Manualshelf

Hardware manual

ManualsBrandsBrocade Communications Systems ManualsComputer equipmentNetIron CER Series
11121314151617181920
Version 1.1, 03/31/2015
GSS CCT Evaluation Technical Report Page 15 of 56 © 2015 Gossamer Security Solutions, Inc.
Document: AAR-BrocadeNetIron5.8 All rights reserved.
The evaluator shall examine the TSS to ensure it describes the connection supported from non-TOE entities to send
the audit data to the TOE, and how the trusted channel is provided. Testing of the trusted channel mechanism will
be performed as specified in the associated assurance activities for the particular trusted channel mechanism.
TOE is not an audit server
The evaluator shall examine the TSS to ensure it describes the means by which the audit data are transferred to
the external audit server, and how the trusted channel is provided. Testing of the trusted channel mechanism will
be performed as specified in the associated assurance activities for the particular trusted channel mechanism.
Section 6.1 explains how the audit trail is protected. Only the TOE User role can access the audit trail and use of
that role requires a valid logon. Only administrators log onto the TOE. Section 6.1 also explains there is a local
audit log and the possibility of a remote audit log. The local log stores up to 50 entries after which the audit
entries will be overwritten, oldest first. The administrator (with Super User privilege) can choose to configure one
or more external syslog servers where the TOE will send a copy of the audit records if so desired. The TOE can be
configured to use TLS to protect audit logs exported to an external server.
Guidance Assurance Activities: TOE acts as audit server
The evaluator shall also examine the operational guidance to ensure it describes how to establish the trusted
channel with the TOE, as well as describe any requirements for other IT entities to connect and send audit data to
the TOE (particular audit server protocol, version of the protocol required, etc.), as well as configuration of the TOE
needed to communicate with other IT entities.
TOE is not an audit server
The evaluator shall also examine the operational guidance to ensure it describes how to establish the trusted
channel to the audit server, as well as describe any requirements on the audit server (particular audit server
protocol, version of the protocol required, etc.), as well as configuration of the TOE needed to communicate with
the audit server.
The Common Criteria section of the FIPS Guide has a section entitled “Configuring encrypted Syslog servers in
Common Criteria mode.” This section provides detailed instructions for how to setup an encrypted syslog server
including installing certificates and establishing a connection.
Testing Assurance Activities: TOE acts as audit server
Testing of the trusted channel mechanism will be performed as specified in the associated assurance activities for
the particular trusted channel mechanism. The evaluator shall perform the following test for this requirement:
Test 1: The evaluator shall establish a session between an external IT entity and the TOE according to the
configuration guidance provided. The evaluator shall then examine the traffic that passes between the IT entity
and the TOE during several activities of the evaluator’s choice designed to generate audit data to be transferred to