[4478] in WWW Security List Archive
Re: Trusted Solaris and MLS
daemon@ATHENA.MIT.EDU (William Curtiss)
Tue Feb 18 14:29:17 1997
From: "William Curtiss" <wcurtiss@mail.cybg.com>
To: <dillow@cs.utk.edu>, <Nymblewyke@compuserve.com>,
<www-security@ns2.rutgers.edu>
Date: Tue, 18 Feb 1997 11:11:47 -0500
Errors-To: owner-www-security@ns2.rutgers.edu
> From: dillow@cs.utk.edu
>
> From: Jim Frank <Nymblewyke@compuserve.com>
> > Does anyone out there have information on trusted solaris and multi
level
> > security .
>
> > Am I just paranoid or is there a problem with different levels of
security
> > in the same machine?
>
> You cannot be too paranoid when it comes to security. It is possible to
> implement a firewall that is secure across Sensitivity Labels, as long
> as one is careful. For starters, the only access to the firewall itself
> should be through the console, and the OS should stripped down.
>
> I haven't looked for a commercial offering, but one could do the job
> themselves, if they are knowledgable in firewall design. One must also
> have experience implementing the MAC policy and protections. If you are
> not comfortable with your experience in these areas, I should be able to
> put you in contact with someone who can help.
The CyberGuard Firewall is available on a system that was evaluated
at the B1 level. Since I work for them, and don't want to this to be
too commercial (not to mention that it's off-topic), I'll refer any
interested parties to our web page at www.cybg.com
For an across sensitivity label "firewall", we are the MLS host system
for a gate guard system.
William Curtiss
IS Director
CyberGuard Corporation
2101 W Cypress Creek Road
Ft Lauderdale, FL 33309
