User guide

ManualsBrandsAruba ManualsComputer equipment620

Aruba Networks Security Target

Page 36 of 67

when the configuration of the TOE has been erased using the “write erase”

command. While in this default state, no TOE services are available and the TOE

does not forward traffic through network interfaces. During the initial configuration

dialog, an administrative username and password is established. Once initial

configuration has been completed, the TOE reboots into a secure state.

57 The TOE provides two interfaces for administration: WebUI and CLI. The WebUI is

accessed via TLS/HTTPS. The CLI is accessed via SSH or direct console. For both

TLS/HTTPS and SSH the TOE can be configured to use username/password only,

public key authentication only or both username/password and public key

authentication. Direct console to the CLI only supports username/password.

 [USER] Chapter 35 “Management Access” has documentation for

setting these options.

58 The TOE can be configured to use a Radius server for username/password

authentication. The same user repository (either local or Radius) is used from both

WebUI and CLI access. Passwords stored locally are encrypted using the TOE’s

KEK and cannot be viewed via any normal interface. Password complexity rules are

enforced by the TOE (see FIA_PMG_EXT.1), and passwords are obscured during

entry.

 [USER] Chapter 35 – “Enabling RADIUS Server Authentication” and

“Implementing a Specific Password Management Policy” provide

more instruction on how to configure passwords.

 [USER] Ch. 35 - Implementing a Specific Management Password

Policy describes setting minimum password length.

59 A successful logon takes place when a recognized username/password combination

is provided and/or a recognized X.509 client certificate is presented by the

administrator’s web browser or SSH client.

60 No administrative functions are accessible prior to administrator log-in. Before

establishing an administrative user session the TOE displays an administrator

specified advisory notice and consent warning message regarding use of the TOE.

 Banner configuration is documented in the [CLI] under “banner motd”

61 The TOE associates users with their assigned role upon successful authentication.

The “Authorized Administrator” role defined by the NDPP equates to the “root” role

implemented by the TOE.

62 For both the WebUI and CLI, administrative sessions will terminate according to an

administrator defined period of inactivity. The system clock as described in

paragraph 52 is used to time the period of inactivity. Administrators can terminate

their own session by logging out.

 [USER] Chapter 35, “Setting an Administrator Session Timeout”

provides instructions on setting session timeouts.

The system clock time is also used for timestamps in audit log records. [USER}

Chapter 35 - Setting the System Clock describes how the system clock can be

changed.

6.1.5 Residual Information Clearing

Related SFRs: FDP_RIP.2

63 The TOE ensures that network packets sent from the TOE do not include data "left

over" from the processing of previous network information.