Manualshelf

Specifications

ManualsBrandsBrocade Communications Systems ManualsComputer equipmentNetIron CER Series
41424344454647484950
Brocade MLXand NetIron® Family Devices with Multi-Service IronWare R05.7.00
Security Target Version 1., July 15, 2014
Page 41 of 50
6. TOE Summary Specification
This chapter describes the security functions:
Security audit
Cryptographic support
User data protection
Identification and authentication
Security management
Protection of the TSF
TOE access
Trusted path/channels
6.1 Security Audit
The TOE is designed to produce syslog conformant messages in a number of circumstances including warnings
about the device itself (such as temperature, power failures, etc.) as well as security relevant events (the success and
failure login of the user, regardless of the authentication mechanism; changing a user’s password; and adding and
deleting user accounts). In each case the audit record includes the time and date, identification of the responsible
subject (e.g., by network address or user ID), the type of event, the outcome of the event, and other information
depending on the event type.
The audit records are stored in a log (internal to the TOE appliance) that is protected so that only an authorized TOE
User can read (for which tools accessible via the CLI and Web Management Interface are provided). The protection
results from the fact that the logs can be accessed only after a user logs in (see section 6.4 below).
The log stores up to 50 entries after which the audit entries will be overwritten, oldest first. The administrator (with
Super User privilege) can (and should) choose to configure one or more external syslog servers where the TOE will
simultaneously send a copy of the audit records. The TOE can be configured to use TLS (using any of the four
supported, mandatory ciphersuites) to protect audit logs exported to an external server.
The TOE includes a hardware clock that is used to provide reliable time information for the audit records it
generates.
The Security audit function is designed to satisfy the following security functional requirements:
FAU_GEN.1: The TOE can generate audit records for events include starting and stopping the audit
function, administrator commands, and all other events identified in Table 2. Furthermore, each audit
record identifies the date/time, event type, outcome of the event, responsible subject/user, as well as the
additional event-specific content indicated in Table 2.
FAU_GEN.2: The TOE identifies the responsible user for each event based on the specific administrator or
network entity (identified by IP address) that caused the event.
FAU_STG_EXT.1: The TOE can be configured to export audit records to an external SYSLOG server.
This communication is protected with the use of TLS.