Reviews & Opinions
Independent and trusted. Read before buy LG CRD-8322B!

LG CRD-8322B

Manual

Preview of first few manual pages (at low quality). Check before download. Click to enlarge.
Manual - 1 page  Manual - 2 page  Manual - 3 page 

Download (English)
LG CRD-8322B, size: 6.6 MB
Instruction: After click Download and complete offer, you will get access to list of direct links to websites where you can download this manual.

About

LG CRD-8322BLG - CD-ROM drive - IDE - 32x - Internal - White

PC, 128 KB buffer, Tray, 1 year warranty

Drive faster with the 32X Max CD-ROM drives from LG. With a maximum data transfer rate of 4.8 MB/sec, and access time of just 80 ms, these drives retrieve data in no time. 32X Max from LG. It's new spin on CD-ROM drives

Here you can find all about LG CRD-8322B, for example manual and review. You can also write a review.

 

[ Report abuse or wrong photo | Share your LG CRD-8322B photo ]

User reviews and opinions

<== Click here to post a new opinion, comment, review, etc.

No opinions have been provided. Be the first and add a new opinion/review.

 

Documents

doc0

UK IT SECURITY EVALUATION AND CERTIFICATION SCHEME
CERTIFICATION REPORT No. P177

MIDASS Firewall

Version 1.0 running on specified platforms

Issue 1.0 January 2003

Crown Copyright 2003 Reproduction is authorised provided the report is copied in its entirety
UK IT Security Evaluation and Certification Scheme Certification Body, PO Box 144 Cheltenham, Glos GL52 5UF United Kingdom
MIDASS Firewall Version 1.0 running on specified platforms
RECOGNITION AGREEMENT OF INFORMATION TECHNOLOGY SECURITY EVALUATION CERTIFICATES
The Certification Body of the UK IT Security Evaluation and Certification Scheme is a member of the above Agreement Group and as such: indicates that it is the issuer claim that this certificate is a conformant certificate s as defined in this Agreement; and therefore gives grounds for confidence, though it cannot in itself guarantee, that the certificate is a conformant certificate and that it will in practice be recognised by the other Members of the Agreement Group. The judgements contained in the certificate and Certification Report are those of the Qualified Certification Body which issued it and of the Evaluation Facility which carried out the evaluation. There is no implication of acceptance by other Members of the Agreement Group of liability in respect of those judgements or for loss sustained as a result of reliance placed upon those judgements by a third party. Members of the Agreement Group currently are: Finland, France, Germany, Greece, Italy, Netherlands, Norway, Spain, Sweden, Switzerland and UK.
Trademarks: All product and company names are used for identification purposes only and may be trademarks of their owners.

Page ii

Issue 1.0

January 2003

CERTIFICATION STATEMENT
BAE SYSTEMS MIDASS Firewall is a firewall that allows the SNMP and ICMP protocols to be used for secure network management across different security domains. MIDASS Firewall Version 1.0 (comprising the MIDASS Firewall application Version 1.0, the certified SWIPSY 1.6 software platform and the certified Trusted Solaris 2.5.1 operating system with specified patches) has been evaluated under the terms of the UK IT Security Evaluation and Certification Scheme and has met the requirements of ITSEC Assurance Level E3 when running on Sun Ultra-10 workstations as specified in Annex B.

Originator

CESG Certifier CESG Technical Manager of the Certification Body 28 January 2003
Approval and Authorisation

Date authorised

Page iii
(This page is intentionally blank)

Page iv

TABLE OF CONTENTS
CERTIFICATION STATEMENT.... iii TABLE OF CONTENTS.... v ABBREVIATIONS.... vii REFERENCES.... ix I. INTRODUCTION.... 1 Intended Audience... 1 Identification of Target of Evaluation... 1 Evaluation Conduct.... 1 General Points.... 2 II. EVALUATION FINDINGS.... 3 Introduction.... 3 Correctness - Construction... 3 Correctness - Operation.... 4 Effectiveness - Construction.... 4 Effectiveness - Operation... 5 Specific Functionality.... 5 III. CONCLUSIONS.... 7 Certification Result.... 7 Recommendations.... 7 ANNEX A: SUMMARY OF THE SECURITY TARGET... 9 ANNEX B: EVALUATED CONFIGURATION.. 11

Page v

Page vi

ABBREVIATIONS

CBC CD CESG CLEF CMS DERA DES ETR Gb HMAC ICMP IP ITSEC ITSEM Kb MAC Mb MD5 MHz MIDASS PCI PROM QIC RAM ROM SCSI SEF SHA SNMP SoM SWIPSY TOE UKSP Cipher Block Chaining Compact Disc Communications-Electronics Security Group Commercial Evaluation Facility Certificate Maintenance Scheme Defence Evaluation and Research Agency (now renamed as QinetiQ) Data Encryption Standard Evaluation Technical Report gigabyte(s) Hashing Message Authentication Codes Internet Control Message Protocol Internet Protocol Information Technology Security Evaluation Criteria Information Technology Security Evaluation Manual kilobyte(s) Media Access Control megabyte(s) Message Digest 5 megahertz Management In Domain Based Secure Systems Peripheral Component Interconnect Programmable Read Only Memory Quarter-inch Cartridge Random Access Memory Read Only Memory Small Computer System Interface Security Enforcing Function Secure Hashing Algorithm Simple Network Management Protocol Strength of Mechanisms Switch IP Securely Target of Evaluation United Kingdom Scheme Publication

Page vii

Page viii

REFERENCES

a. Description of the Scheme, UK IT Security Evaluation and Certification Scheme, UKSP 01, Issue 4.0, February 2000. The Appointment of Commercial Evaluation Facilities, UK IT Security Evaluation and Certification Scheme, UKSP 02, Issue 3.0, 3 February 1997. Security Target for MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TD.1-1, Version 5, September 2002. Harmonised Information Technology Security Evaluation Criteria, Commission of the European Communities, CD-71-91-502-EN-C, Version 1.2, June 1991. Information Technology Security Evaluation Manual, Commission of the European Communities, Version 1.0, 10 September 1993. Manual of Computer Security Evaluation, Part I, Evaluation Procedures, UK IT Security Evaluation and Certification Scheme, UKSP 05, Issue 3.0, October 1994. Manual of Computer Security Evaluation, Part III, Evaluation Techniques and Tools, UK IT Security Evaluation and Certification Scheme, UKSP 05, Issue 2.0, 30 July 1997. ITSEC Joint Interpretation Library, Joint Interpretation Working Group, Version 2.0, November 1998. Evaluation Technical Report, MIDASS Firewall, CMG UK Ltd, 114146/T7.4/1, Issue 1.0, 8 October 2002. Functional System Specification Phase II, MIDASS Firewall, BAE SYSTEMS, MIDASS/ TF.2-2, Version 6, September 2002. Phase II Design Specification, MIDASS Firewall, BAE SYSTEMS, MIDASS/ TD.1-2, Version 7, September 2002.

Page ix

Evaluation Software Design, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TD.2-4, Version 5, September 2002. Mapping of Security Enforcing Functions to the MIDASS Design Specification, BAE SYSTEMS, MIDASS Evaluation/ TD.1-2, Version 3, September 2002. Delivery and Shipping Procedures, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ MX.1-3, Version 2, April 2002. Installation, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TU.1-1, Version 9, September 2002. User Guide, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TU.2-1, Version 6, September 2002. Error Code Guide for Users, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TU.2-2, Version 5, September 2002. Suitability Analysis, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TD.3-1, Version 2, September 2002. Binding Analysis, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TD.3-6, Version 3, September 2002. Strength of Mechanisms Analysis, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TD.3-2, Version 4, September 2002. Construction Vulnerability Analysis, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TD.3-4, Version 2, September 2002. Operational Vulnerability Analysis, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TD.3-5, Version 1, September 2002. Ease of Use Analysis, MIDASS Firewall, BAE SYSTEMS, MIDASS Evaluation/ TD.3-3, Version 1, September 2002.

Page x

Certification Report No. P104, Trusted Solaris Version 2.5.1, UK IT Security Evaluation and Certification Scheme, Issue 1.0, October 1998. Certification Report No. P147, SWIPSY Version 1.6, UK IT Security Evaluation and Certification Scheme, Issue 1.0, August 2000. Scheme Information Notice No. 052, F-B1 Functionality Class, UK IT Security Evaluation and Certification Scheme, SIN No. 052, Issue 2.0, 28 January 1997. UK Certificate Maintenance Scheme, UK IT Security Evaluation and Certification Scheme, UKSP 16, Issue 1.0, 31 July 1996. Security Target, Trusted Solaris 2.5.1, Sun Microsystems Federal Inc., EC.22740.ST / ts2_101, Version 6.0, 6 August 1998. Security Target, SWIPSY Firewall Platform, Defence Evaluation and Research Agency, DERA/CIS3/SW/SWIPSY/4, Version 1.10, 16 August 2000.

Page xi

Page xii

INTRODUCTION

Intended Audience 1. This Certification Report states the outcome of the IT security evaluation of MIDASS Firewall Version 1.0 to the Sponsor, BAE SYSTEMS, and is intended to assist potential purchasers when judging the suitability of the product for their particular requirements. Identification of Target of Evaluation 2. The version of the product evaluated was: MIDASS Firewall Version 1.0. This product is also described in this report as the Target of Evaluation (TOE). The Developer was BAE SYSTEMS. 3. The TOE comprises the following components: a. b. BAE SYSTEMS MIDASS Firewall application Version 1.0 (referred to in this report as MIDASS application the ). QinetiQ certified SWIPSY Version 1.6 (referred to in this report as s SWIPSY ), which is a software platform for building firewalls. (SWIPSY was developed by the Defence Evaluation and Research Agency (DERA), now renamed as QinetiQ.) Sun Microsystemscertified Trusted Solaris Version 2.5.1 operating system (referred to in this report as Trusted Solaris plus the patches specified in Annex B. ),
4. SWIPSY has been certified to IT Security Evaluation Criteria (ITSEC) Assurance Level E3 [Reference d] (see Certification Report P147 [y]). 5. Trusted Solaris has been certified to ITSEC E3 with F-B1 functionality class [z] (see Certification Report P104 [x]). For the TOE, specified patches were installed on Trusted Solaris (see Annex B of this report); these included patches approved under the UK Certificate Maintenance Scheme (CMS) [aa]. 6. A summary of the TOE Security Target [c] is provided in Annex A. A summary of the s product non-evaluated components is provided in Annex B. s 7. The TOE is designed to run on a Sun Ultra-10 Workstation hardware platform containing 2 or more network cards. Details of the hardware platform are provided in Annex B. Evaluation Conduct 8. The evaluation was carried out in accordance with the requirements of the UK IT Security Evaluation and Certification Scheme as described in the United Kingdom Scheme Publication 01 (UKSP 01) and UKSP 02 [a, b]. The Scheme has established a Certification Body, which is

Page 1

managed by the Communications-Electronics Security Group (CESG) on behalf of Her Majesty Government. s 9. The purpose of the evaluation was to provide assurance about the effectiveness of the TOE in meeting its Security Target [c], which prospective purchasers are advised to read. (A copy of the Security Target may be obtained from the Sponsor.) The criteria against which the TOE was judged are described in ITSEC [d]. This describes how the degree of assurance is expressed in terms of the levels E0 to E6, where E0 represents no assurance. The methodology used is described in the IT Security Evaluation Manual (ITSEM) [e], UKSP 05 [f, g] and the ITSEC Joint Interpretation Library [h]. 10. The Certification Body monitored the evaluation, which was carried out by the CMG Commercial Evaluation Facility (CLEF). The evaluation was completed in October 2002 when the CLEF submitted an Evaluation Technical Report (ETR) [i] to the Certification Body which, in turn, produced this Certification Report. 11. As required by the Security Target [c]: a. b. the Target Assurance Level for the TOE was ITSEC E3; and the claimed minimum Strength of Mechanisms (SoM) for the TOE was Medium.

General Points 12. Prospective purchasers of the TOE are reminded that the security functionality evaluated is that claimed in the Security Target [c]. This functionality may not necessarily meet all the threats that a purchaser has identified in a particular operating environment. 13. The assumed threats, intended method of use and intended environment for the TOE are as stated in the Security Target [c]. 14. The TOE should only be used in its evaluated configuration (as indicated in Annex B) and in accordance with the recommendations and caveats in this report. 15. It is the responsibility of purchasers to ensure that the TOE meets their requirements.
16. Certification is not a guarantee of freedom from security vulnerabilities; there remains a small probability (smaller with higher assurance levels) that exploitable vulnerabilities may be discovered after a certificate has been awarded. This Certification Report reflects the Certification Body view at the time of certification. Purchasers (both prospective and existing) s should check regularly for themselves whether any security vulnerabilities have been discovered since this report was issued and, if appropriate, should check with the Vendor to see if any patches exist for the product and whether such patches have been evaluated and certified. Purchasers are reminded of the security dangers inherent in downloading hot-fixes where these , are available (see the recommendation at paragraph 35 below, regarding the secure delivery of patches). 17. The issue of a Certification Report is not an endorsement of a product.

Page 2

II. EVALUATION FINDINGS
Introduction 18. The evaluation of the TOE followed the generic Evaluation Work Programme described in ITSEM [e] with work packages structured around the evaluator actions described in ITSEC [d]. The results of this work were reported in the ETR [i] under the ITSEC headings. This Certification Report summarises the assurance results in relation to the security functionality claimed in the Security Target [c]. Correctness - Construction 19. This aspect of the evaluation examined both the development process (i.e. the Security Target, the Architectural Design, the Detailed Design and the Implementation) and the development environment in which it took place. 20. The results were as follows: a. The Security Target [c] described the TOE Security Enforcing Functions (SEFs) s and contained a product rationale identifying the TOE method of use, intended s environment and the assumed threats within that environment; it also described how the TOE functionality is appropriate for that method of use and is adequate to s counter the assumed threats. The Architectural Design [j] described the TOE general structure, together with the s external interfaces and supporting hardware or firmware; it also described how the SEFs are provided and how the TOE is separated into security enforcing and other components. The Detailed Design [j - m] specified all basic components, identified all security mechanisms and described the realisation of all security enforcing and security relevant functions; it also mapped the SEFs to mechanisms and components, documented all interfaces of security enforcing and security relevant components, and enabled the relationships between levels of specification to be identified. The correctness of the implementation was satisfactory, i.e. all security enforcing and security relevant functions offered in the Detailed Design [j - m] were identifiable in the source code and test documentation, and the associated tests were repeatable. Repeating an agreed sample of the Developer functional tests on the platform s specified in paragraph 2.a of Annex B produced no differences in the test results. After consideration of the rationale presented by the Developer, the Evaluators were satisfied that the evaluation findings could be applied to all of the platforms specified in Annex B of this report. The configuration control, programming standards and security aspects of the Developer working environment were satisfactory. s

Page 3

21. The Evaluators concluded that the TOE met the requirements for ITSEC E3 in respect of its Security Target, Architectural Design, Detailed Design, Implementation and Development Environment. Correctness - Operation 22. The Evaluators checked and confirmed that: a. b. c. there were only administrators of the TOE, i.e. there were no end-users of the TOE; the operational documentation [o - q] described the SEFs relevant to administrators, and how to startup and operate the TOE in a secure manner; the delivery and configuration documentation [n, o] described the delivery arrangements, from the development environment to the customer, and the required system generation aspects; and the information supplied described how these procedures maintain the security of the TOE.
23. The Evaluators concluded that the TOE met the requirements for ITSEC E3 in respect of its Operational Documentation and Operational Environment. Effectiveness - Construction 24. This aspect of the evaluation dealt with: a. b. c. d. 25. the suitability of the SEFs to counter the threats identified in the Security Target [c]; the ability of the SEFs and mechanisms to bind together in a way that is mutually supportive and provides an integrated and effective whole; the ability of the security mechanisms to withstand direct attack; and the question of whether known security vulnerabilities in the construction of the TOE could, in practice, compromise its security.
The Evaluators were satisfied that: a. b. c. the Suitability Analysis [r] confirmed that all of the threats listed in the Security Target [c] were countered by one or more of the stated SEFs and mechanisms; the Binding Analysis [s] demonstrated that it was not possible for any SEF or mechanism to conflict with or contradict the intent of any other SEF or mechanism; the SoM Analysis [t] listed the one security enforcing mechanism identified as critical within the TOE (i.e. the logon mechanism M1: Access Control and the ), SoM rating of that mechanism was Medium as claimed;

Page 4

the procedural measures in the Sponsor Security Target [c] and the Developer s s operational documentation [o - q] were sufficient to prevent all known construction vulnerabilities [u] from being exploited; and the independent vulnerability analysis and penetration testing did not reveal any exploitable vulnerabilities in the TOE that were not satisfactorily corrected or neutralised.
26. The Evaluators concluded that the TOE met the requirements for ITSEC E3 in respect of Suitability, Binding, SoM and Construction Vulnerability. Effectiveness - Operation 27. This work involved: a. b. checking that the TOE can be used in a secure manner and assessing whether known vulnerabilities in its operation could, in practice, compromise its security; and checking the List of Known Vulnerabilities in the operation of the TOE, as supplied by the Sponsor, and assessing the impact of these vulnerabilities and the measures proposed to counter their effects.

The evaluation confirmed that: a. b. c. d. the only users of the TOE were administrators, i.e. there were no end users; the TOE could not be configured or used in a manner that was insecure but which an administrator would reasonably believe to be secure [w]; the countermeasures proposed by the Sponsor in the List of Known Vulnerabilities in Operational Use [v] were satisfactory; and the independent vulnerability analysis and penetration testing did not reveal any exploitable vulnerabilities in the operation of the TOE.
29. The Evaluators concluded that the TOE met the requirements for ITSEC E3 in respect of Ease of Use and Operational Vulnerability. Specific Functionality 30. The Evaluators concluded that all the functionality claimed in the Security Target [c] had been met. This included functionality claims for: domain separation console access control protocol handling assured data paths packet content validation

Page 5

Page 6

III. CONCLUSIONS

Certification Result 31. After due consideration of the ETR [i] produced by the Evaluators and the conduct of the evaluation as witnessed by the Certifier, the Certification Body has determined that the MIDASS Firewall, Version 1.0 (comprising the MIDASS Firewall application Version 1.0, the certified SWIPSY 1.6 software platform and the certified Trusted Solaris 2.5.1 operating system with the patches specified in Annex B) meets the requirements of ITSEC Assurance Level E3 and a minimum SoM of Medium when running on the platforms specified in Annex B. Recommendations 32. The TOE should only be used in accordance with the intended environment and method of use described in the Security Target [c]. Particular care should be taken that the TOE is delivered, configured and used in accordance with the operational documentation [n - q]. 33. Potential purchasers of the TOE should understand the specific scope of the certification by reading this report in conjunction with the Security Target [c]. Only the evaluated TOE configuration should be installed, as specified in Annex B to this report. 34. Potential purchasers of the TOE should also understand the specific scope of the certifications of Trusted Solaris and SWIPSY by reading their respective Certification Reports [x, y] and Security Targets [bb, cc]. 35. To ensure secure delivery of the patches identified in Annex B, purchasers of the TOE are recommended to request their delivery by CD. 36. Two SEFs of the MIDASS application are configurable, i.e. SEF2 (Console Access Control) and SEF5 (Packet Content Validation). Potential purchasers of the TOE should note that its administrators must follow the instructions in the operational documentation [o - q], otherwise the TOE could be configured insecurely (e.g. allowing access to machines and data, contrary to a customer security policy; allowing administrators to generate their own s passwords, rather than using passwords generated for them by Trusted Solaris). 37. The MIDASS application log administrator functionality is called by Trusted Solaris s crontab command every 24 hours; if the size of the audit log exceeds 5Kb, the MIDASS application archives it on the hard disc (by renaming the log, with the date appended) and creates a new audit log. Auditing was outside the scope of the evaluation, however potential purchasers of the TOE should be aware that: no indication of this archiving is provided to the administrator, so (as noted in the User Guide [p]) he/she must check regularly to determine if this has occurred. there is a very small possibility that a small amount of audit data may be lost during this archiving, during the changeover from one audit log to the next, (as noted in the User Guide [p])

Page 7

38. Potential purchasers of the TOE should be aware that the TOE cannot prevent spoofing of addresses when processing ICMP, SNMPv1 or SNMPv2c packets. 39. The TOE supports the SNMPv3 protocol for SNMP exchanges between itself and the management workstation. The SNMPv3 protocol can counter spoofing of addresses, by using the packet authentication and encryption functionality (provided to the TOE by an interchangeable software module that also supports the HMAC-MD5, HMAC-SHA and CBCDES algorithms). However potential purchasers of the TOE should note that the implementation of those algorithms (and the implementation of SNMPv3 security, which depends on them) was outside the scope of the evaluation.

Page 8

E3 Annex A
ANNEX A: SUMMARY OF THE SECURITY TARGET
Introduction 1. The TOE Security Target is provided by [c]. s
Product Rationale 2. The TOE product rationale is provided in the Security Target [c]. s
3. The TOE is a bastion host firewall, through which all access between the different security domains is controlled. As such, it is connected across an air gap between previously unconnected networks. It is intended for use by organisations that wish to manage securely the hosts on one or more domains operating at security levels that are different from each other and different from the domain of the management machine. 4. The TOE purpose is to restrict the flow of network traffic between the domains to a s predetermined set of ICMP, SNMPv1 and SNMPv2c management request and response packets. Those permitted packets are hosted by the firewall such that no packets are transferred directly between networks. Only the management data within packets is passed across the firewall. 5. A customer security policy for the network will govern whether the management data in s a request is permitted to be sent to a managed node and whether the management data in the response is permitted to be returned across the firewall. This decision is made based on whether the managed node may receive requests and, for SNMP, based on whether the specific data requested may be returned across the firewall. The managed node is identified by the destination IP address in request packets and by the source address in response packets. 6. As well as the functional checks, ICMP and SNMP packets arriving at the firewall undergo a byte level inspection to ensure that their structure conforms to appropriate protocol standards. 7. Only requests containing source IP and Media Access Control (MAC) addresses equal to that of the single management workstation are processed by the firewall. Assumed Threats 8. The assumed threats for the TOE are identified in the Security Target [c].

Summary of Security Features 9. The TOE security features are identified in the Security Target [c]. s
Target Assurance Level 10. The TOE Target Assurance Level is identified as ITSEC E3 in the Security Target [c]. s

Page 9

Claimed Minimum Strength of Mechanisms 11. The TOE minimum SoM is claimed as Medium in the Security Target [c]. s

Page 10

E3 Annex B
ANNEX B: EVALUATED CONFIGURATION
Hardware 1. None of the TOE SEFs is implemented in the hardware, hence the hardware is not s security enforcing. However the hardware is security relevant, as the TOE relies upon the correct functioning of the hardware. 2. The evaluation results apply to the following platforms: a. the following specific hardware platform was used for the Developer testing and s the Evaluatorspenetration testing: b. Sun Ultra-10 workstations Sun keyboard and mouse 440MHz UltraSPARC-IIi processor 128Mb RAM Seagate ST39140A 9Gb SCSI disk Sun FastEthernet PCI adapter Sun quad FastEthernet SBus adapter Sun PGX PCI M64 frame buffer colour bitmap monitor LG CRD 8322B SCSI CD-ROM drive floppy disk drive
any hardware platform comprising: Sun Ultra-10 workstations Sun keyboard and mouse at least 128Mb RAM any internal disk of at least 1.05Gb capacity external 4Gb SCSI disk (optional) Sun FastEthernet PCI adapter (optional) Sun quad FastEthernet SBus adapter (optional) Sun PGX PCI M64 frame buffer colour bitmap monitor LG CRD 8322B SCSI CD-ROM drive (optional) external SCSI CD-ROM (optional) external SCSI QIC tape drive (optional) floppy disk drive
Firmware 3. OpenBoot PROM Version 3.25 was used in the test configuration, however this is not security relevant because during TOE startup only the TOE administrator (who is trusted) can affect the operation of the TOE.

Page 11

4. The evaluators concluded that the use of OpenBoot PROM Version 3.25, instead of Version 3.5.0, does not affect the functionality or assurance of the TOE. Software 5. The TOE consists of the following software configuration: a. b. c. the MIDASS Firewall application Version 1.0; certified SWIPSY Version 1.6; and certified Trusted Solaris Version 2.5.1 (CD part no. 704-8118-10 Revision 50), with the following 13 patches installed: Patch Identifier 108041 Version No. 01
6. The Developer tests and the Evaluators penetration tests were performed on the above s software configuration except that, for patch 107826, those tests were performed on 107826-03. 107826-03 was subsequently withdrawn by Sun Microsystems. The Sponsor, Evaluators and Certifier then agreed that the TOE should use 107826-01 (which is CMS approved and is in certified SWIPSY). The Developer performed regression tests on the test configuration, with 107826-01 installed. The Evaluators were satisfied with the scope and results of those tests. The Evaluators and the Certifier agreed that further penetration tests were not required. 7. The TOE implementation of Trusted Solaris including patches (as specified in Paragraph s 5.c above) was identical to certified SWIPSY implementation of Trusted Solaris including s patches (see Annex B of Certification Report P147 [y]) except that, for patch 106813, SWIPSY used 106813-01. Following the Evaluator impact analysis, the Sponsor, Evaluators and s Certifier agreed on the use of 106813-02. Although patch 106813 is required by SWIPSY, this patch does not affect any area of security enforcing functionality within the TOE

Page 12

Non-evaluated Components 8. As noted in Recommendations above, implementation of the HMAC-MD5, HMAC-SHA and CBC-DES algorithms (and hence the implementation of SNMPv3 security, which depends on them) was outside the scope of the evaluation. 9. Any security functionality provided by Trusted Solaris or SWIPSY that is not required by the TOE was outside the scope of the evaluation.

Page 13

(This page is intentionally left blank)

Page 14

 

Technical specifications

General
Device TypeCD-ROM drive
Enclosure TypeInternal
Enclosure ColorWhite
InterfaceIDE
Width5.7 in
Depth7.9 in
Height1.6 in
Optical Storage
TypeCD-ROM - 5.25" x 1/2H
Read Speed32x
Media Load TypeTray
Buffer Size128 KB
Compliant StandardsKodak PhotoCD, CD-DA, CD-XA, CDi
Expansion / Connectivity
Interfaces1 x headphones - output - mini-phone stereo 3.5 mm 1 x audio - line-out - 4 pin MPC
Connections1 x storage - EIDE/ATAPI - 40 pin IDC
Compatible Bays1 x front accessible - 5.25" x 1/2H
Miscellaneous
Mounting KitIncluded
Package TypeRetail
Software / System Requirements
Software IncludedDrivers & Utilities
OS RequiredMicrosoft DOS, SunSoft Solaris 2.4 , SunSoft Solaris 2.5, IBM OS/2 Warp 4.0, SunSoft Solaris 2.6, SunSoft Solaris 7, SunSoft Solaris 2.5.1, SunSoft Solaris 4.1.3, Microsoft Windows 3.x/95/98, Microsoft Windows NT 3.51 or later
Manufacturer Warranty
Service & Support1 year warranty
Service & Support DetailsLimited warranty - replacement - 1 year - carry-in
Universal Product Identifiers
BrandLG Electronics
Part NumberCRD8322B
GTIN08801031210138

 

Tags

CR2020 Descent-freespace 2 TVA 2046 601 S ST-GT350 M341I EQ-240 Calgary MP35 Korg T3 2 Review - 1998 380 LI LE52A656a1F DRX960RZ Matrix 12 VGN-N11s-W SGH-A727 VR485-02 EL100 LE-19R86BD AVR 247 MC260 Superposed B-25 S-HTD1 DVP-S560D Tecra S5 Ihdr-5050C M2794D Emtec H1 Triobrake Mcbc58DST Freestar-2005 ZDF501S UW500 DDX5024 RDR-HX1020 WF-1260 ERB36301X8 UX-G45 De Luxe HL-1470N PRO 9 1263turbo Sl XB HP122K NW-E005 LE40S86BD Strip MPK-thhb EPL-C8000 Bluetooth Slim Tens TX-SR575 Pctv 450E HFN 248 Dipper Navigation EL-9450 PD-H300mkiii Plantronics CT12 Ultra TL210 GPS 15-W Drive Silver Evo4 8000CD G273V LE40A568p3M Remote 670 Lpvk-12E Cafamosacf100 R-403KK SU-MA10 ICE-45 Diva 48 CH1000 DHR-1000 Multiplexer VSX-2020-K EWD2202 MD-MS701 ST-SE200 Vogue S2 PD-M423 Output-2008 If-ed II Fridelys Samsung N510 14CB10C Luxman M-02 OW3000 Pocket DV2 ES-8500 SRT9320 Classic-2001 KX-TG6445 X6 16GB Player 2545CDS Versamail

 

manuel d'instructions, Guide de l'utilisateur | Manual de instrucciones, Instrucciones de uso | Bedienungsanleitung, Bedienungsanleitung | Manual de Instruções, guia do usuário | инструкция | návod na použitie, Užívateľská príručka, návod k použití | bruksanvisningen | instrukcja, podręcznik użytkownika | kullanım kılavuzu, Kullanım | kézikönyv, használati útmutató | manuale di istruzioni, istruzioni d'uso | handleiding, gebruikershandleiding

 

Sitemap

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101