Hardware manual
Version 1.1, 03/31/2015
GSS CCT Evaluation Technical Report Page 14 of 56 © 2015 Gossamer Security Solutions, Inc.
Document: AAR-BrocadeNetIron5.8 All rights reserved.
Guidance Assurance Activities: None Defined
Testing Assurance Activities: None Defined
2.1.2 USER IDENTITY ASSOCIATION (FAU_GEN.2)
2.1.2.1 FAU_GEN.2.1
TSS Assurance Activities: None Defined
Guidance Assurance Activities: None Defined
Testing Assurance Activities: None Defined
2.1.3 EXTERNAL AUDIT TRAIL STORAGE (FAU_STG_EXT.1)
2.1.3.1 FAU_STG_EXT.1.1
TSS Assurance Activities: For both types of TOEs (those that act as an audit server and those that send data to an
external audit server), there is some amount of local storage. The evaluator shall examine the TSS to ensure it
describes the amount of audit data that are stored locally; what happens when the local audit data store is full;
and how these records are protected against unauthorized access. The evaluator shall also examine the
operational guidance to determine that it describes the relationship between the local audit data and the audit
data that are sent to the audit log server (for TOEs that are not acting as an audit log server). For example, when
an audit event is generated, is it simultaneously sent to the external server and the local store, or is the local store
used as a buffer and 'cleared' periodically by sending the data to the audit server.
TOE acts as audit server