Specifications

ManualsBrandsBrocade Communications Systems ManualsComputer equipmentNetIron CER Series

Brocade MLXe® and NetIron® Family Devices with Multi-Service IronWare R05.7.00

Security Target Version 1., July 15, 2014

Page 17 of 50

provided is correct verifies that AGD_OPE.1 is satisfied and should address the invocation of the

administrative actions that are needed to verify the audit records are generated as expected.

FAU_GEN.1.2 The TSF shall record within each audit record at least the following information:

a) Date and time of the event, type of event, subject identity, and the outcome (success or

failure) of the event; and

b) For each audit event type, based on the auditable event definitions of the functional

components included in the PP/ST, information specified in column three of Table 2

Auditable Events.

Assurance Activity:

This activity should be accomplished in conjunction with the testing of FAU_GEN.1.1.

Requirement

Auditable Events

Additional Audit Record Contents

FAU_GEN.1

None.

FAU_GEN.2

None.

FAU_STG_EXT.1

None.

FCS_CKM.1

None.

FCS_CKM_EXT.4

None.

FCS_COP.1(1)

None.

FCS_COP.1(2)

None.

FCS_COP.1(3)

None.

FCS_COP.1(4)

None.

FCS_HTTPS_EXT.1

Failure to establish a HTTPS Session.

Establishment/Termination of a HTTPS

session.

Reason for failure.

Non-TOE endpoint of connection (IP

address) for both successes and failures.

FCS_RBG_EXT.1

None.

FCS_SSH_EXT.1

Failure to establish an SSH session.

Establishment/Termination of an SSH

session.

Reason for failure

Non-TOE endpoint of connection (IP

address) for both successes and failures.

FCS_TLS_EXT.1

Failure to establish a TLS Session.

Establishment/Termination of a TLS

session.

Reason for failure.

Non-TOE endpoint of connection (IP

address) for both successes and failures.

FDP_RIP.2

None.

FIA_PMG_EXT.1

None.

FIA_UIA_EXT.1

All use of the identification and

authentication mechanism.

Provided user identity, origin of the

attempt (e.g., IP address).

FIA_UAU_EXT.2

All use of the authentication mechanism.

Origin of the attempt (e.g., IP address).

FIA_UAU.7

None.

FMT_MTD.1

None.

FMT_SMF.1

None.

FMT_SMR.2

None.

FPT_SKP_EXT.1

None.

FPT_APW_EXT.1

None.

FPT_STM.1

Changes to the time.

The old and new values for the time.

Origin of the attempt (e.g., IP address).

Auditing session establishment failures is highly dependent on the implementation and is currently not

standardized in the industry. In this ST, no specific list or types of such failures is mandated as being auditable.

More specifically in this case, only user-level authentication failures are necessarily associated with SSH, HTTPS or

TLS session establishment failure.