Regarding your response to this article as follows:
>
>I noticed that sections 2.8.1.1-3 deal with security labels for Types 3,
>5, and 6 firewalls. Also, sections 4.1.6.1.5-6 state that Table 2 security
>label handling is a mandatory requirement.
>See also 4.1.8.1.5-6 and Table 4.
>See also 4.2.4.1.1 and Table 8.
>
>We do all this with Solaris, but I don't think many others do. If I
>remember correctly, Secure Computing and DEC may have done this. If
>Jon Spencer is still with us, he can let us know about DG. Is filtering
>on security labels and assigning default labeling a common firewall
>requirement in Australia?
>
>paul
>
To answer your question directly, filtering on security labels is not a
common requirement.
My own experience with security labelling has been with HP's BLS (B1 level
HP-UX OS). Given that there are not too many installations around the place
using this OS, I have found the reference document is still a reasonable
guide with the labelling requirements discarded.
The document does not mandate security labels for Type-3 firewalls anyway -
this and mandatory access controls are advisory only.
Scott.
|
|
