Manualshelf

Specifications

ManualsBrandsBrocade Communications Systems ManualsComputer equipmentNetIron CER Series
21222324252627282930
Brocade MLXand NetIron® Family Devices with Multi-Service IronWare R05.7.00
Security Target Version 1., July 15, 2014
Page 29 of 50
5.1.5.3 Restrictions on Security Roles (FMT_SMR.2)
FMT_SMR.2.1
The TSF shall maintain the roles: Authorized Administrator.
FMT_SMR.2.2
The TSF shall be able to associate users with roles.
FMT_SMR.2.3
The TSF shall ensure that the conditions
o Authorized Administrator role shall be able to administer the TOE locally;
o Authorized Administrator role shall be able to administer the TOE remotely;
are satisfied.
Component Assurance Activity:
The evaluator shall review the operational guidance to ensure that it contains instructions for
administering the TOE both locally and remotely, including any configuration that needs to be
performed on the client for remote administration. In the course of performing the testing activities
for the evaluation, the evaluator shall use all supported interfaces, although it is not necessary to
repeat each test involving an administrative action with each interface. The evaluator shall ensure,
however, that each supported method of administering the TOE that conforms to the requirements
of the NDPP be tested; for instance, if the TOE can be administered through a local hardware
interface; SSH; and TLS/HTTPS; then all three methods of administration must be exercised
during the evaluation team’s test activities.
5.1.6 Protection of the TSF (FPT)
5.1.6.1 Extended: Protection of Administrator Passwords (FPT_APW_EXT.1)
FPT_APW_EXT.1.1
The TSF shall store passwords in non-plaintext form.
FPT_APW_EXT.1.2
The TSF shall prevent the reading of plaintext passwords.
Component Assurance Activity:
The evaluator shall examine the TSS to determine that it details all authentication data that are
subject to this requirement, and the method used to obscure the plaintext password data when
stored. The TSS shall also detail passwords are stored in such a way that they are unable to be
viewed through an interface designed specifically for that purpose, as outlined in the application
note in the NDPP.
5.1.6.2 Extended: Protection of TSF Data (for reading of all symmetric keys) (FPT_SKP_EXT.1)
FPT_SKP_EXT.1.1
The TSF shall prevent reading of all pre-shared keys, symmetric key, and private keys.
Assurance Activity:
The evaluator shall examine the TSS to determine that it details how any pre-shared keys,
symmetric keys, and private keys are stored and that they are unable to be viewed through an
interface designed specifically for that purpose, as outlined in the application note in the NDPP. If
these values are not stored in plaintext, the TSS shall describe how they are protected/obscured.