Re: FW-1 running on Trusted Solaris 2.5 ?

[Rudolf Schreiner <ras () muc de>]

On Mon, 29 Sep 1997, Dexter D. Laggui wrote:

> It has been said that Trusted Solaris (Orange Book B2-level) runs Off-The-
> Shelf software. Would it then be able to run Checkpoint FW-1 ?

Trusted Solaris not is B2:

"Based on the SolarisTM 2.5.1 operating environment, Trusted Solaris 2.5 
is the first trusted system to use the Common Desktop Environment
(CDE) and can be customized to meet C2, B1 or CMW security requirements."

(http://www.sun.com/smi/Press/sunflash/9707/sunflash.970715.1114.html)

And it is not certified yet. Look at:
http://www.sun.com/products-n-solutions/government/trustedsolaris/faq.html
and the list of certified products on www.radium.ncsc.mil.

Running a firewall on an trusted and certified operating system is no 
bad idea _if the criteria are relevant to firewalls_.
The TCSEC are not, today they are almost obsolete. B1 gives you mandatory 
access control, that's not  important on a firewall. Assurance, 
something you really want, is not very impressive at B1. 
In the case of  FW-1 the packets don't even touch  all the nice security 
features of B1 because they are handled by a STREAMS module deep in the 
TCP/IP stack.

If you really want to run FW-1 on Trusted Solaris you have to asked 
Checkpoint. Even if you try FW-1 on Trusted Solaris and it seems to run OK
you're not on the safe side. FW-1 interacts with the OS-kernel and nobody 
knows what breaks under which conditions if you run it on an other OS 
version. It's better to ask the vendor which OS they recommend.

Rudi
ps: In the Orange Book are still some very important ideas, e.g. the 
concept of a "reference monitor": It has to be "small enough to be 
subjected  to analysis and tests." Is a stateful packet filter small 
enough?