McAfee SAV85E User Guide - Page 15

3 Guidance for Administrators The Common Criteria evaluated configuration is designed to be as flexible as possible in a deployment scenario. As such, the ongoing guidance for administrators is largely covered in the McAfee VirusScan Enterprise 8.8 software Product Guide. Administrators should read and configure the software according to the guidelines in available documentation and according to their site-specific security policies. Following those guidelines and those mentioned below will ensure that the TOE is administered in a manner that complies with the Common Criteria evaluation. Contents  Software Version Inspection  Required Password Length Software Version Inspection The administrator should periodically verify that the evaluated version of software is running. Required Password Length When adding other administrator accounts to the TOE, the administrator should choose strong passwords by adhering to the following rules:  Use long passwords (8 characters or longer).  Do not use something found in a dictionary (in any language or jargon).  Do not use a name (including that of a spouse, parent, child, pet, fantasy character, famous person, and location) or any variation of the account name or administrator identity.  Do not use accessible information (such as phone numbers, license plates, or social security numbers).  Do not use a birthday or a simple number pattern.  Use a mixture of upper and lower case letters, as well as digits or punctuation. When choosing a new password, make sure it is unrelated to any previous password. Note that the administrator should also follow these rules when maintaining his/her own password. Operational User Guidance and Preparative Procedures Supplement for Common Criteria 15