Manualshelf

User guide

ManualsBrandsAruba ManualsComputer equipment620
21222324252627282930
Aruba Networks Security Target
Page 22 of 67
Requirement
Auditable Events
Additional Audit Record Contents
Guidance Notes
FCS_TLS_EXT.1
Failure to establish a TLS
Session.
Reason for failure.
TLS is only used in the context of
HTTPS. Audit messages for TLS will
be the same as FCS_HTTPS_EXT.1.
Establishment/Termination of
a TLS session.
Non-TOE endpoint of connection (IP
address) for both successes and
failures.
TLS is only used in the context of
HTTPS. Audit messages for TLS will
be the same as FCS_HTTPS_EXT.1.
FCS_SSH_EXT.1
Failure to establish an SSH
session
Reason for failure.
See [SYSLOG] message ID 125022
Establishment/Termination of
an SSH session
Non-TOE endpoint of connection (IP
address) for both successes and
failures.
See [SYSLOG] Security - Warnings
FCS_HTTPS_EXT.1
Failure to establish a HTTPS
Session.
Reason for failure.
See [SYSLOG] message ID 125022
Establishment/Termination of
a HTTPS session.
Non-TOE endpoint of connection (IP
address) for both successes and
failures.
See [SYSLOG] Security - Warnings
FAU_GEN.2 User Identity Association
FAU_GEN.2.1 For audit events resulting from actions of identified users, the TSF shall
be able to associate each auditable event with the identity of the user
that caused the event.
FAU_STG_EXT.1 External Audit Trail Storage
FAU_STG_EXT.1.1 The TSF shall be able to transmit the generated audit data to an external
IT entity using a trusted channel implementing the IPsec protocol.
5.3.2 Cryptographic Support (FCS)
FCS_CKM.1(1) Cryptographic Key Generation (for asymmetric keys
HTTPS/TLS)
FCS_CKM.1.1(1) Refinement: The TSF shall generate asymmetric cryptographic keys
used for key establishment in accordance with:
NIST Special Publication 800-56B, “Recommendation for Pair-Wise
Key Establishment Schemes Using Integer Factorization
Cryptography” for RSA-based key establishment schemes
and specified cryptographic key sizes equivalent to, or greater than, a
symmetric key strength of 112 bits.
Application Note: This requirement is related to the use of RSA in HTTPS/TLS.