Specifications

ManualsBrandsCisco ManualsComputer equipment4404 - Wireless LAN Controller

Table of Contents

TABLE OF CONTENTS ............................................................................................................................. 2

LIST OF TABLES ....................................................................................................................................... 5

1 SECURITY TARGET INTRODUCTION ..................................................................................... 5

1.1 ST & TOE IDENTIFICATION ........................................................................................................................... 5

1.2 SECURITY TARGET OVERVIEW ...................................................................................................................... 6

1.3 REFERENCES .................................................................................................................................................. 7

1.4 ACRONYMS, ABBREVIATIONS & TERMS .......................................................................................................... 8

2 TOE DESCRIPTION ..................................................................................................................... 12

2.1 TOE PRODUCT TYPE .................................................................................................................................... 12

2.2 TOE OVERVIEW ........................................................................................................................................... 13

2.3 TOE PHYSICAL BOUNDARY .......................................................................................................................... 13

2.3.1 Access Point (AP) TOE Component ..................................................................................................... 15

2.3.2 Wireless LAN Controller TOE Component .......................................................................................... 20

2.4 TOE LOGICAL BOUNDARY ........................................................................................................................... 23

2.4.1 Administration (FMT) .......................................................................................................................... 23

2.4.2 Audit (FAU) ......................................................................................................................................... 24

2.4.3 Encryption (FCS) ................................................................................................................................. 24

2.4.4 Identification & Authentication (FIA) .................................................................................................. 25

2.4.5 Information Flow Control (FDP) ........................................................................................................ 25

2.4.6 Self Protection (FPT) ........................................................................................................................... 25

2.4.7 Wireless Intrusion Prevention System (IPS) ........................................................................................ 25

2.5 IT ENVIRONMENT DEPENDENCIES ................................................................................................................. 26

2.5.1 Wireless Client Hosts ........................................................................................................................... 26

2.5.2 Administrator Management Hosts ....................................................................................................... 26

2.5.3 Cisco Secure Access Control Server (ACS) and Cisco Identity Services Engine (ISE) ....................... 26

2.5.4 Cisco Wireless Control System (WCS) and Network Control System (NCS) ....................................... 27

2.5.5 Cisco Mobility Services Engine (MSE) ................................................................................................ 28

2.5.6 Syslog Server........................................................................................................................................ 28

2.6 SECURITY FUNCTIONALITY NOT INCLUDED IN THE TOE’S LOGICAL BOUNDARY ........................................... 28

2.6.1 Identification & Authentication ........................................................................................................... 28

2.7 TOE EVALUATED CONFIGURATION .............................................................................................................. 29

2.8 TOE COMPONENT COMMUNICATION METHODS ............................................................................................ 30

3 CONFORMANCE CLAIMS ......................................................................................................... 30

3.1 PROTECTION PROFILE REFERENCE ................................................................................................................ 30

3.2 PROTECTION PROFILE REFINEMENTS ............................................................................................................. 30

3.3 PROTECTION PROFILE ADDITIONS ................................................................................................................. 31

3.3.1 TOE Security Problem Definition Additions ........................................................................................ 31

3.3.2 TOE Security Functional Requirement Additions ................................................................................ 32

4 SECURITY PROBLEM DEFINITION ....................................................................................... 33

4.1 ASSUMPTIONS .............................................................................................................................................. 33

4.2 THREATS ...................................................................................................................................................... 34

4.3 ORGANIZATIONAL SECURITY POLICIES ......................................................................................................... 35

5 SECURITY OBJECTIVES ........................................................................................................... 36

5.1 SECURITY OBJECTIVES FOR THE TOE ............................................................................................................ 36

5.2 SECURITY OBJECTIVES FOR THE ENVIRONMENT ............................................................................................ 38