Specifications

Security Target Version 1.0 9/29/2014

The TOE uses the IPsec/IKE protocol with pre-shared keys or certificates to establish a trusted channel between

itself and the external authentication, logging, and NTP servers. To configure the channels the administrator uses the

Security -> Advanced -> VPN panel of the Web GUI to create the host-to-host IPsec/IKE connections. All

configuration settings must specify FIPS-certified encryption algorithms as specified by the FCP_COP.1

requirements.

The Trusted path/channels function is designed to satisfy the following security functional requirements:

• FTP_ITC.1: The TOE uses the IPsec/IKE protocol with pre-shared keys or certificates to establish a trusted

channel between itself and external authentication, logging, and NTP servers.

• FTP_TRP.1: The TSF uses SSH, TLS/HTTPS to provide a trusted communication path between itself and

remote administrators that is logically distinct from other communication paths and provides assured

identification of its end points and protection of the communicated data from disclosure and detection of

modification of the communicated data.