1 Reply Latest reply on Nov 14, 2011 5:27 AM by Ahmed Eissa

    Hardening Standars for SideWinder ???

    Ahmed Eissa

      Could you  help me with  Hardening Standars for SideWinder ???

      Please Urgent ....

        • 1. Re: Hardening Standars for SideWinder ???
          Ahmed Eissa
                                                                                                                                                                                                                                                                                                                                                                                                                                                   
          Standards Requirement DetailMcAfee Statement
          10Base-T support as per IEEE 802.3 – 2002.McAfee supports the IEEE 802.3 - 2002 standard on all Ethernet Sensor interfaces.
          100Base-TX support as per IEEE 802.3 – 2002.McAfee supports the IEEE 802.3 - 2002 standard on all Ethernet Sensor interfaces.
          Gigabit Ethernet 1000Base-SX/LX/T support as per IEEE 802.3 - 2002.McAfee supports the IEEE 802.3 - 2002 standard on all Ethernet Sensor interfaces.
          Support for Auto-negotiation of speed and duplex mode for all data rates as per IEEE 802.3 – 2002.McAfee supports the IEEE 802.3 - 2002 standard on all Ethernet Sensor interfaces.
                     
                     
          A Manual setting option for speed and duplex mode for all data rates as per IEEE 802.3 - 2002.McAfee supports the IEEE 802.3 - 2002 standard on all Ethernet Sensor interfaces.
                     
                      For further information:            
          • See the Sensor CLI Guide - PD20591:
                            Use the specific command: set intfport id speed duplex
          • See the Configuring ports for M-series Sensors section of the Sensor Configuration Guide: PD20592.
                     
          Content based scanning examines packets and traffic streams with Exploit-based signatures.McAfee’s IntruShield Sensor leverages Exploit-based signatures.
                     
                      For further information on this see the Customizing Exploit-attack enforcement section of the NSP IPS Configuration Guide: PD20583 .
          Content based scanning examines packets and traffic streams with vulnerability-based signatures.McAfee’s IntruShield Sensor leverages vulnerability-based signatures.
                     
                      For further information on this see the Understanding Attack Descriptions section of the NSP IPS Configuration Guide: PD20583.
          The Sensor shall incorporate a hardened Operating systemMcAfee’s IntruShield Sensors are hardened networking security appliances utilizing VxWorks, a real time operating environment.
                     
                      The VxWorks Operating System (OS) is complemented with a hardened Linux OS which supports the management CLI through the console port or via SSH and provides management functions to the monitoring and decoding processors. The Linux shell is separated from the traffic processing and inspection engine and is completely isolated from the monitor ports so it cannot be exploited from the monitored segments.
                     
                      For further information on this see the Supported Cipher Suites section of the NSP IPS Configuration Guide: PD20583 .
          Management Web interface uses SSL v3.1 and/or TLS v1.0Users and Administrators securely access McAfee’s Network Security Manager (NSM) via a browser and SSL v3.1 and TLS v1.0 are both supported.
          Sensor access offers support for SSH Version 2.McAfee’s IntruShield Sensor offers SSH Version 2 access.
                      For further information on this see the Logging onto the Sensor via an SSH Client section of the NSP IPS Configuration Guide: PD20583 .

           

          Message was edited by: ahmed.eissa on 11/14/11 5:40:31 AM CST