 TOE Identification The TOE is the McAfee Email Gateway (MEG) software v7.0.1, running on appliance models 4000-B, 4500-B, 5000(B, C & C-2U), 5500(B & C), and the Content Security Blade Server. 1.1.
McAfee Email Gateway Security Target McAfee Incorporated 1.2.1 Anti-Virus Anti-Virus Scanning -The TOE features an Anti-Virus module that provides protection from viruses and malicious programs. This module contains the essential scanning engine used for specific scans performed by other modules within the TOE. Global Threat Intelligence: File Reputation - A further service is provided through use of McAfee Global Threat Intelligence (GTI) file reputation technology.
McAfee Email Gateway Security Target McAfee Incorporated browser access to email traffic that policy has defined as sensitive: Pull – where MEG stores the emails in an encrypted form; and Push – where MEG sends the email to the recipient’s mail server in an encrypted form. 1.2.6 Action and Remediation The TOE can be configured to take specific action upon identification of a Virus/Malware/Spyware when scanning traffic.
McAfee Email Gateway Security Target McAfee Incorporated in e-mail messages. Data Loss Prevention (DLP) Refers to systems that identify, monitor, and protect data in use (e.g. endpoint actions), data in motion (e.g. network actions), and data at rest (e.g. data storage) through deep content inspection and contextual security analysis of transactions (attributes of originator, data object, medium, timing, recipient/destination and so on).
McAfee Email Gateway Security Target McAfee Incorporated Phishing This category includes sites that typically arrive in hoax e-mail established only to steal users' account information. These sites falsely represent themselves as legitimate company Web sites in order to deceive and obtain user account information that can be used to perpetrate fraud or theft.
McAfee Email Gateway Security Target McAfee Incorporated 1.4.2 Acronyms CAVP Cryptographic Algorithm Validation Program CC Common Criteria .dat Virus Definition Data Files DHA Directory Harvest Attack DLP Data Loss Prevention DoS Denial of Service GTI Global Threat Intelligence HTTPS Hypertext Transfer Protocol Secure MEG McAfee Email Gateway O.S.
McAfee Email Gateway Security Target McAfee Incorporated TSP TOE Security Policy WMC Web Mail Client Table 2 - Acronyms 1.5 TOE Description – Overview The TOE is a security appliance that utilizes hardware and software in an integrated appliance to scan traffic between the WAN (Internet) and an internal (protected) network. Traffic flowing to and from the Wide Area Network (WAN) to the internal network is first routed through the MEG Appliance.
McAfee Email Gateway Security Target McAfee Incorporated Figure 1: Architectural Diagram (placement in network) 1.6.2 Virtual hosts The MEG appliance allows creation of virtual hosts. Using virtual hosts, a single appliance can appear to behave like several appliances. Each virtual host can manage traffic within specified pools of IP addresses, enabling the appliance to provide scanning services to traffic from many sources or customers. 1.6.
McAfee Email Gateway Security Target McAfee Incorporated appliance’s core functionality. The core MEG application provides application level support to operational modules as well as security management support and audit log generation. The MEG Operating System also supports the administration of the appliance through an administrator management computer using an internal network connection to the appliance.
McAfee Email Gateway Security Target Hardware Platform McAfee Incorporated 4000-B 4500-B 5000-B 5000-C 5000-C-2U 5500-B 5500-C swappable) Table 3 - Appliance hardware platform comparison Enclosure Model Platform Blade slots Onboard administrator Network Fans Power supply DVD Blade M7 M3 HP C7000 HPC3000 2 Management + 14 Scanning 2 Management + 6 Scanning 2 2 Memory 12GB 4 x 4 Cu (1GB) port switches + 2 pairs SPF modules 4 x 4 Cu (1GB) port switches + 2 pairs SPF modules Hard disk
McAfee Email Gateway Security Target TOE or Environment McAfee Incorporated Component Name Description of Component customization) McAfee Email Gateway Appliance: McAfee-MEG-7.0.1-2151.152.iso (Models 4000-B, 4500-B, 5000(B, C & 2U), 5500(B & C) and Content Security Blade Server) Environment Unspecified Operating system for Management Computer. Any operating system that can support one of the designated browsers can be used. Environment Microsoft Internet Explorer 7.0, 8.0 or 9.0, or Firefox 3.
McAfee Email Gateway Security Target McAfee Incorporated module based scanning approach. Traffic is first intercepted as it traverses the appliance, and it is processed for scanning. Based on protocol, specific scanning module processes are implemented to scan for various malicious file types or restricted content. Denial of Service (DoS) attacks can also be identified and thwarted through the scanning function of the McAfee MEG appliance. Protocols included in scanning are POP3 and, SMTP.
McAfee Email Gateway Security Target McAfee Incorporated Administrator functions can be managed within the internal network (Out of band management) through an administrator management computer, or remotely in an encrypted form via HTTPS. The administrator management computer is a general purpose computing device, and requires only a browser to communicate locally with the TOE appliance. The browser required for administrator management of the TOE is either Microsoft Internet Explorer 7.0, 8.0 or 9.
McAfee Email Gateway Security Target McAfee Incorporated events, and/or for identified behavior patterns seen in traffic analyzed that could be indicative of a network attack, such as a Denial of Service attempt. Alerts and security management are supported by the MEG operating system. 1.8.
McAfee Email Gateway Security Target McAfee Incorporated 2 CC Conformance Claim The TOE is Common Criteria (CC) Version 3.1R4 Part 2 extended. The TOE is Common Criteria (CC) Version 3.1R4 Part 3 conformant. This TOE is conformant to the Protection Profile for Network Devices, Information Assurance Directorate, Version 1.1 [NDPP].
McAfee Email Gateway Security Target McAfee Incorporated 3 TOE Security Problem Definition The TOE is intended to be used either in environments in which, at most, sensitive but unclassified information is processed, or the sensitivity level of information in both the internal and external networks is equivalent. This section contains assumptions regarding the security environment and the intended usage of the TOE and threats on the TOE and the IT environment. 3.
McAfee Email Gateway Security Target McAfee Incorporated security mechanisms. T.TSF_FAILURE Security mechanisms of the TOE may fail, leading to a compromise of the TSF. T.UNDETECTED_ACTIONS Malicious remote users or external IT entities may take actions that adversely affect the security of the TOE. These actions may remain undetected and thus their effects cannot be effectively mitigated. T.UNAUTHORIZED_ACCESS A user may gain unauthorized access to the TOE data and TOE executable code.
McAfee Email Gateway Security Target McAfee Incorporated 4 Security Objectives This chapter describes the security objectives for the TOE and the environment. The security objectives are divided between TOE Security Objectives (for example, security objectives addressed directly by the TOE) and Security Objectives for the Environment (for example, security objectives addressed by the IT domain or by non-technical or procedural means). 4.
McAfee Email Gateway Security Target McAfee Incorporated 4.2 Security Objectives for the Environment The security objectives for the environment listed below are to be satisfied without imposing technical requirements on the TOE (i.e. through procedural, administrative or other technical means): TOE Security Objective Name TOE Security Objective Definition OE.NO_GENERAL_PURPOSE There are no general-purpose computing capabilities (e.g.
McAfee Email Gateway Security Target X O.SESSION_LOCK X O.TSF_SELF_TEST OE.TRUSTED_ADMIN P.ACCESS_BANNER X O.RESIDUAL_INFORMATION_CLEARING OE.PHYSICAL T.USER_DATA_REUSE X O.TOE_ADMINISTRATION OE.NO_GENERAL_PURPOSE T.UNAUTHORIZED_UPDATE T.UNAUTHORIZED_ACCESS T.UNDETECTED_ACTIONS T.TSF_FAILURE T.ADMIN_ERROR A.TRUSTED_ADMIN A.PHYSICAL A.NO_GENERAL_PURPOSE McAfee Incorporated X X X X X Table 11 - Security Problem & IT Security Objectives Mappings 4.
McAfee Email Gateway Security Target McAfee Incorporated (O.TSF_SELF_TEST). 4.5 Rationale for Organizational Security Policy Coverage P.ACCESS_BANNER requires the display of an access banner. The TOE provides such a banner (O.DISPLAY_BANNER). 4.6 Rationale for Assumption Coverage Each of the assumptions is addressed through provision of a correspondingly named objective for the TOE environment to assure that the assumptions are upheld in the TOE’s operational environment.
McAfee Email Gateway Security Target McAfee Incorporated 5 IT Security Requirements The security requirements that are levied on the TOE are specified in this section of the ST. New extended security functional components are defined in section 5.1. The security functional and assurance requirements are defined in Sections 5.2 and 5.3, respectively. The security functional requirements are listed in the table below. Functional Components FAU_GEN.1 Audit data generation FAU_GEN.
McAfee Email Gateway Security Target McAfee Incorporated Functional Components FPT_STM.1 Reliable time stamps FPT_TUD_EXT.1 Trusted update FPT_TST_EXT.1 TSF testing FTA_SSL_EXT.1 TSF-initiated session locking FTA_SSL.3 TSF-initiated termination FTA_SSL.4 User-initiated termination FTA_TAB.1 Default TOE access banners FTP_ITC.1 Inter-TSF trusted channel FTP_TRP.1 Trusted path Table 12 - TOE Security Functional Requirements 5.
McAfee Email Gateway Security Target McAfee Incorporated Management: FAU_STG_EXT.1 The following actions could be considered for the management functions in FMT: a) Management of transmission/receipt of audit data. Audit: FAU_STG_EXT.1 There are no auditable events foreseen. FAU_STG_EXT.1 External audit trail storage Hierarchical to: No other components Dependencies: FTP_ITC.1 Inter-TSF trusted channel FAU_STG_EXT.1.
McAfee Email Gateway Security Target McAfee Incorporated a) Minimal: Failure of the activity. FCS_CKM_EXT.4 Cryptographic key zeroization Hierarchical to: No other components Dependencies: [FDP_ITC.1 Import of user data without security attributes, or FDP_ITC.2 Import of user data with security attributes, or FCS_CKM.1 Cryptographic key generation] FCS_CKM_EXT.4.1 The TSF shall zeroize all plaintext secret and private cryptographic keys and CSPs when no longer required. 5.1.
McAfee Email Gateway Security Target McAfee Incorporated FCS_RBG_EXT.1.2 The deterministic RBG shall be seeded with a minimum of [selection: 128 bits, 256 bits] of entropy at least equal to the greatest bit length of the keys and authorization factors that it will generate. 5.1.4 HTTPS (FCS_HTTPS) Family behaviour This family is added to the class FCS, and places specific requirements on the implementation of HTTPS. Component levelling FCS_HTTPS HTTPS EXT.1 FCS_HTTPS_EXT.
McAfee Email Gateway Security Target McAfee Incorporated Component levelling FCS_SSH SSH EXT.1 FCS_SSH_EXT.1 places specific requirements on the implementation of SSH. Management: FCS_SSH_EXT.1 No management activities are foreseen. Audit: FCS_SSH_EXT.1 The following actions should be auditable if FAU_GEN Security audit data generation is included in the PP/ST: a) Minimal: Failure to establish an SSH session, b) Basic: Establishment and termination of an SSH session. FCS_SSH_EXT.
McAfee Email Gateway Security Target McAfee Incorporated This family is added to the class FCS, and places specific requirements on the implementation of TLS. Component levelling FCS_TLS TLS EXT.1 FCS_TLS_EXT.1 places specific requirements on the implementation of TLS. . Management: FCS_TLS_EXT.1 There are no management activities foreseen. Audit: FCS_TLS_EXT.
McAfee Email Gateway Security Target McAfee Incorporated TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384]. 5.1.7 Password management (FIA_PMG) Family behaviour This family is added to the class FIA, and deals with the specification of rules for password composition. Component levelling FIA_PMG Password management EXT.1 FIA_PMG_EXT.
McAfee Email Gateway Security Target McAfee Incorporated This family is added to the class FIA, and combines aspects of the existing CC families FIA_UID and FIA_UAU. Component levelling FIA_UIA_EXT User identification and authentication EXT.1 FIA_UIA_EXT.1 allows for specification of a limited set of actions to be permitted before a user is identified and authenticated. Management: FIA_UIA_EXT.
McAfee Email Gateway Security Target McAfee Incorporated 5.1.9 User authentication (FIA_UAU) Family behaviour This component is added to the existing CC family FIA_UAU, and covers use of a password for authentication. Component levelling 1 2 EXT.2 FIA_UAU User authentication 3 4 5 6 7 FIA_UAU_EXT.2 allows for specification of password based and other authentication mechanisms. Management: FIA_UAU_EXT.
McAfee Email Gateway Security Target McAfee Incorporated FIA_UAU_EXT.2.1 The TSF shall provide a local password-based authentication mechanism, [selection: [assignment: other authentication mechanism(s)], none] to perform administrative user authentication. 5.1.10 Protection of TSF data (FPT_SKP) Family behaviour This family is added to the class FPT, and addresses the requirement to prevent reading of sensitive TSF data. Component levelling FPT_SKP_EXT Protection of administrator passwords EXT.
McAfee Email Gateway Security Target McAfee Incorporated Management: FPT_APW_EXT.1 There are no management activities foreseen. Audit: FPT_APW_EXT.1 There are no auditable events foreseen. FPT_APW_EXT.1 Protection of administrator passwords Hierarchical to: No other components Dependencies: No dependencies FPT_APW_EXT.1.1 The TSF shall store passwords in non-plaintext form. FPT_APW_EXT.1.2 The TSF shall prevent the reading of plaintext passwords. 5.1.
McAfee Email Gateway Security Target McAfee Incorporated FPT_TUD_EXT.1.2 The TSF shall provide security administrators the ability to initiate updates to TOE firmware/software. FPT_TUD_EXT.1.3 The TSF shall provide a means to verify firmware/software updates to the TOE using a [selection: digital signature mechanism, published hash] prior to installing those updates. 5.1.13 TSF self test (FPT_TST) Family behaviour This component is added to the existing CC family FPT_TST.
McAfee Email Gateway Security Target McAfee Incorporated Component levelling 1 EXT.1 FTA_SSL Session locking and termination 2 3 4 FTA_SSL_EXT.1 requires the ability to either lock or terminate a local interactive session. Management: FTA_SSL_EXT.
McAfee Email Gateway Security Target McAfee Incorporated 5.2 Security Functional Requirements 5.2.1 Introduction This section identifies the Security Functional Requirements for the TOE. The Security Functional Requirements included in this section are derived from Part 2 of the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 4, with additional extended functional components.
McAfee Email Gateway Security Target McAfee Incorporated Requirement Auditable Events FPT_STM.1 Changes to the time. FPT_TUD_EXT.1 FPT_TST_EXT.1 Initiation of update. None Any attempts at unlocking of an interactive session. The termination of a remote session by the session locking mechanism. The termination of an interactive session None. Initiation of the trusted channel. Termination of the trusted channel. Failure of the trusted channel functions. Initiation of the trusted channel.
McAfee Email Gateway Security Target McAfee Incorporated FAU_STG_EXT.1 External Audit Trail Storage FAU_STG_EXT.1.1The TSF shall be able to [transmit the generated audit data to an external IT entity] using a trusted channel implementing the [SSH] protocol. 5.2.3 Cryptographic Support (FCS) Application Note: [NDPP] does not specify that correct cryptographic operation must be validated through compliance with FIPS 140.
McAfee Email Gateway Security Target McAfee Incorporated FCS_COP.1(3) Cryptographic Operation (for cryptographic hashing) FCS_COP.1.1(3) The TSF shall perform [cryptographic hashing services] in accordance with a specified cryptographic algorithm [SHA-1, SHA-256] and cryptographic key message digest sizes [160 bits, 256 bits] that meet the following: [FIPS Pub 180-3, “Secure Hash Standard”]. FCS_COP.1(4) Cryptographic Operation (for keyed-hash message authentication) FCS_COP.1.
McAfee Email Gateway Security Target McAfee Incorporated TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA Optional Ciphersuites: [None]. FCS_HTTPS_EXT.1 HTTPS FCS_HTTPS_EXT.1.1 The TSF shall implement the HTTPS protocol that complies with RFC 2818. FCS_HTTPS_EXT.1.2 The TSF shall implement HTTPS using TLS as specified in FCS_TLS_EXT.1. 5.2.4 User Data Protection (FDP) FDP_RIP.2 Full Residual Information Protection FDP_RIP.2.
McAfee Email Gateway Security Target McAfee Incorporated FIA_UAU.7 Protected Authentication Feedback FIA_UAU.7.1 The TSF shall provide only [obscured feedback] to the administrative user while the authentication is in progress at the local console. 5.2.6 Security Management (FMT) FMT_MTD.1 Management of TSF Data (for general TSF data) FMT_MTD.1.1 The TSF shall restrict the ability to [manage] the [TSF data] to [the Security Administrators]. FMT_SMF.1 Specification of Management Functions FMT_SMF.1.
McAfee Email Gateway Security Target McAfee Incorporated FPT_STM.1 Reliable Time Stamps FPT_STM.1.1 The TSF shall be able to provide reliable time stamps for its own use. FPT_TUD_EXT.1 Extended: Trusted Update FPT_TUD_EXT.1.1 The TSF shall provide Security Administrators the ability to query the current version of the TOE firmware/software. FPT_TUD_EXT.1.2 The TSF shall provide Security Administrators the ability to initiate updates to TOE firmware/software. FPT_TUD_EXT.1.
McAfee Email Gateway Security Target McAfee Incorporated modification of the channel data. FTP_ITC.1.2 The TSF shall permit the TSF, or the authorized IT entities to initiate communication via the trusted channel. FTP_ITC.1.3 The TSF shall initiate communication via the trusted channel for [all trusted communications with an IT peer]. FTP_TRP.1 Trusted Path FTP_TRP.1.
McAfee Email Gateway Security Target McAfee Incorporated Assurance Class Assurance Components ASE_TSS.1 TOE summary specification ATE: Tests ATE_IND.1 Independent testing - conformance AVA: Vulnerability assessment AVA_VAN.1 Vulnerability survey Table 14 - Assurance Requirements 5.4 Rationale for TOE Security Requirements 5.4.1 TOE Security Functional Requirements Security Objective Mapping Rationale O.
McAfee Email Gateway Security Target McAfee Incorporated Security Objective Mapping Rationale are defined (FMT_SMR.2), and the ability to manage TSF data is restricted (FMT_MTD.1). O.RESIDUAL_INFORMATION_C LEARING The TOE provides clearing of resources on allocation (FDP_RIP.2). O.SESSION_LOCK The TOE provides the capability to lock a local session following a period of inactivity (FTA_SSL_EXT.1), and also to terminate remote sessions after a period of inactivity ( FTA_SSL.3, FTA_SSL.4). O.
McAfee Email Gateway Security Target McAfee Incorporated Functional Component Dependency Included/Rationale FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1, FCS_CKM.4 Yes, using FCS_CKM.1 and FCS_CKM_EXT.4 (which provides equivalent functionality to FCS_CKM.4) FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1, FCS_CKM.4 Yes, using FCS_CKM.1 and FCS_CKM_EXT.4 (although dependencies are not relevant as this component relates to hashing only) FDP_ITC.1 or FDP_ITC.2 or FCS_CKM.1, FCS_CKM.4 Met using FCS_CKM.1 and FCS_CKM_EXT.
McAfee Email Gateway Security Target McAfee Incorporated Functional Component Dependency Included/Rationale FTA_SSL_EXT.1 FIA_UIA_EXT.1 Yes FTA_SSL.3 None Yes FTA_SSL.4 None Yes FTA_TAB.1 None Yes FTP_ITC.1 None Yes FTP_TRP.
McAfee Email Gateway Security Target McAfee Incorporated 6 TOE Summary Specification 6.1 TOE Security Functions The TOE consists of 4 Security Functions: Security Management Identification and Authentication Audit Cryptographic Support 6.1.1 Security Management The McAfee MEG TOE provides security management functions and tools to manage the security features described within this security target. There are three methods of accessing the User Interface framework: 1.
McAfee Email Gateway Security Target McAfee Incorporated new user roles with defined limited responsibilities. FTA_SSL.3 TSF-initiated termination, FTA_SSL.4 User-initiated termination, FTA_SSL_EXT.1 TSFinitiated session locking Administrative access to the TOE is established via a supported web browser using a TLSv1 session. The Administrator Management session may be closed manually by the Administrator through a logoff button on the GUI.
McAfee Email Gateway Security Target McAfee Incorporated FCS_SSH_EXT.1 SSH The administrator can configure the TOE to permit SSH client to be used for export of audit data. FPT_TST_EXT.1 TSF Testing MEG self-tests are run during startup to ensure that the TOE is functioning properly to demonstrate correct operation of the TSF. At power-on the hardware will perform standard BIOS tests. This includes a check for the presence of memory.
McAfee Email Gateway Security Target McAfee Incorporated Passwords for the administration interface are not stored in plaintext, and use a salted SHA1 (160 bits with the first 32 bits being the salt), protected by restricted file permissions. FIA_PMG_EXT.1 – Password Management The password authentication mechanism is realized by a probabilistic or permutational security mechanism.
McAfee Email Gateway Security Target McAfee Incorporated An internal clock is provided within the McAfee MEG Appliance to provide a time reference for use by the TOE in recording accurate audit logs by the time of the event. FAU_STG_EXT.1 External Audit Trail Storage The TOE provides a facility to export audit data to an external storage device for long term storage, using SSH.
McAfee Email Gateway Security Target McAfee Incorporated longer available. FIPS mode is disabled by reinstalling the appliance, which removes all Key Security Parameters. The TOE has two methods for zeroizing keys and CSPs: a complete uninstall and reinstallation of the TOE and a zeroization function. The zeroization function uses a cleanup routine to remove keys and /or CSPs stored in RAM. The cleanup routine overwrites the RAM multiple times. This function is also called prior to uninstalling the MEG.
McAfee Email Gateway Security Target McAfee Incorporated FCS_TLS_EXT.1 The TOE implements TLS 1.0 (RFC 2246)] supporting the following ciphersuites: TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA. FCS_HTTPS_EXT.1 HTTPS (using TLS 1.0) is used to protect remote administrator sessions. Client-Authentication uses form based authentication over HTTPS. FPT_SKP_EXT.
McAfee Email Gateway Security Target McAfee Incorporated A certificate number will be provided when available. 6.2 Rationale for TOE Security Functions This section provides a table demonstrating the tracing of TOE security functions back to aspects of the security functional requirements (SFRs). A justification that the security functions are suitable to cover the SFRs can be found in Section 6.1. SFR SFR Name Security Function FAU_GEN.1 Audit data generation Audit FAU_GEN.
McAfee Email Gateway Security Target SFR McAfee Incorporated SFR Name Security Function protection FPT_APW_EXT.1 Protection of administrator passwords Identification & Authentication FPT_SKP_EXT.1 Protection of TSF data Cryptographic Support FPT_STM.1 Reliable time stamps Audit FPT_TUD_EXT.1 Trusted update Security Management FPT_TST_EXT.1 TSF testing Security Management FTA_SSL_EXT.1 TSF-initiated session locking Security Management FTA_SSL.
