Log Radar

 
PROJECT ID
C010
ASSURANCE LEVEL
EAL2
Security Target (ST)
 
Certification Report (CR)
 
PRODUCT NAME AND VERSION
Log Radar v3.2.15 with modules Console, Collector and Archiver
PRODUCT TYPE
Automated software system used on enterprise data networks to centralise the storage and interpretation of logs, or events, generated by other devices or applications.
PRODUCT SPONSOR / DEVELOPER

TecForte Sdn Bhd

PRODUCT SPONSOR / DEVELOPER CONTACT DETAILS

Leong Wei Khuan

Level 27, Quill 7,
Jalan Stesen Sentral 5,
Kuala Lumpur Sentral,
50470 Kuala Lumpur,
MALAYSIA.

URL: http://www.tecforte.com
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Phone: +603 2776 6936
Fax: +603 2776 6999

The Target of Evaluation (TOE) is Log Radar v3.2.15 with modules Console, Collector and Archiver; commonly referred as LogRadar.

LogRadar is an automated software system used on enterprise data networks to centralise the storage and interpretation of logs, or events, generated by other devices or applications. Its key aims are to collect, normalise process and manage such information (logs) from a real time context.

The modules included in the scope of the security evaluation and certification are:

  • Console - acts as the interfacing point between user and TOE,
  • Collector - its core function is to collect streams of data as and when they occur and process these device specific logs into a common and normalised form, and
  • Archiver - functions as a backup daemon.

In the context of the evaluation, the TOE is expected to provide the following major security features:

  • Identification and authentication – the TOE provides user identification and authentication independent from the operating system on which it operates on.
  • Security audit – the TOE records each individual user session and tracks each action within the session.
  • Granular access control – the TOE allows users access permission within the application to be dynamically and granularly assigned via users and group memberships.
  • Password management – the TOE provides a full password management function including the management of password policy rules as well as password expiry settings.
  • Sessions management – the TOE maintain session management and restricts a single login for only a single valid session.
  • Socket layer – the TOE runs on Secure Socket Layer (SSL) to protect its data when travelling thru the network.
  • Import and export of configuration data – the TOE runs on Secure Socket Layer (SSL) to protect its data when travelling thru the network.
  • Automated archive – the TOE provides a mechanism where the auto archival of aggregated reports, rawlogs and syslogs will be automatically hashed with MD-5 checksum, archived with AES encryption and stored at predetermined times.
  • Real time syslog collection – the TOE provides the ability for authorised users to dynamically configure the TOE to listen to syslog streams from network devices, servers and/or any other supported applications.