PRODUCT DESCRIPTION
BMC Software PATROL® Perform/Predict, Version 6.5.30 is a Security Pack for users of PATROL® for Microsoft Windows Servers Performance and PATROL® for Unix Performance. The security pack ensures that unauthorized users cannot start a collection process. The Security Pack update to Perform Agent requires Perform Agent 6.5.20 to be present on the machine. A version of Perform Agent prior to 6.5.20 is NOT supported with the Security Pack.
A managed (agent) node updated to Version 6.5.30 has all network communication disabled to and from the managing node (console) - data collection must be initiated locally on secure managed nodes, and the data must be manually transferred to the managing computer (console). PATROL® Perform/Predict, Version 6.5.30 provides this security feature through the UDR Provider component's use of an access control list/authorization file to validate a user's authority to start a data collection process.
SECURITY EVALUATION SUMMARY
The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. The evaluation demonstrated that the Authorization function of the Perform/Predict product meets the security requirements contained in the Security Target. The criteria against which the BMC Software PATROL® Perform/Predict, Version 6.5.30 was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Computer Sciences Corporation determined that the evaluation assurance level (EAL) for the product is EAL 2. The product, configured as installed by the BMC Software technician, satisfies all of the security functional requirements stated in the Security Target. A validator, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by Computer Sciences Corporation. The evaluation was completed in March 2002. Results of the evaluation can be found in the Validation Report BMC Software PATROL® Perform/Predict, Version 6.5.30 prepared by the National Information Assurance Partnership (NIAP) CCEVS.
ENVIRONMENTAL STRENGTHS
The UDRProvider component of Perform/Predict, Version 6.5.30 uses an access control list/authorization file to validate a user's authority to start a data collection process. The default configuration grants all users that are members of the patrol group full authorization, however, this file can be edited on a per-user basis by assigning one of two possible access permissions, or no access based on omission. If the authorization file is not on the node, or if the user is not authorized on the local node, UDRProvider will not process a collection request and will exit.