Availability for the Always-On Enterprise
Post Reply
signal
Enthusiast
Posts: 56
Liked: 3 times
Joined: Oct 06, 2016 1:19 pm
Contact:

Access control

Post by signal » Jan 04, 2018 1:36 pm

How is access control handled inside VBR, not just login to the console but internally in the application?
Is some form of discretionary access control (DAC) or mandatory access control (MAC) used?

v.Eremin
Veeam Software
Posts: 15077
Liked: 1132 times
Joined: Oct 26, 2012 3:28 pm
Full Name: Vladimir Eremin
Contact:

Re: Access control

Post by v.Eremin » Jan 04, 2018 2:26 pm

Can you provide some context for your question, please? Maybe, some problem that you've faced or issue you're trying to solve? Or it's more like "out of curiosity" type of question? Thanks.

signal
Enthusiast
Posts: 56
Liked: 3 times
Joined: Oct 06, 2016 1:19 pm
Contact:

Re: Access control

Post by signal » Jan 05, 2018 8:59 am

I'm working with a very security oriented organization and I need to document the security of the software. I've tried to get hold of any previous security assessment documentation, like a Common Criteria security evaluation but have not found any for VBR. If you have anything like that to send me it would make things a lot easier.

I have different requirements for security that I need to document, like compliance with Common Criterea Controlled Access Protection Profile (CAPP), access control (not just authentication when logging in, but how it is enforced in the software), activity logging, data protection (e.g. credentials) and so on.

Vitaliy S.
Veeam Software
Posts: 21394
Liked: 1273 times
Joined: Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov
Contact:

Re: Access control

Post by Vitaliy S. » Jan 05, 2018 2:55 pm

I would suggest to contact your system engineer for these security documents. Our SEs should be able to get this info from our legal department. Thanks!

Post Reply

Who is online

Users browsing this forum: Bing [Bot], ctalbot, DGrinev and 50 guests