This manual summarizes the hardware, software, and documentation for the server component of the NetWare® Enhanced Security configuration.
WARNING: The term NetWare Enhanced Security configuration refers to the C2 evaluated configuration for NetWare 4.11. It explicitly defines the hardware and software that may be used in a C2 server. Use of any other hardware or software not listed in this document is outside the scope of the server evaluation.
This document is intended for use by system integrators, accreditors, evaluators, and administrators to determine which materials are to be included in the NetWare Enhanced Security configuration.
This manual serves as an adjunct to NetWare Enhanced Security Administration, which describes how to administer the hardware and software listed in this manual.
NOTE: In Novell® documentation, an asterisk denotes a trademarked name belonging to a third-party company. Novell trademarks are denoted with specific trademark symbols, such as TM.
NetWare is a distributed network operating system made up of three network components:
The NetWare Enhanced Security server described in this document can serve an arbitrary number of workstations using the network media, limited only by software license restrictions. The server component is a Network Trusted Computing Base (NTCB) partition, which is used to enforce the security policies and to protect data stored on the server. The NetWare Enhanced Security server component must not be used to run untrusted software. NetWare Enhanced Security is designed to meet the Controlled Access implementation (Class C2) requirements of the Trusted Network Interpretation (TNI) [NCSC-TG-005] of the Trusted Computer System Evaluation Criteria (TCSEC) [DoD5200.28-STD]. The evaluated server is an IAD component, as defined in Appendix A of the TNI document. Server Overview describes the major hardware and software parts of the Enhanced Security server. The Yes Certification Program summarizes Novell's Yes certification program. Machine-Independent Software lists the machine-independent software. File Server Platform describes the certification procedures used for platform hardware and BIOS. Printer Hardware describes the certification procedures used for printers. Documentation describes the user documentation that is part of the NetWare Enhanced Security configuration. The following terms and acronyms are used throughout this manual. Every effort has been made not to duplicate or conflict with NCSC-TG-004, Version 1. However, some duplication may occur.
System Overview
Manual Overview
Terms and Acronyms
BIOS |
Basic Input/Output System |
EISA |
Enhanced Industry Standard Architecture. An open bus architecture used in higher performance DOS/Windows* workstations. |
EPL |
Evaluated Products List. |
IDE |
Integrated Drive Electronics. |
ISA |
Industry Standard Architecture. An open bus architecture used in DOS/Windows workstations. |
MCA |
Micro Channel* Architecture. An IBM* proprietary bus architecture. |
NLM |
NetWare Loadable Module. |
RAMP |
Rating Maintenance Phase. The phase of the Trusted Product Evaluation Program (TPEP) that follows the Evaluation Phase. RAMP consists of rating maintenance actions (RAMP cycles) that assess the compliance with applicable requirements of updated versions of the product and allow those versions to be listed on the EPL. During RAMP, the vendor performs the majority of the work to determine that changes to the product maintain the previously attained rating. |
SCSI |
Small Computer System Interface. An industry standard for peripheral devices. |
This section lists related documents which may be useful in conjunction with this manual.
Novell World Wide Web site |
Updates to this manual and other NetWare Enhanced Security documentation can be found in the Technical Support area of the Novell, Inc. World Wide Web site (http://www.novell.com). We recommend that you check this area regularly for updated NetWare Enhanced Security information. |
ODITestProc |
ODI Driver Test Procedures Using TESTCON, Version 1.4, Novell, Inc., Part Number 107-000073-001, January21, 1997 |
PrintTestProc |
Print/NEST Services Novell Certification Alliance Test Procedures (Revision D), Novell, Inc., Part Number 883-003-026, August 2, 1996 |
NESA |
NetWare Enhanced Security Administration, Novell, Inc., Part Number 100-003611-001 A, September 1996 |
StorageTestProc |
Novell Labs Storage Device, Device Driver, and Host Bus Adapter Test Procedures, Revision 2.7, Novell, Inc., Part Number 100-001997-001, April 11, 1996. |
SysCertProc |
Novell Labs SystemTest Procedures, Revision J, Release 3, Novell, Inc., Part Number 107-000025-001, December 1996 |
DoD5200.28-STD |
Department of Defense Trusted Computer System Evaluation Criteria, National Computer Security Center, December 1985 |
NCSC-TG-004 |
Glossary of Computer Security Terms, Version 1, National Computer Security Center, October 1988 |
NCSC-TG-005 |
Trusted Network Interpretation of the Trusted Computer System Evaluation Criteria, Version 1, National Computer Security Center, July 1987 |
NCSC-TG-013-95 |
Rating Maintenance Phase Program Document, Version 2, National Computer Security Center, Final: March 1, 1995 |
SCSI-II |
Draft Proposed American National Standard, Small Computer System Interface (SCSI-II), X3.131, American National Standards Institute, November 11, 1991 |