Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipment4404 - Wireless LAN Controller
21222324252627282930
24
functionality that enables a human user to configure and manage TOE components.
Management functions include configuration of cryptographic keys, encryption settings, audit
settings, authentication credentials, and the use of authentication servers.
The SFRs covered by this security function are FMT_MOF.1(1), FMT_MOF.1(2),
FMT_MOF.1(3), FMT_MSA.2, FMT_MTD.1(1), FMT_MTD.1(2), FMT_MTD.1(3),
FMT_SMF.1(1), FMT_SMF.1(2), FMT_SMF.1(3), FMT_SMR.1(1), FTA_SSL.3
2.4.2 Audit (FAU)
The TOEs Audit security function supports audit record generation and selective audit record
generation functionality. All components of the TOE work to implement an auditing
capability of security relevant events that happen under the control of the TOE. Audit records
are generated by the APs, and Controllers of the TOE, and the ACS/ISE of the TOE IT
Environment. The TOE’s audit data viewing capability provides administrator support
functionality that enables administrators to view audit records and selective view audit
records along with allowing them to selectively choose what events they want audited.
Audit generation by the TOE (viewable via the controller or the remote syslog server):
The TOE generates audit records of administrator actions related to the management of
TSF data and configuration data. Controller administrator actions are audited by means
of TACACS+ Accounting messages sent from the Controller to the ACS/ISE. In the
evaluated configuration, ACS/ISE will be configured to send these messages to the
syslog server as well.
The TOE generates wIPS audit records based on signatures distributed by the MSE, by
monitoring and analyzing wireless network traffic and generating events/alerts for
potential intrusions. The TOE includes Denial of Service Security Penetration Attack
Wireless Intrusion Prevention Signatures which it uses to detect unauthorized or
threatening WLAN activity. This information is generated by the APs, and forwarded
through the Controller to the MSE over a TLS protected interface.
Audit generation by the TOE IT Environment (viewable via the ACS/ISE):
Wireless users authentication attempts (successful and failed) and ACS/ISE
administrative audit events are sent from the ACS/ISE to the Syslog storage for pre-
selection, storage and review. Other ACS/ISE audit activities (the management of user
accounts controlled by the ACS/ISE, the encryption policies controlled by the ACS/ISE
for wireless users, and the changing of auditing capabilities controlled by the ACS/ISE)
may be written into ACS/ISE persistent storage for a time before being sent to the Syslog
server. Post selection filtering can be done on any audit records stored on the Syslog
server.
The SFRs covered by this security function are FAU_GEN.1(1), FAU_GEN.2,
FAU_SEL.1(1), FPT_STM_(EXT).1
2.4.3 Encryption (FCS)
The TOEs wireless network encryption security function ensures that when an administrator
has configured encryption, all network packet data payloads are encrypted with the scheme
defined by the administrator for flows of information occurring in the RF domain. This allows
for the TOE to provide end-to-end encryption capabilities between wireless clients, trusted
APs and trusted nodes that reside within the TOE. The TOE also uses encryption to protect
communication between TOE components, remote administration and communication with