,QVWDOOHU·V*XLGH %
%
$SSHQG L[%
&RQILJXUDWLRQIRU
&RPPRQ&ULWHULD($/
All NetScreen devices are designed to meet the Common Criteria requirements, and are
currently under evaluation for Common Criteria, EAL2. However, there are certain
configuration actions that are required for a security administrator to properly secure the
device to be in compliance with the Common Criteria EAL2 security target. While these
requirements are for anyone needing Common Criteria assurance, they can also be used
as general guidelines for administrators wishing to better secure the deployment of a
NetScreen device.
3523(5/<,'(17,)<,1*7+(1(76&5((1'(9,&()25
&
20021&5,7(5,$($/&203/,$1&(
Before carrying out any step to secure a NetScreen device, you must make sure that the
received product has not been tampered with, and ensure that the product received
matches the version that is certified as Common Criteria EAL2 compliant.
To ensure that the product has not been tampered with, verify two items:
• The outside packaging cannot show damage, or evidence that it has been
opened. If the cardboard shows damage that would allow the device to be
removed or exchanged, this may be evidence of tampering.
• The internal packaging cannot show damage or evidence of tampering. The
plastic bag should not have a large hole and the label that seals the plastic bag
should not be detached or missing. If the bag or the seal are damaged in any
way, this may be evidence of tampering.
Both of these tamper evidence criteria must be met to ensure that the product has not
been tampered with during shipment.
To verify that the product received is the correct version of hardware and software, run
the following command from the Command Line Interface (CLI):
get system
The output of this command includes two key items, hardware version and software
version. The Common Criteria evaluated versions are listed in NetScreen’s Security
Target for Common Criteria EAL2, section 1.1. The hardware and software versions must
match the Security Target to be in full compliance with the Common Criteria evaluation.
To Next Page
Loading...
Need help?
General
