Re: FW-1 running on Trusted Solaris 2.5 ?

[mcnabb () argus-systems com (Paul McNabb)]

>  From: "Marcus J. Ranum" <mjr () nfr net>
>  To: firewall-wizards () nfr net
>  
>  > It has been said that Trusted Solaris (Orange Book B2-level) runs Off-The-
>  > Shelf software. Would it then be able to run Checkpoint FW-1 ?
>  
>  My guess would be that things will break, since the
>  trusted O/S layer reaches down into the kernel in a
>  lot of places.

I can't speak for SunFed's Trusted Solaris, but the Argus's trusted
Solaris works fine with Checkpoint.

The bigger issue here is "what does B1 get you on a firewall".  As a
company who has been working in the area for a long time, I can say that
the benefits of a B1 O/S on a pure kernel-based firewall is marginal.
If the system has had its protocol stack examined as part of the
evaluation, you are going to have a higher assurance against some
problems, but I think the O/S is not the weak link in the chain here.

However, trusted operating systems can be very important when the firewall
is providing services other than a pure firewall, such as allowing access
via a network for administration.  I hope all system security/admin folks
will wince and moan when their management calls for this strategy, but
the reality is that a significant number of firewalls I have seen are
actually administered through a network connection rather than the system
console.  When this starts happening, trusted operating systems can play
a very significant role in limiting damage.

In general, trusted operating systems are much better at adding value
when user processes are involved than when the kernel is the primary
focus of activity.

paul

---------------------------------------------------------
Paul McNabb                     Argus Systems Group, Inc.
Vice President and CTO          1809 Woodfield Drive
mcnabb () argus-systems com        Savoy, IL 61874 USA
TEL 217-355-6308
FAX 217-355-1433                "Securing the Future"
---------------------------------------------------------