Table of Contents
Advertisement
Appendix B: Common Criteria requirements
Administrators who must adhere to the requirements of the National Information Assurance
Partnership (NIAP) Common Criteria Validation Scheme (CCEVS) are directed to assign
passwords employing ePolicy Orchestrator software authentication only. McAfee recommends
that the network IT administrator assign passwords that meet the following requirements:
Must be at least 10 characters in length.
Must contain at least three of the following four character groups:
English uppercase characters (A-Z).
English lowercase characters (a-z).
Numerals (0-9).
Non-alphanumeric characters, such as !, $, #, %.
User IDs and passwords should be unique. No two users should have the same password. In
addition, the User ID used to access ePolicy Orchestrator software should be different from any
other User ID required for related ePolicy Orchestrator software functionality such as SQL
administration or creation of distributed repositories.
Administrators must ensure that all user names and passwords are protected by the users in
a manner which is consistent with IT security.
Intrusion prevention system
McAfee Host Intrusion Prevention System software is a preemptive approach to host and network
security used to identify and quickly respond to potential threats. McAfee Host Intrusion
Prevention System monitors individual host and network traffic. However, because an attacker
might carry out an attack immediately after gaining access, McAfee Host Intrusion Prevention
System can also take immediate action as preset by the network administrator.
Timestamp
ePolicy Orchestrator software uses either a datetime or smalldatetime data type, as appropriate,
to record the events and triggers to automatically update the timestamp when any modification
takes place. Many tables have a datetime or smalldatetime data type to indicate when a row
was created, and are linked to other tables to preserve the date and time of all modifications.
Email alarm notifications of storage space exhaustion
The ePolicy Orchestrator software notification feature transmits alerts to designated email
recipients. The administrator must set up four Notifications that require configuration in order
to meet the "alarm" requirements of FAU_STG.4.1 and IDS_STG.2.1
Notification that storage space for new records in the ePOAuditEvent table in the SQL Server
database is exhausted.
Purging of the oldest 20% of the records in the ePOAuditEvent table completed successfully.
Purging of the oldest 20% of the records in the ePOAuditEvent table failed.
Notification that storage space for new records in the ENT_IPSEvent table in the SQL Server
database is exhausted. When this notification is received, the administrator should purge
the database.
The appropriate version of the ePolicy Orchestrator software Product Guide provides information
about purging and archiving the database.
McAfee Policy Auditor 6.0 software Product Guide for ePolicy Orchestrator 4.6
93
Advertisement
Table of Contents
Related Manuals for McAfee PASCDE-AB-IA - Policy Auditor For Servers
Related Products for McAfee PASCDE-AB-IA - Policy Auditor For Servers
- McAfee PSMCDE-AB-AA - PortalShield For Microsoft SharePoint Server External Connection Option
- MCAFEE VIRUSSCAN PLUS 2009
- MCAFEE VIRUSSCAN PLUS 2008
- McAfee SiteAdvisor Enterprise Plus 3.0
- McAfee Network Security Platform
- McAfee Network Security Platform 6.0
- McAfee Agent 4.0
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE ANTI-THEFT FILE PROTECTION
- McAfee AVDCDE-AA-AA - Active Virus Defense Suite
- McAfee AVDCDE-BA-CA - Active Virus Defense Suite
- McAfee AVM85M - VirusScan For Mac
- McAfee Data Loss Prevention 9.2.1
- McAfee DFFCDE-AA-DA - Endpoint Encryption For Files
- MCAFEE DR SOLOMON S ANTI-VIRUS 8.5
- McAfee Dr Solomon's Anti-Virus