Specifications
Security Target Version 1.0 9/29/2014
87
8.2.1.3 O.DISPLAY_BANNER
The TOE will display an advisory warning regarding use of the TOE.
This TOE Security Objective is satisfied by ensuring that:
• FTA_TAB.1: Requires the TOE to display an administrator defined banner before a user can establish an
authenticated session. This banner is under complete control of Authorized Administrators in which they
specify any warnings regarding unauthorized use of the TOE.
8.2.1.4 O.FAIL_SECURE
The TOE shall fail in a secure manner following failure of the power-on self tests.
This TOE Security Objective is satisfied by ensuring that:
• FPT_FLS.1: Requires that on a detected failure the TOE maintains a secure state.
8.2.1.5 O.PROTECTED_COMMUNICATIONS
The TOE will provide protected communication channels for administrators, other parts of a distributed
TOE, and authorized IT entities.
This TOE Security Objective is satisfied by ensuring that:
• FIA_X8021X_EXT.1 provides the two-way authentication necessary to allow a wireless client access to
the wired network, and serves as a part of the 802.11-2007 WPA2 protocol to establish the communication
channel with the wireless client.
• FAU_STG_EXT.1: Protects the audit records through transmission between external audit storage.
• FCS_HTTPS_EXT.1: Requires the TOE provide a mechanism that creates a distinct communication
channel between the TOE and both remote administrators and trusted IT entities that protects the data that
traverse this channel from disclosure or modification.
• FCS_IPSEC_EXT.1: Requires the TOE provide a mechanism that creates a distinct communication
channel between the TOE and both remote administrators and trusted IT entities that protects the data that
traverse this channel from disclosure or modification.
• FCS_SSH_EXT.1: Requires the TOE provide a mechanism that creates a distinct communication channel
between the TOE and both remote administrators and trusted IT entities that protects the data that traverse
this channel from disclosure or modification.
• FCS_TLS_EXT.1: Requires the TOE provide a mechanism that creates a distinct communication channel
between the TOE and both remote administrators and trusted IT entities that protects the data that traverse
this channel from disclosure or modification.
• FPT_ITT.1: Requires the TOE provide a mechanism that creates a distinct communication channel between
distributed TOE components that protects the data that traverse this channel from disclosure or
modification.
• FPT_RPL.1: Ensures that administrator sessions or data communicated with an authorized IT entity cannot
be replayed.
• FTP_ITC.1: Requires the TOE provide a mechanism that creates a distinct communication channel
between the TOE and both remote administrators and trusted IT entities that protects the data that traverse
this channel from disclosure or modification.
• FTP_TRP.1: Requires the TOE provide a mechanism that creates a distinct communication channel
between the TOE and both remote administrators and trusted IT entities that protects the data that traverse
this channel from disclosure or modification.
8.2.1.6 O.PROTOCOLS
The TOE will ensure that standardized protocols are implemented in the TOE to RFC and/or Industry
specifications to ensure interoperability, that also support communication with a centralized audit server
and a RADIUS authentication server.
This TOE Security Objective is satisfied by ensuring that: