User guide
Aruba Networks Security Target
Page 30 of 67
FPT_TST_EXT.1.1 The TSF shall run a suite of self-tests during initial start-up (on power on)
to demonstrate the correct operation of the TSF.
5.3.8 TOE Access (FTA)
FTA_SSL_EXT.1 TSF-initiated Session Locking
FTA_SSL_EXT.1.1 The TSF shall, for local interactive sessions:
ï‚· terminate the session
after a Security Administrator-specified time period of inactivity.
FTA_SSL.3 TSF-initiated Termination
FTA_SSL.3.1 Refinement: The TSF shall terminate a remote interactive session after
a Security Administrator-configurable time interval of session inactivity.
FTA_SSL.4 User-initiated Termination
FTA_SSL.4.1 The TSF shall allow Administrator-initiated termination of the
Administrator’s own interactive session.
FTA_TAB.1 Default TOE Access Banners
FTA_TAB.1.1 Refinement: Before establishing an administrative user session the
TSF shall display a Security Administrator-specified advisory notice
and consent warning message regarding use of the TOE.
5.3.9 Trusted Path/Channels (FTP)
FTP_ITC.1 Inter-TSF trusted channel
FTP_ITC.1.1 Refinement: The TSF shall use IPsec to provide a trusted
communication channel between itself and authorized IT entities
supporting the following capabilities: audit server, authentication
server that is logically distinct from other communication channels and
provides assured identification of its end points and protection of the
channel data from disclosure and detection of modification of the channel
data.
FTP_ITC.1.2 The TSF shall permit the TSF, or the authorized IT entities to initiate
communication via the trusted channel.
FTP_ ITC.1.3 The TSF shall initiate communication via the trusted channel for Syslog
messages and RADIUS authentication.
FTP_TRP.1 Trusted Path
FTP_TRP.1.1 Refinement: The TSF shall use SSH, TLS/HTTPS to provide a trusted
communication path between itself and remote administrators that is