Technical data
Brocade Communications Systems, Inc. Page 16 of 48
4. Security Objectives
This section summarizes the security objectives for the TOE and its environment.
4.1 Security Objectives for the TOE
O.ACCESS The TOE will ensure that users gain only authorized access to the TOE and to
the resources that the TOE controls.
O.ADMIN_ROLE The TOE will provide authorized administrator roles to isolate administrative
actions thus limiting the scope of errors that an administrator may cause.
O.AUDIT_GENERATION The TOE will provide the capability to create records of security relevant events
associated with users.
O.MANAGE The TOE will provide guidance and mechanisms to allow administrators to
effectively manage the TOE and its security functions, to ensure that only
authorized administrators are able to access such certain functionality, and to
ensure that communication between the TOE and the administrator is protected.
O.TOE_PROTECTION The TOE will protect the TOE and its assets from external interference or
tampering.
O.USER_AUTHENTICATION The TOE will verify the claimed identity of users.
O.USER_IDENTIFICATION The TOE will uniquely identify users.
4.2 Security Objectives for the Environment
OE.NETWORK The Environment will protect network communication to and from the TOE
from unauthorized disclosure or modification.
OE.CONFIG The TOE will be installed, configured, managed and maintained in accordance
with its guidance documentation.
OE.PHYCAL The TOE will be located within controlled access facilities, which will prevent
unauthorized physical access.