|
|
NSFocus Information Technology (Beijing) Co., Ltd.
NSFOCUS Security Gateway (SG)
Provide a short description of how and where your capability is made available to your customers and the public (required):
NSFOCUS makes information about security vulnerabilities publicly available on its website; customers can also download and install product updates on the website.
Related resources and links:
- NSFOCUS Vulnerability Database:
http://www.nsfocus.net/index.php?act=sec_bug (Chinese)- NSFOCUS SG Component Update:
http://update.nsfocus.com/update/sgIndex (Chinese)
Describe how and where your capability indicates the most recent CVE version used to create or update its mappings (required):
We check for new CVE versions and complete related updates in the next regular update.
Indicate how often you plan on updating the mappings to reflect new CVE versions and describe your approach to keeping reasonably current with CVE versions when mapping them to your repository (required):
We review CVE website weekly, and will generate a list of CVE names to be updated via script tools within 3 days if any new CVE version is made available, then complete the update in a few days afterwards, depending on the amount of CVE entries to be updated and workload at that time.
Describe how and where you explain to your customers the timeframe they should expect an update of your capability’s mappings to reflect newly available CVE content (required):
NSFOCUS SG is updated weekly. Any revisions to CVE information during update intervals will be timely included in the update file. We will not make any specific explanation to CVE version for the customers.
Provide a copy, or directions to its location, of where your documentation describes CVE and CVE compatibility for your customers (required):
We describe the CVE and CVE Compatibility information in the help file named "rule help.chm" for our customers.
Provide a copy, or directions to its location, of where your documentation describes the specific details of how your customers can use CVE names to find the individual security elements within your capability’s repository (required):
CVE names may be used as a search criterion from the search page in the help file, the following steps shows the search capability:
- Open the help file and change to the search tab.
- Input CVE name or other key word.
- Click the list topic button.
- List the related entries to the input key word, then select an entry to display the details.
Provide a copy, or directions to its location, of where your documentation describes the process a user would follow to find the CVE names associated with individual security elements within your capability’s repository (required):
CVE names may be used as a search criterion from the search page in the help file, the following steps shows the search capability:
- Open the help file and change to the search tab;
- Input CVE name or other key word;
- Click the list topic button;
- List the related entries to the input key word, then select an entry to display the details.
If your documentation includes an index, provide a copy of the items and resources that you have listed under "CVE" in your index. Alternately, provide directions to where these "CVE" items are posted on your web site (recommended):
For NSFOCUS SG, a list of CVE-related vulnerability is conveniently available by searching "CVE" in its Help file.
Give detailed examples and explanations of how a user can locate tasks in the tool by looking for their associated CVE name (required):
Users can utilize product’s online Help in order to find related CVEs and information about the corresponding CVE. Links to https://cve.mitre.org are also commonly available.
Give detailed examples and explanations of how, for reports that identify individual security elements, the tool allows the user to determine the associated CVE names for the individual security elements in the report (required):
CVE details and links are provided in most NSFOCUS SG alerts if only corresponding CVE name is available. Each available CVE can be searched by its name in NSFOCUS SG online Help.
Give detailed examples and explanations of how a user can obtain a listing of all of the CVE names that are associated with the tool’s tasks (recommended):
A user can obtain a listing or all vulnerabilities and related CVE from within the online Help. The user can enter ‘CVE’ and ‘Search’. The total number of vulnerabilities is then listed in the left view pane followed by each vulnerability name. CVEs are then listed in each vulnerability in the right hand view of Help window.
Describe the steps and format that a user would use to select a set of tasks by providing a file with a list of CVE names (recommended):
If there is no check in the online Help, the task associated to a selected CVE cannot be done.
Give detailed examples and explanations of how a "find" or "search" function is available to the user to locate tasks in the online capability by looking for their associated CVE name or through an online mapping that links each element of the capability with its associated CVE name(s) (required):
- From the search Webpage of NSFOCUS Security Information Database
http://www.nsfocus.net/index.php?act=sec_bug enter the CVE name in one of the following formats:Format example:
CVE-YYYY-NNNN CVE-2004-0122
YYYY-NNNN 2004-0122- Select "search by Keyword". The Keyword Search Results page appears.
- Under the displaying results list, select the appropriate link for more information.CVE or CAN and vulnerability details appear in the "Description" section.
Provide a detailed description of how someone can use your "URL template" to interface to your capability’s search function (recommended):
Examples:
http://www.example.com/cgi-bin/db-search.cgi?cvename=CVE-YYYY-NNNN
http://www.example.com/cve/CVE-YYYY-NNNN.htmlFrom the search Webpage of NSFOCUS Security information Database
http://www.nsfocus.net/index.php?act=sec_bug enter the CVE name in one of the following formats:Format example:
CVE-YYYY-NNNN CVE-2004-0122
YYYY-NNNN 2004-0122
If the URL template is for a CGI program, does it support the HTTP "GET" method? (recommended):
- From the search Webpage of NSFOCUS Security Information Database
http://www.nsfocus.net/index.php?act=sec_bug enter the CVE name in the following formats:For example
CVE- Select "Search by Keyword". The Keyword Search results page appears.
- Under the displaying results list, select the appropriate link for more information.CVE or CAN and vulnerability details appear in the "description" section.
Give detailed examples and explanations of how, for reports that identify individual security elements, the online capability allows the user to determine the associated CVE names for the individual security elements in the report. (required):
This capability is available on each Web page in product’s alert detail section. For CVE names, the section lists the CVE name, a link to the MITRE CVE entry for the same name (opens in a new browser window).
For example:
http://www.nsfocus.net/index.php?act=sec_bug&do=view&bug_id=6160&keyword=CVE-2004-0122In "Description" section, CVE-2004-0122 is the CVE name of this entry, which links to the corresponding CVE information in MITRE website:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0122 CVE names appearing in Description section are the latest CVE names. NSFOCUS Security Team will not keep revision history for specific security information-related CVE/CAN names.
If details for individual security elements are not provided, give examples and explanations of how a user can obtain a mapping that links each element with its associated CVE name(s), otherwise enter N/A (required):
From the search Webpage of NSFOCUS Security information Database
http://www.nsfocus.net/index.php?act=sec_bug enter the CVE name in one of the following formats:Format example:
CVE-YYYY-NNNN CVE-2004-0122
YYYY-NNNN 2004-0122
Provide details about the different electronic document formats that you provide and describe how they can be searched for specific CVE-related text (required):
NSFOCUS SG provides output in PDF, HTM, and RTF. Each is searchable via the browser, viewer, or editor chosen.
If one of the capability’s standard electronic documents only lists security elements by their short names or titles provide example documents that demonstrate how the associated CVE names are listed for each individual security element (required):
Currently, when security elements are listed by titles we provide no mapping in our reports on how a CVE name is related to each individual security element.
Provide example documents that demonstrate the mapping from the capability’s individual elements to the respective CVE name(s) (recommended):
||B.3.3||
Give detailed examples and explanations of how the GUI provides a "find" or "search" function for the user to identify your capability’s elements by looking for their associated CVE name(s) (required):
CVE information can be found in the product Help text, it will detail what CVE is, and also covers details of detectable exploits and how to relate to corresponding CVE. Both Help texts can be searched by content, index, search or favorites within the help module.
Briefly describe how the associated CVE names are listed for the individual security elements or discuss how the user can use the mapping between CVE entries and the capability’s elements, also describe the format of the mapping (required):
In our Vulnerability Details section within the product we have the associated CVEs included in the vulnerability description. Click CVE name, then a new browser page that links to corresponding CVE name in MITRE website will appear.
Provide details about the different electronic document formats that you provide for exporting or accessing CVE-related data and describe how they can be searched for specific CVE-related text (recommended):
Export document provides output in HTML and RTF format. Each is searchable via the browser or editor chosen according to CVE information.
Have an authorized individual sign and date the following Compatibility Statement (required):
"As an authorized representative of my organization I agree that we will abide by all of the mandatory CVE Compatibility Requirements as well as all of the additional mandatory CVE Compatibility Requirements that are appropriate for our specific type of capability."
Name: Steven Cai
Title: PM
Have an authorized individual sign and date the following accuracy Statement (recommended):
"As an authorized representative of my organization and to the best of my knowledge, there are no errors in the mapping between our capability’s Repository and the CVE entries our capability identifies."
Name: Steven Cai
Title: PM
FOR TOOLS ONLY - Have an authorized individual sign and date the following statement about your tools efficiency in identification of security elements (required):
"As an authorized representative of my organization and to the best of my knowledge, normally when our capability reports a specific security element, it is generally correct and normally when an event occurs that is related to a specific security element our capability generally reports it."
Name: Steven Cai
Title: PM