Regarding your response to this article as follows:
>I noticed that sections 22.214.171.124-3 deal with security labels for Types 3,
>5, and 6 firewalls. Also, sections 126.96.36.199.5-6 state that Table 2 security
>label handling is a mandatory requirement.
>See also 188.8.131.52.5-6 and Table 4.
>See also 184.108.40.206.1 and Table 8.
>We do all this with Solaris, but I don't think many others do. If I
>remember correctly, Secure Computing and DEC may have done this. If
>Jon Spencer is still with us, he can let us know about DG. Is filtering
>on security labels and assigning default labeling a common firewall
>requirement in Australia?
To answer your question directly, filtering on security labels is not a
My own experience with security labelling has been with HP's BLS (B1 level
HP-UX OS). Given that there are not too many installations around the place
using this OS, I have found the reference document is still a reasonable
guide with the labelling requirements discarded.
The document does not mandate security labels for Type-3 firewalls anyway -
this and mandatory access controls are advisory only.