[4464] in WWW Security List Archive
Re: Trusted Solaris and MLS
daemon@ATHENA.MIT.EDU (Nicolas J. Hammond)
Sun Feb 16 11:33:47 1997
From: "Nicolas J. Hammond" <njhm@ns.njh.com>
In-Reply-To: <199702142056.PAA19528@duncan.cs.utk.edu> from "dillow@cs.utk.edu" at "Feb 14, 97 03:56:07 pm"
To: dillow@cs.utk.edu
Date: Sun, 16 Feb 1997 09:41:42 -0500 (EST)
Cc: Nymblewyke@compuserve.com, www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
dillow@cs.utk.edu wrote ...
> From: Jim Frank <Nymblewyke@compuserve.com>
> > Does anyone out there have information on trusted solaris and multi level
> > security .
>
> I don't have any info on firewalling on a Trusted Solaris machine, per se,
> but I happen to build firewalls, and I also happen to work on TS machines,
> along with HP CMW and DEC MLS+. I'm currently working on getting ssh to
> work properly on HP's -- I know you are in for some interesting times....
Trusted Solaris was unable to complete its evaluation against the
Orange Book/CMW requirements. It does an E3 evaluation against the ITSEC
(equivalent to B1). See http://www.sun.com for more information on the
Trusted Solaris product line.
> > I am told that there are machines and that they are approved for multi
> > level security.
>
> As for certifying them for actual use, I'm not sure about the acredidation
> issues, but I am sure that you will not be able to hook to the Internet or
> outside lines if this involves classified data on any of the systems. Of
> course, if this is for the governement, you probably knew that, or know if
> I am wrong. If this is commercial, it is up to the company's policy.
Most of the B1/CMW machines are being used (at least in Govt. use)
for handling multilevel data. Their use varies, and also the range of
classifications (B1 in theory should only span 1 (2?) levels, I know
of places where B1/CMW systems are spanning 4 levels).
> > Am I just paranoid or is there a problem with different levels of security
> > in the same machine?
>
> You cannot be too paranoid when it comes to security. It is possible to
> implement a firewall that is secure across Sensitivity Labels, as long
> as one is careful. For starters, the only access to the firewall itself
> should be through the console, and the OS should stripped down.
>
> I haven't looked for a commercial offering, but one could do the job
> themselves, if they are knowledgable in firewall design. One must also
> have experience implementing the MAC policy and protections. If you are
> not comfortable with your experience in these areas, I should be able to
> put you in contact with someone who can help.
>
> A good start would be TIS's Firewall Toolkit, and I would suggest reading
> all the information you can get on MaxSix and TSIX(RE). You will be using
> these for everything.
A lot depends on what you plan on using a multilevel firewall for.
Some commercial companies (e.g. banks) use them to protect their databases
when the bank provides internet access.
Some govt. sites use them as firewalls. In most cases this is usually
acting as an application proxy for one specific type of traffic (e.g. mail)
rather than as a general purpose firewall. There are some companies
out there with general purpose multilevel firewalls (www.norman.com).
> If you'd like to talk about this further, let's take it to private email.
A lot depends on what you plan on using your system for - either you need
a general purpose firewall or you can use a specific application proxy
running on a trusted system. Similarly if you have any further questions,
feel free to send me private mail.
--
Nicolas Hammond NJH Security Consulting, Inc.
njh@njh.com 211 East Wesley Road
404 262 1633 Atlanta
404 812 1984 (Fax) GA 30305-3774
