Manualshelf

Hardware manual

ManualsBrandsBrocade Communications Systems ManualsComputer equipmentNetIron CER Series
31323334353637383940
Version 1.1, 03/31/2015
GSS CCT Evaluation Technical Report Page 35 of 56 © 2015 Gossamer Security Solutions, Inc.
Document: AAR-BrocadeNetIron5.8 All rights reserved.
Information flow policy ACLs
o The Security Configuration Guide includes instructions for “Layer 2 Access Control Lists”, “Access
Control List”, “Configuring an IPv6 Access Control List”, “Configuring 802.1X Port Security”,
Using MAC Port Security Feature”, “Protecting against Denial of Service Attacks”, and
Configuring Multi-Device Port Authentication” that collectively provide instructions for
configuring information flow rules.
User and administrator security attributes (including passwords and privilege levels)
o The Security Configuration Guide includes instructions for “Setting up local user accounts” that
allows user accounts to be defined and assigned password and management privilege levels.
Authentication method lists
o Passwords
The Security Configuration Guide includes instructions for “Configuring a local user
account” that can be used to log into the configured interfaces with an assigned
password.
o SSH public-key based authentication
The Security Configuration Guide includes instructions for “Configuring SSH2 client
public key authentication
o We Management
The Security Configuration Guide includes instructions for “Configuring SSL security for
the Web Management Interface.”
Logon failure threshold
o The Security Configuration Guide includes instructions for “Setting the number of SSH server
authentication retries.
Remote access user list/Remote and local administration
o The Security Configuration Guide, section 1, addresses local (CLI) and remote (including web)
access restrictions. Section 5 provides instructions for configuring SSHv2 and SCP while section
10 provides instructions to configure the SNMP interface (disabled in the FIPS/CC configuration
for access to security related objects).
Cryptographic support settings/Configure cryptographic functionality
o The FIPS Guide provides instructions to enable FIPS and Common Criteria modes.
Update the TOE
o The FIPS Guide includes instructions for “Software Upgrade for FIPS devices and “Simplified
Upgrade and Auto Upgrade”. These instructions also explain how to query the current version.
Configure TOE-provided services available before authentication
o Network routing
The Security Configuration Guide includes instructions for Layer 2 Access Control Lists”,
“Access Control List”, “Configuring an IPv6 Access Control List”, “Configuring 802.1X Port
Security”, “Using MAC Port Security Feature”, “Protecting against Denial of Service