Firewalls: Re: C2 certified OS that can run a firewall

Firewalls
(September 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: C2 certified OS that can run a firewall
From:	Rick Smith <smith @ sctc . com>
Date:	Fri, 6 Sep 1996 10:44:16 -0500
To:	Firewalls @ GreatCircle . COM
Cc:	smith @ sctc . com

Bill Stout says:

: Using ancient government specs for leading edge technology is like trying
: to wedge square pegs into round holes.

Yes, but the ancient government specs have produced most of the
systems today that provide the sort of protection needed to serve the
Internet community including potentially hostile users.

We largely ignored the TCSEC when building Sidewinder and its
mandatory access control, though the team had lots of experience with
TCSEC high assurance system development. Though it wasn't intended to
be TCSEC compliant, Sidewinder still comes close.  If we configured
some security levels into the type enforcement tables, it would
probably fall somewhere between B1 and B2, with a little B3.

Rick.
smith @
 sctc .
 com         secure computing corporation

Indexed By Date	Previous:	Re: C2 certified OS that can run a firewall From: Rick Smith <smith @ sctc . com>
Indexed By Date	Next:	Re: fw-1 2.0: Menu too large for screen From: "Barbara W. Jaarsma" <barbara @ us . checkpoint . com>
Indexed By Thread	Previous:	Re: C2 certified OS that can run a firewall From: Rick Smith <smith @ sctc . com>
Indexed By Thread	Next:	Re: WWW servers (Again) From: "Geoffrey Ellison" <geoff @ smartnet . co . za>