Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsHousehold Appliances8
39404142434445464748
Brocade Communications Systems, Inc. Page 45 of 48
FAU_GEN.1: The TOE generates audit events for the not specified level of audit.
FPT_STM.1: The TOE provides time stamps for its own use.
8.2.1.4 O.MANAGE
The TOE will allow administrators to effectively manage the TOE and its security functions, must ensure
that only authorized administrators are able to access such functionality, and that communication between
the TOE and the administrator is protected.
This TOE Security Objective is satisfied by ensuring that:
FMT_MSA.1(1): The ability to modify host bus adapters and storage devices zone membership is limited
to users possessing the admin, zoneAdmin, fabricAdmin, root, or factory role.
FMT_MSA.1(2): The ability to modify the configuration of the user data encryption SFP defined between
host bus adapters and storage devices is limited to users possessing the Admin, SecurityAdmin and
FabricAdmin, Root and Factory roles
FMT_MSA.3(1): By default, host bus adapters do not have access to storage devices.
FMT_MSA.3(2): By default, encryption is not performed on the transmission of user data between a host
bus adapter and a storage device.
FMT_MTD.1(1): The ability to query, modify, delete, and assign administrative user security attributes is
limited to users possessing one of the following administrative roles: admin, Security Admin, root, factory.
FMT_MTD.1(2): Administrators can set their own passwords. The administrative roles admin, Security
Admin, root and factory may set any account’s password.
FMT_SMF.1: The TOE provides administrative interfaces to modify and query host bus adapters and
storage device zone membership, as well as to set and reset administrator passwords.
FMT_SMR.1: The TOE maintains administrative user roles.
FTA_MCS.1: The TOE limits the number of concurrent sessions a user can have based upon the user’s
role.
FTA_TSE.1: The TOE limits the locations and services through which administrators can establish remote
administrative sessions based upon the presumed source network location.
FTP_TRP.1: The TOE provides a trusted path between itself and remote administrative users.
8.2.1.5 O.TOE_PROTECTION
The TOE will protect the TOE and its assets from external interference or tampering.
This TOE Security Objective is satisfied by ensuring that:
FCS_COP.1(1): The TOE utilizes cryptography to as part of the trusted path mechanism that protects
communications during administrative sessions.
FCS_COP.1(2): In selected models, the TOE utilizes cryptography to protect user data transmitted to and
stored on storage devices.
FCS_CKM.1(1): The TOE generates keys for use with the trusted path mechanims.
FCS_CKM.1(2): The TOE generates keys for use with the user data encryption mechanims.
FCS_CKM.4: The TOE zeroizes keys used in for the trusted path mechanism when the key is no longer
needed.
ADV_ARC.1; requires that the TSF be able to protect itself from tampering and that the security
mechanisms in the TSF cannot be bypassed. Without this objective, there could be no assurance that users
could not view or modify TSF executables, TSF data or TSF-protected data.