Manualshelf

HP 3PAR InForm OS Common Criteria Administrator's Reference (QL226-96586, October 2012)

ManualsBrandsHP ManualsComputer AccessoriesHP 3PAR InForm T400/4x300GB 15K SAS Magazine E-LTU
11121314151617181920
17 Operating in Common Criteria Mode
Remote Copy
The Remote Copy application involves network communication between HP 3PAR Storage
System peers. This communication uses a protocol that is unencrypted and
unauthenticated. Though the application configuration assumes that the connection is a
point-to-point VPN including only the two peers, since the protocol is unsecured and the
peers do not authenticate each other, Remote Copy was excluded from the evaluated
configuration.
System Event Consumer Interface
The system event consumer interface (em_filter) is a non-encrypted and non-authenticated
service on the HP 3PAR Storage System that allows external clients to receive system-
related events. Example users of this interface are the Service Processor and the Recovery
Manager (RM) VASA event awareness feature. CC conformance requires that all
communications on the management interfaces be secured and authenticated. For these
reasons, the system event consumer interface was excluded from the evaluated
configuration. The impact of this exclusion is that any external component that is
dependent on this functionality will not be able to perform this functionality (see “Service
Processor Considerations” on page 25).
Logging of Security-related Events
The Common Criteria standard defines events to trace the occurrence of various security
functions. Table 5 on the following page maps the HP 3PAR Storage System event(s)
generated to the auditable events for each Security Functional Requirement (SFR) as set
forth in the security targets that govern the HP 3PAR Storage System Common Criteria
conformance. Administrators should pay special attention to monitoring the event log for
the occurrence of security-related events. For information on auditing security-relevant
events, see “Auditing Security-Relevant Events” on page 29.
(More information on the individual security requirements can be obtained by accessing
the HP 3PAR security targets at http://www.niap-ccevs.org/vpl.)