McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
National Information Assurance Partnership
Common Criteria Evaluation and Validation Scheme
Validation Report
McAfee Policy Auditor 5.2 and ePolicy Orchestrator 4.5
Report Number: CCEVS-VR-VID10337-2011
Dated: 7 March 2011
Version: 1.0
National Institute of Standards and Technology National Security Agency
Information Technology Laboratory Information Assurance Directorate
100 Bureau Drive 9800 Savage Road STE 6940
Gaithersburg, MD 20899 Fort George G. Meade, MD 20755-6940
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
ii
ACKNOWLEDGEMENTS
Validation Team
Mike Allen (Lead Validator)
Jerome F. Myers (Senior Validator)
Aerospace Corporation
Columbia, Maryland
Common Criteria Testing Laboratory
COACT CAFÉ Laboratory
Columbia, Maryland 21046-2587
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
iii
Table of Contents
1 Executive Summary................................................................................................................ 1
2 Identification........................................................................................................................... 3
2.1 Applicable Interpretations............................................................................................... 4
3 Security Policy........................................................................................................................ 5
4 Assumptions and Clarification of Scope................................................................................. 6
4.1 Personnel Security Assumptions..................................................................................... 6
4.2 Physical Security Assumptions....................................................................................... 6
4.3 Environmental Assumptions........................................................................................... 6
4.4 Clarification of Scope ..................................................................................................... 6
5 Architectural Information ....................................................................................................... 8
6 Documentation...................................................................................................................... 10
7 IT Product Testing ................................................................................................................ 11
7.1 Evaluator Functional Test Environment....................................................................... 11
7.2 Functional Test Results................................................................................................. 14
7.3 Evaluator Independent Testing ..................................................................................... 14
7.4 Evaluator Penetration Tests .......................................................................................... 15
8 Evaluated Configuration ....................................................................................................... 17
9 Results of the Evaluation ...................................................................................................... 19
10 Validator Comments/Recommendations .............................................................................. 20
11 Security Target...................................................................................................................... 21
12 Glossary ................................................................................................................................ 22
13 Bibliography ......................................................................................................................... 24
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
1
1 Executive Summary
This report is intended to assist the end-user of this product and any security certification Agent
for that end-user in determining the suitability of this Information Technology (IT) product in
their environment. End-users should review both the Security Target (ST), which is where
specific security claims are made, in conjunction with this Validation Report (VR), which
describes how those security claims were evaluated and any restrictions on the evaluated
configuration. Prospective users should carefully read the Validator Comments in Section 10.
This report documents the National Information Assurance Partnership (NIAP) assessment of the
evaluation of the McAfee Policy Auditor 5.2 and ePolicy Orchestrator 4.5. It presents the
evaluation results, their justifications, and the conformance results. This Validation Report is not
an endorsement of the Target of Evaluation (TOE) by any agency of the U.S. Government and
no warranty of the TOE is either expressed or implied. This Validation Report applies only to
the specific version and configuration of the product as evaluated and documented in the
Security Target.
The evaluation of the McAfee Policy Auditor 5.2 and ePolicy Orchestrator 4.5 was performed by
the CAFÉ Laboratory of COACT Incorporated, the Common Criteria Testing Laboratory, in
Columbia, Maryland USA and was completed in December 2010.
The information in this report is largely derived from the Security Target (ST), Evaluation
Technical Report (ETR) and associated test report. The ST was written by Apex Assurance
Group, LLC of Palo Alto, California for McAfee, Inc. The ETR and test report used in
developing this validation report were written by COACT. The evaluation was performed to
conform to the requirements of the Common Criteria for Information Technology Security
Evaluation, Version 3.1 R2, dated September 2007 at Evaluation Assurance Level 2 (EAL 2)
augmented with ALC_FLR.2 and the Common Evaluation Methodology for IT Security
Evaluation (CEM), Version 3.1 R2, dated September 2007. The product, when configured as
specified in the installation guides and user guides, satisfies all of the security functional
requirements stated in the McAfee Policy Auditor 5.2 and ePolicy Orchestrator 4.5 Security
Target. The evaluation team determined the product to be both Part 2 Conformant and Part 3
Augmented, and meets the assurance requirements of EAL 2 with ALC_FLR.2. All security
functional requirements are derived from Part 2 of the Common Criteria.
The TOE is an agent-based, purpose-built IT policy audit application that leverages the XCCDF
and OVAL security standards to automate the processes required for internal and external IT
audits. McAfee Policy Auditor evaluates the status of managed systems relative to audits that
contain benchmarks. Benchmarks contain rules that describe the desired state of a managed
system. Benchmarks are distributed with the TOE or imported into McAfee Benchmark Editor
and, once activated, can be used by Policy Auditor. Benchmarks are written in the open-source
XML standard formats Extensible Configuration Checklist Description Format (XCCDF) and the
Open Vulnerability Assessment Language (OVAL). XCCDF describes what to check while
OVAL specifies how to perform the check.
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
2
ePO provides the user interface for the TOE via a GUI accessed from remote systems using web
browsers. The ePO web dashboard represents policy compliance by benchmark. Custom reports
can be fully automated, scheduled, or exported. ePO requires users to identify and authenticate
themselves before access is granted to any data or management functions. Audit records are
generated to record configuration changes made by users. The audit records may be reviewed
via the GUI.
Based upon per-user permissions, users may configure the systems to be audited for policy
compliance (the “managed systems”) along with the benchmarks to be checked. The Policy
Auditor Agent Plug-In executing on the managed systems performs the policy audit and returns
the results to Policy Auditor. Policy Auditor allows you to conduct policy audits on various
releases of the following operating systems (See Section 5 below):
 Microsoft Windows
 Macintosh OS X
 HP-UX
 Solaris
 Red Hat Linux
 AIX
Users can review the results of the policy audits via ePO. Access to this information is again
limited by per-user permissions.
Communication between the distributed components of the TOE is protected from disclosure and
modification by cryptographic functionality provided by the operational environment.
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
3
2 Identification
The CCEVS is a joint National Security Agency (NSA) and National Institute of Standards and
Technology (NIST) effort to establish commercial facilities to perform trusted product
evaluations. Under this program, commercial testing laboratories called Common Criteria
Testing Laboratories (CCTLs) using the Common Evaluation Methodology (CEM) for
Evaluation Assurance Level (EAL) 1 through EAL 4 in accordance with National Voluntary
Laboratory Assessment Program (NVLAP) accreditation conduct security evaluations.
The NIAP Validation Body assigns Validators to monitor the CCTLs to ensure quality and
consistency across evaluations. Developers of information technology (IT) products, desiring a
security evaluation, contract with a CCTL and pay a fee for their product’s evaluation. Upon
successful completion of the evaluation, the product is added to NIAP’s Validated Products List.
Table 1 provides information needed to completely identify the product, including:
 The Target of Evaluation (TOE): the fully qualified identifier of the product as evaluated;
 The Security Target (ST), describing the security features, claims, and assurances of the product;
 The conformance result of the evaluation;
 The Protection Profile to which the product is conformant (if any); and
 The organizations and individuals participating in the evaluation.
Table 1: Evaluation Identifiers
Item Identifier
Evaluation Scheme United States NIAP Common Criteria Evaluation and Validation Scheme
Target of Evaluation McAfee Policy Auditor 5.2 and ePolicy Orchestrator 4.5
Protection Profile None
Security Target
McAfee Policy Auditor 5.2 and ePolicy Orchestrator 4.5 Security Target, Version
2.0.2, February 2, 2011
Dates of evaluation February 16, 2009 through December 2010
Evaluation Technical Report
Evaluation Technical Report for the McAfee Policy Auditor 5.2 and ePolicy
Orchestrator 4.5, Document No. F2-0211-001, February 4, 2011
Conformance Result Part 2 conformant and EAL2 Part 3 augmented with ALC_FLR.2
Common Criteria version Common Criteria for Information Technology Security Evaluation Version
3.1R2, September 2007 and all applicable NIAP and International
Interpretations effective on December 19, 2008
Common Evaluation
Methodology (CEM) version
CEM version 3.1R2 dated September 2007and all applicable NIAP and
International Interpretations effective on February 16, 2009
Sponsor McAfee, Inc., 3965 Freedom Circle, Santa Clara, California 95054
Developer McAfee, Inc., 3965 Freedom Circle, Santa Clara, California 95054
Common Criteria Testing Lab COACT Inc. CAFÉ Labs, Columbia, MD
Evaluators Bob Roland, Greg Beaver, Pascal Patin and Brian Pleffner
Validation Team Dr. Jerome Myers and Mike Allen of The Aerospace Corporation
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
4
2.1 Applicable Interpretations
The following NIAP and International Interpretations were determined to be applicable when the
evaluation started.
NIAP Interpretations
I-0418 – Evaluation of the TOE Summary Specification: Part 1 Vs Part 3
I-0426 – Content of PP Claims Rationale
I-0427 – Identification of Standards
International Interpretations
None
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
5
3 Security Policy
The security requirements enforced by the McAfee Policy Auditor 5.2 and ePolicy Orchestrator
4.5 were designed based on the following overarching security policies:
 Policy Audits. The TOE audits managed systems to determine policy compliance on
those systems. Results of the policy audits are stored in the database (the DBMS is in the
IT Environment), and reports based upon completed policy audits may be retrieved via
the GUI interface or by generating SCAP-conformant XML files to be shared with
external systems.
 Identification. On the management system, the TOE requires users to identify and
authenticate themselves before accessing the TOE software. User accounts must be
defined within ePO, but authentication of the user credentials is performed by Windows.
No action can be initiated before proper identification and authentication. Each TOE user
has security attributes associated with their user account that defines the functionality the
user is allowed to perform. On the management system and all managed systems, I&A
for local login to the operating system (i.e., via a local console) is performed by the local
OS (IT Environment).
 Management. The TOE’s Management Security Function provides support
functionality that enables users to configure and manage TOE components. Management
of the TOE may be performed via the GUI. Management privileges are defined per user.
 Audit. The TOE’s Audit Security Function provides auditing of management actions
performed by administrators. Authorized users may review the audit records via ePO.
 System Information Import. The TOE may be configured to import information about
systems to be managed from Active Directory (LDAP servers) or NT domain controllers.
This functionality ensures that all the defined systems in the enterprise network are
known to the TOE and may be configured to be managed.
 SCAP Data Exchange. The TOE imports and exports SCAP benchmark assessment
data. This functionality ensures that the assessments remain current as new benchmarks
are developed and allows custom-designed benchmarks in the TOE to be made available
to other systems.
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
6
4 Assumptions and Clarification of Scope
The assumptions in the following paragraphs were made during the evaluation of McAfee Policy
Auditor 5.2 and ePolicy Orchestrator 4.5.
4.1 Personnel Security Assumptions
 There will be one or more competent individuals assigned to manage the TOE and the
security of the information it contains.
 The authorized administrators are not careless, wilfully negligent or hostile, and will
follow and abide by the instructions provided by the TOE documentation.
4.2 Physical Security Assumptions
 The TOE hardware and software critical to security policy enforcement will be protected
from unauthorized physical modification.
 The processing resources of the TOE will be located within controlled access facilities,
which will prevent unauthorized physical access.
4.3 Environmental Assumptions
 The TOE has access to all the IT System data it needs to perform its functions.
 The TOE will be managed in a manner that allows it to appropriately address changes in
the IT System the TOE monitors.
 The TOE is appropriately scalable to the IT System the TOE monitors.
 Access to the database used by the TOE via mechanisms outside the TOE boundary is
restricted to use by authorized users.
4.4 Clarification of Scope
All evaluations (and all products) have limitations, as well as potential misconceptions that need
clarifying. This text covers some of the more important limitations and clarifications of this
evaluation. Note that:
 The assumptions about the underlying operating system mean that to achieve true EAL 2
level of assurance for the complete McAfee Policy Auditor 5.2 and ePolicy Orchestrator
4.5 system, the operating system and underlying hardware need to be evaluated at or
above the EAL 2 level of assurance.
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
7
 There can be no other applications or servers running on the operating system or
hardware platform used to support the McAfee Policy Auditor 5.2 and ePolicy
Orchestrator 4.5.
 The process to track flaws and updates may require purchase of a Service Level
Agreement (See the Validator’s Comments, Section 10 below, for further details).
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
8
5 Architectural Information
The TOE consists of a set of software applications. The hardware, operating systems and all
third party support software (e.g., DBMS) on the systems on which the TOE executes are
excluded from the TOE boundary.
The platform on which the ePO, Policy Auditor and Benchmark Editor software is installed must
be dedicated to functioning as the management system. ePO operates as a distribution system
and management system for a client-server architecture offering components for the server part
of the architecture (not the clients). The TOE requires the following hardware and software
configuration on this platform.
COMPONENT MINIMUM REQUIREMENTS
Processor Intel Pentium III-class or higher; 1GHz or higher
Memory 1 GB RAM
Free Disk Space 1 GB
Monitor 1024x768, 256-color, VGA monitor or higher
Operating System Windows Server 2003 Enterprise with Service Pack 1 or
later
Windows Server 2003 Standard with Service Pack 1 or later
Windows Server 2003 Web with Service Pack 1 or later
Windows Server 2003 R2 Enterprise
Windows Server 2003 R2 Standard
Windows Server 2008 Enterprise
Windows Server 2008 Standard
Current security updates
DBMS Microsoft SQL Server 2005
Microsoft SQL Server 2008
Additional Software MDAC 2.8
MSI 3.1
Apache 2.0.54.0
Tomcat 5.5.25
Sun JRE 1.6.0_06
RSA SSL-J 4.1.4
RSA Crypto-J 3.3.4_01
RSA Cert-J 2.0.3
Network Card Ethernet, 100Mb or higher
Disk Partition Formats NTFS
Domain Controllers The system must have a trust relationship with the Primary
Domain
Controller (PDC) on the network
The McAfee Agent and Policy Auditor Agent Plug-In execute on one or more systems whose
policy settings are to be audited. The supported platforms for these components are:
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
9
SUPPORTED AGENT OS PLATFORM
Windows 2000 Server with SP 1, 2, 3, or 4 X86 platforms
Windows 2000 Advanced Server with SP 1, 2, 3,
or 4
X86 platforms
Windows 2000 Professional with SP 1, 2, 3, or 4 X86 platforms
Windows XP Professional with SP1 X86 and X64 platforms
Windows Server 2003 Standard Edition X86 and X64 platforms
Windows Server 2003 Enterprise Edition X86 and X64 platforms
Windows Vista X86 and X64 platforms
Windows 2008 Server X86 and X64 platforms
Mac OS X 10.4 X86 and X64 platforms,
PowerPC
Mac OS X 10.5 X86 and X64 platforms,
PowerPC
HP-UX 11i v1 RISC
HP-UX 11i v2 RISC
Solaris 8 SPARC
Solaris 9 SPARC
Solaris 10 SPARC
Red Hat Linux AS, ES, WS 4.0 X86 and X64 platforms
Red Hat Enterprise Linux 5.0, 5.1 X86 and X64 platforms
AIX 5.3 (TL8 of later) and AIX 6.1 Power 5
The minimum hardware requirements for the agent platforms are specified in the following table:
COMPONENT MINIMUM HARDWARE REQUIREMENTS
Memory 20MB RAM
Free Disk Space 80MB
Network Card Ethernet, 10Mb or higher
The management system is accessed from remote systems via a browser. The supported
browsers are Microsoft Internet Explorer 6.0 with Service Pack 1 or later or Microsoft Internet
Explorer 7.0.
The TOE relies on Windows to authenticate user credentials during the logon process. User
accounts must also be defined within ePO in order to associate permissions with the users.
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
10
6 Documentation
This section provides a complete listing of the IT product documentation provided with the
McAfee Policy Auditor 5.2 and ePolicy Orchestrator 4.5 by the developer to the consumer or
available from McAfee on their web site. All of this documentation was evaluated as part of the
product evaluation.
1. McAfee ePolicy Orchestrator 4.5 Product Guide
2. McAfee ePolicy Orchestrator 4.5 Installation Guide
3. McAfee Benchmark Editor 5.2.0 Product Guide for ePO 4.5
4. McAfee Policy Auditor 5.2.0 Product Guide for ePolicy Orchestrator 4.5
5. McAfee Policy Auditor 5.2.0 Installation Guide
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
11
7 IT Product Testing
Testing was completed on December 28, 2010 at the COACT CCTL in Columbia, Maryland.
COACT employees performed the tests.
7.1 Evaluator Functional Test Environment
Testing was performed on the following test bed configuration.
The following figure graphically displays the test configuration used for functional testing. The
evaluator test configuration is equivalent to the vendor test setup. The evaluator test setup also
includes the Active Directory/DNS.
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
12
An overview of the purpose of each of these systems is provided in the following table.
System Purpose
Management System This system provides the management functionality for
the TOE. The system includes the ePO, Benchmark
Editor, and Policy Auditor. The Microsoft SQL Server
is installed to provide the database storage.
Windows System 1 This system hosts the Policy Auditor Agent Plugin and
the McAfee Agent for the Windows OS environment.
The agents will scan the system for vulnerabilities.
Linux Managed System This system hosts the Policy Auditor Agent Plugin and
the McAfee Agent for the Linux OS environment.
The agents will scan the system for vulnerabilities.
MAC Managed System This system hosts the Policy Auditor Agent Plugin and
the McAfee Agent for the MAC OS environment. The
agents will scan the system for vulnerabilities.
Attack PC This system provides the attack and penetration test
tools.
Active Directory & DNS
Server
This system provides the Active Directory and Domain
Name System (DNS) infrastructure for the testing.
The mail server is also installed on this PC.
System Admin Console The management system is accessed from the System
Admin Console via a browser.
Switch Not shown in the figure above, but included in the test
configuration is a NetGear GS716T switch that will be
used to connect the different systems on the network.
Specific configuration details for each of the systems are provided in the tables below.
Management System Requirements
Processor Intel Pentium 2.8 G
Memory 2 GB RAM
Disk Space 75 GB
Operating
System
Windows Server 2003 SP2
DBMS Microsoft SQL Server 2005
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
13
Additional
Software
MDAC 2.8
MSI 3.1
Apache 2.0.54.0
Tomcat 5.5.25
Sun JRE 1.6.0_06
RSA SSL-J 4.1.4
RSA Crypto-J 3.3.4_01
RSA Cert-J 2.0.3
Network Card Ethernet
Disk Partition
Formats
NTFS
Managed System 1 Requirements
Operating
System
Windows Server 2003 SP2
Additional
Software
N/A
Network Card Ethernet
Disk Partition
Formats
NTFS
Attack PC Details
Item Purpose
Installed
software
Windows XP Professional SP3
Internet Explorer 6.0 SP1or later
WinZip 10
ZENMAP GUI 5.21
Nmap 5.21
NEWT 3
SnagIt 8
WireShark 1..02
Nessus Version 4.2
Paros Proxy 3.2.13
Open Office Version 3.2.1
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
14
Active Directory & DNS Server Details
Item Purpose
Installed
software
Microsoft Windows 2000 Server SP4
Mail Enable Standard Edition Version 1.986.0.0
System Admin Console PC Details
Item Purpose
Installed
software
Windows XP Professional with SP3
Microsoft Internet Explorer 7
Open Office Version 3.2.1
Snagit Version 1.4
Adobe Reader Version 9.4
MAC Managed System
Item Purpose
Installed
software
MAC OS X 10.5
Linux Managed System
Item Purpose
Installed
software
Red Hat Enterprise Linux Version 5.1
7.2 Functional Test Results
The repeated developer test suite includes all of the developer functional tests. Additionally,
each of the Security Function and developer tested TSFI are included in the CCTL test suite.
Results are found in the E2-0910-002(3) McAfee Policy Auditor Evaluation Test
Report, dated December 28, 2010.
7.3 Evaluator Independent Testing
The tests chosen for independent testing allow the evaluation team to exercise the TOE in a
different manner than that of the developer’s testing. The intent of the independent tests is to
give the evaluation team confidence that the TOE operates correctly in a wider range of
conditions than would be possible purely using the developer’s own efforts, given a fixed level
of resource. The selected independent tests allow for a finer level of granularity of testing
compared to the developer’s testing, or provide additional testing of functions that were not
exhaustively tested by the developer. The tests allow specific functions and functionality to be
tested. The tests reflect knowledge of the TOE gained from performing other work units in the
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
15
evaluation. The test environment used for the evaluation team’s independent tests was identical
with the test configuration used to execute the vendor tests.
7.4 Evaluator Penetration Tests
The evaluator examined each of the obvious vulnerabilities identified during the developer’s
vulnerability analysis. After consulting the sources identified by the developer used during the
initial vulnerability analysis, the evaluator examined sources of information publicly available to
support the identification of possible potential vulnerabilities in the TOE. The evaluator
searched the Internet for potential vulnerabilities in the TOE using the web sites listed below.
The evaluator searched the Internet for potential vulnerabilities in the TOE using the web sites
listed below. The sources of the publicly available information are provided below.
A) http://cve.mitre.org
B) http://google.com
C) http://osvdb.org/
D) http://www.securityfocus.com/
E) http://secunia.com/
F) http://www.us-cert.gov
G) http://securitytracker.com/
H) http://web.nvd.nist.gov
I) http://www.cvedetails.com/
The evaluator performed the public domain vulnerability searches using the following key
words.
A) McAfee
B) McAfee 5.2
C) McAfee Policy Auditor
D) Policy Auditor
E) Policy Auditor Agent
F) Benchmark
G) Benchmark Editor
H) McAfee Benchmark Editor
I) McAfee Agent
J) ePolicy
K) ePolicy Orchestrator
L) McAfee ePolicy Orchestrator 4.5
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
16
After verifying that the developer’s analysis approach sufficiently included all of the necessary
available information regarding the identified vulnerabilities, the evaluator made an assessment
of the rationales provided by the developer indicting that the vulnerability is non-exploitable in
the intended environment of the TOE.
While verifying the information found in the developer’s vulnerability assessment the evaluators
conducted a search to verify if additional obvious vulnerabilities exist for the TOE. Additionally,
the evaluator examined the provided design documentation and procedures to attempt to identify
any additional vulnerabilities.
The evaluator determined that the rationales provided by the developer indicate that the
vulnerabilities identified are non-exploitable in the intended environment of the TOE.
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
17
8 Evaluated Configuration
The evaluated configuration, as defined in the Security Target, is McAfee Policy Auditor 5.2 and
ePolicy Orchestrator 4.5 running on the following platforms:
COMPONENT MINIMUM REQUIREMENTS
Processor Intel Pentium III-class or higher; 1GHz or higher
Memory 1 GB RAM
Free Disk Space 1 GB
Monitor 1024x768, 256-color, VGA monitor or higher
Operating System Windows Server 2003 Enterprise with Service Pack 1 or
later
Windows Server 2003 Standard with Service Pack 1 or later
Windows Server 2003 Web with Service Pack 1 or later
Windows Server 2003 R2 Enterprise
Windows Server 2003 R2 Standard
Current security updates
DBMS Microsoft SQL Server 2005
Microsoft SQL Server 2008
Additional Software MDAC 2.8
MSI 3.1
Apache 2.0.54.0
Tomcat 5.5.25
Sun JRE 1.6.0_06
RSA SSL-J 4.1.4
RSA Crypto-J 3.3.4_01
RSA Cert-J 2.0.3
Network Card Ethernet, 100Mb or higher
Disk Partition Formats NTFS
Domain Controllers The system must have a trust relationship with the Primary
Domain
Controller (PDC) on the network
The McAfee Agent and Policy Auditor Agent Plug-In execute on one or more systems whose
policy settings are to be audited. The supported platforms for these components are:
SUPPORTED AGENT OS PLATFORM
Windows 2000 Server with SP 1, 2, 3, or 4 X86 platforms
Windows 2000 Advanced Server with SP 1, 2, 3,
or 4
X86 platforms
Windows 2000 Professional with SP 1, 2, 3, or 4 X86 platforms
Windows XP Professional with SP1 X86 and X64 platforms
Windows Server 2003 Standard Edition X86 and X64 platforms
Windows Server 2003 Enterprise Edition X86 and X64 platforms
Windows Vista X86 and X64 platforms
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
18
SUPPORTED AGENT OS PLATFORM
Windows 2008 Server X86 and X64 platforms
Mac OS X 10.4 X86 and X64 platforms,
PowerPC
Mac OS X 10.5 X86 and X64 platforms,
PowerPC
HP-UX 11i v1 RISC
HP-UX 11i v2 RISC
Solaris 8 SPARC
Solaris 9 SPARC
Solaris 10 SPARC
Red Hat Linux AS, ES, WS 4.0 X86 and X64 platforms
Red Hat Enterprise Linux 5.0, 5.1 X86 and X64 platforms
AIX 5.3 (TL8 of later) and AIX 6.1 Power 5
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
19
9 Results of the Evaluation
The evaluator devised a test plan and a set of test procedures to test the TOE’s mitigation of the
identified vulnerabilities by testing the product for selected developer identified vulnerabilities.
The evaluation determined that the product meets the requirements for EAL 2. The details of the
evaluation are recorded in the Evaluation Technical Report (ETR), which is controlled by
COACT Inc.
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
20
10 Validator Comments/Recommendations
The validation team’s observations support the evaluation team’s conclusion that the McAfee
Policy Auditor 5.2 and ePolicy Orchestrator 4.5 meets the claims stated in the Security Target.
The validation team also wishes to add the following clarification about the use of the product.
 For user’s who wish to report or monitor flaws, a Knowledge Base (KB) article is posted
to McAfee’s public support website. Users may access the KB articles without
purchasing a support agreement. For customers who chose to purchase a support
agreement, proactive notification will be provided based on their paid support level and
corresponding SLA (i.e, Gold, Gold Select, Platinum, or Platinum Select). Note that
Policy Auditor is an enterprise product and it is sold with a minimum of 12 months of
Gold level support by default. Should the support agreement lapse beyond its term, the
customer may at their discretion access the McAfee public support website to review
relevant KB articles for their particular product(s).
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
21
11 Security Target
The Security Target is identified as the McAfee Policy Auditor 5.2 and ePolicy Orchestrator 4.5
Security Target, Version 2.0.2, February 2, 2011. The document identifies the security
functional requirements (SFRs) that are levied on the TOE, which are necessary to implement
the TOE security policies. Additionally, the Security Target specifies the security assurance
requirements necessary for EAL 2 augmented with ALC_FLR.2.
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
22
12 Glossary
The following abbreviations and definitions are used throughout this document:
AD Active Directory
ADO ActiveX Data Objects
API Application Program Interface
CC Common Criteria
CCE Common Configuration Enumeration
CM Configuration Management
CPE Common Platform Enumeration
CVE Common Vulnerabilities and Exposures
CVSS Common Vulnerability Scoring System
DBMS DataBase Management System
DNS Domain Name System
EAL Evaluation Assurance Level
ePO ePolicy Orchestrator
FDCC Federal Desktop Core Configuration
GUI Graphical User Interface
I&A Identification & Authentication
ICMP Internet Control Message Protocol
IDS Intrusion Detection System
IIS Internet Information Services
IP Internet Protocol
IPS Intrusion Prevention System
IT Information Technology
LDAP Lightweight Directory Access Protocol
MAC Media Access Control
MDAC Microsoft Data Access Components
NTFS New Technology File System
NTLM NT LAN Manager
OS Operating System
OVAL Open Vulnerability Assessment Language
PP Protection Profile
RAM Random Access Memory
SCAP Security Content Automation Protocol
SF Security Function
SFR Security Functional Requirement
SOAP Simple Object Access Protocol
SP Service Pack
SQL Structured Query Language
SSL Secure Socket Layer
ST Security Target
TCP Transmission Control Protocol
TOE Target of Evaluation
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
23
TSF TOE Security Function
TSFI TSF Interface
UDP User Datagram Protocol
XCCDF eXtensible Configuration Checklist Description Format
McAfee Policy Auditor and ePolicy Orchestrator Validation Report, Version 1.0 March 2011
24
13 Bibliography
The Validation Team used the following documents to produce this Validation Report:
1.) Common Criteria Project Sponsoring Organisations. Common Criteria for Information
Technology Security Evaluation: Part 1: Introduction and General Model, Version 3.1 R2,
September 2007.
2.) Common Criteria Project Sponsoring Organisations. Common Criteria for Information
Technology Security Evaluation: Part 2: Security Functional Requirements, Version 3.1 R2,
September 2007.
3.) Common Criteria Project Sponsoring Organisations. Common Criteria for Information
Technology Security Evaluation: Part 3: Security Assurance Requirements, Version 3.1 R2,
September 2007.
4.) Common Criteria Project Sponsoring Organisations. Common Evaluation Methodology for
Information Technology Security, Version 3.1 R2, September 2007.
5.) Common Criteria Project Sponsoring Organisations. Common Evaluation Methodology for
Information Technology Security – Part 2: Evaluation Methodology, Version 3.1R2,
September 2007.
6.) Common Criteria, Evaluation and Validation Scheme for Information Technology Security,
Guidance to Validators of IT Security Evaluations, Scheme Publication #3, Version 1.0,
January 2002.
7.) McAfee Policy Auditor 5.2 and ePolicy Orchestrator 4.5 Test Report, December 28, 2010,
Document No. E2-0910-002(3).
8.) Evaluation Technical Report for the McAfee Policy Auditor 5.2 and ePolicy Orchestrator
4.5, Document No. F2-0211-001, February 4, 2011.
9.) McAfee Policy Auditor 5.2 and ePolicy Orchestrator 4.5 Security Target, Version 2.0.2,
February 2, 2011.