User guide

ManualsBrandsAruba ManualsComputer equipment620

Aruba Networks Security Target

Page 65 of 67

NDPP

Source

Requirement

Assurance

Family

user role the process runs as or under.

52.

AGD_OPE.

The operational guidance shall contain instructions for configuring the

cryptographic engine associated with the evaluated configuration of the TOE. It

shall provide a warning to the administrator that use of other cryptographic

engines was not evaluated nor tested during the CC evaluation of the TOE.

AGD_OPE

53.

AGD_OPE.

The documentation must describe the process for verifying updates to the TOE,

either by checking the hash or by verifying a digital signature. The evaluator

shall verify that this process includes the following steps:

1. For hashes, a description of where the hash for a given update can be

obtained. For digital signatures, instructions for obtaining the certificate that will

be used by the FCS_COP.1(2) mechanism to ensure that a signed update has

been received from the certificate owner. This may be supplied with the product

initially, or may be obtained by some other means.

2. Instructions for obtaining the update itself. This should include instructions for

making the update accessible to the TOE (e.g., placement in a specific

directory).

3. Instructions for initiating the update process, as well as discerning whether the

process was successful or unsuccessful. This includes generation of the

hash/digital signature.

AGD_OPE

54.

AGD_OPE.

The TOE will likely contain security functionality that does not fall in the scope of

evaluation under the NDPP. The operational guidance shall make it clear to an

administrator which security functionality is covered by the evaluation activities.

AGD_OPE

55.

AGD_PRE.

The evaluator shall check to ensure that the guidance provided for the TOE

adequately addresses all platforms claimed for the TOE in the ST.

AGD_PRE

56.

ATE_IND.1

The evaluator shall prepare a test plan and report documenting the testing

aspects of the system. The test plan covers all of the testing actions contained

in the CEM and the body of the NDPP’s Assurance Activities. While it is not

necessary to have one test case per test listed in an Assurance Activity, the

evaluator must document in the test plan that each applicable testing

requirement in the ST is covered.

ATE_IND

57.

ATE_IND.1

The test plan identifies the platforms to be tested, and for those platforms not

included in the test plan but included in the ST, the test plan provides a

justification for not testing the platforms. This justification must address the

differences between the tested platforms and the untested platforms, and make

an argument that the differences do not affect the testing to be performed. It is

not sufficient to merely assert that the differences have no affect; rationale must

be provided. If all platforms claimed in the ST are tested, then no rationale is

necessary.

ATE_IND

58.

ATE_IND.1

The test plan describes the composition of each platform to be tested, and any

setup that is necessary beyond what is contained in the AGD documentation. It

should be noted that the evaluator is expected to follow the AGD documentation

for installation and setup of each platform either as part of a test or as a standard

pre-test condition. This may include special test drivers or tools. For each driver

or tool, an argument (not just an assertion) should be provided that the driver or

ATE_IND