Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsHousehold Appliances8
21222324252627282930
Brocade Communications Systems, Inc. Page 30 of 48
Figure 4: TOE and environment audit record components.
Since the time stamp applied by the TOE was included as part of the event details, the time stamp in the event
details can be used to determine the order in which events occurred on the TOE. Similarly, the instance of the TOE
that generated the record can be determined by examining the field containing the IP address of the TOE.
For example:
Jun 20 11:07:11 [10.33.8.20.2.2] raslogd: AUDIT, 2006/12/10-09:54:03 (GMT), [SEC-1000], WARNING,
SECURITY, JohnSmith/root/192.168.132.10/Telnet/CLI, Domain A/JohnsSwitch, , Incorrect password
during login attempt.
The Audit protection function is designed to satisfy the following security functional requirements:
FAU_GEN.1: The TOE generates audit events for the not specified level of audit. A syslog server in the
environment is relied on to store audit records generated by the TOE.
6.1.2 User data protection
The evaluated configuration supports only interconnected TOE instances operated in a fabric switch mode.
The TOE defines host bus adapters in terms of port number and zone membership. The “port number” attribute that
specifies a particular HBA host is semantically equivalent to the host address used to determine connectivity. The
“port number” specifies the specific physical port to which the HBA is connected. The unique host address obtained
from the TOE when the HBA connects to the fabric also specifies the physical port to which the HBA is connected.
The first thing a host bus adapter must do is establish connectivity with at least one storage device located in the
fabric. In order for a host bus adapter to access a storage device using the TOE, a port must be configured by an
administrator to be a member of a zone of which a target storage device is already a member. After establishing a
physical connection with the TOE, the HBA acquires what is called a SAN fabric address from the TOE, which is a
24-bit address format. Upon receiving an address, the HBA next registers itself with the TOE. The HBA then
initiates FC/FCIP-protocol commands to establish connectivity with one or more targets located within the fabric.
The TOE then determines whether or not to allow access to the storage device by comparing zone memberships.
The TOE implements the SAN Fabric SFP to restrict block-read and block-write operations to an HBA that is a
member of the same zone as the object storage device. Host bus adapters can only access storage devices that are
members of the same zone. Hardware-enforced zoning (also called hard zoning” or simply “zoning”) prevents a
host bus adapter from accessing a device the host bus adapter is not authorized to access. The product also includes
what is called soft zoning. Soft zoning does not restrict access to connected storage devices. If a host bus adapter has
knowledge of the network address of a target device, the host bus adapter can read and write to it. That is why soft
zoning is not supported in the evaluated configuration. Administrative guidance is relied on to warn against the use
of soft zoning and it is not otherwise enabled by default in the evaluated configuration. A host bus adapter must be a