User guide
Aruba Networks Security Target
Page 52 of 67
#
NDPP
Source
Requirement
Assurance
Family
how these records are protected against unauthorized access. The evaluator
shall also examine the operational guidance to determine that it describes the
relationship between the local audit data and the audit data that are sent to the
audit log server (for TOEs that are not acting as an audit log server). For
example, when an audit event is generated, is it simultaneously sent to the
external server and the local store, or is the local store used as a buffer and
“cleared” periodically by sending the data to the audit server.
5.
FAU_STG_
EXT.1.1
TOE acts as audit server
The evaluator shall examine the TSS to ensure it describes the connection
supported from non-TOE entities to send the audit data to the TOE, and how the
trusted channel is provided. Testing of the trusted channel mechanism will be
performed as specified in the associated assurance activities for the particular
trusted channel mechanism. The evaluator shall also examine the operational
guidance to ensure it describes how to establish the trusted channel with the
TOE, as well as describe any requirements for other IT entities to connect and
send audit data to the TOE (particular audit server protocol, version of the
protocol required, etc.), as well as configuration of the TOE needed to
communicate with other IT entities. The evaluator shall perform the following
test for this requirement:
Test 1: The evaluator shall establish a session between an external IT entity and
the TOE according to the configuration guidance provided. The evaluator shall
then examine the traffic that passes between the IT entity and the TOE during
several activities of the evaluator’s choice designed to generate audit data to be
transferred to the TOE. The evaluator shall observe that these data are not able
to be viewed in the clear during this transfer, and that they are successfully
received by the TOE. The evaluator shall perform this test for each protocol
selected in the second selection.
ASE_TSS
ATE_IND
AGD_OPE
6.
FAU_STG_
EXT.1
TOE is not an audit server
The evaluator shall examine the TSS to ensure it describes the means by which
the audit data are transferred to the external audit server, and how the trusted
channel is provided. Testing of the trusted channel mechanism will be
performed as specified in the associated assurance activities for the particular
trusted channel mechanism. The evaluator shall also examine the operational
guidance to ensure it describes how to establish the trusted channel to the audit
server, as well as describe any requirements on the audit server (particular audit
server protocol, version of the protocol required, etc.), as well as configuration of
the TOE needed to communicate with the audit server. The evaluator shall
perform the following test for this requirement:
Test 1: The evaluator shall establish a session between the TOE and the audit
server according to the configuration guidance provided. The evaluator shall
then examine the traffic that passes between the audit server and the TOE
during several activities of the evaluator’s choice designed to generate audit data
to be transferred to the audit server. The evaluator shall observe that these data
are not able to be viewed in the clear during this transfer, and that they are
successfully received by the audit server. The evaluator shall record the
particular software (name, version) used on the audit server during testing.
ASE_TSS
ATE_IND
AGD_OPE
7.
FCS_CKM.
The evaluator shall use the key pair generation portions of "The FIPS 186-3
ATE_IND