Specifications
68
authenticated via RADIUS, and SNMPv3 Users authenticated locally) are required to be
successfully identified (via the configured authentication mechanisms), prior to the TOE
allowing any TSF-mediated actions other than authentication attempts. Any deferring of
authentication of authentication decisions (for Controller administrators or wireless users) to a
RADIUS server does not interfere with the TOE controlling the sequence of identification,
authentication, and access events (e.g. allowing the establishment of an encrypted session,
allowing a login attempt, deferring authentication decision to RADIUS, and waiting for
successful authentication to be confirmed by RADIUS, before granting further access).
Related TOE IT Environment SFRs:
FIA_UID.1: No administrative or user actions are permitted on ACS/ISE without
identification. The syslog server relies on its host operating system to ensure
identification, and authentication.
FIA_USB.1(1)
Administrative sessions (for Management Users and SNMPv3 Users) are associated with their
access mode (e.g. ReadOnly or ReadWrite) upon authentication, and for the duration of the
interactive session.
The TOE maintains a session ID for any administrative access session (SSH, TLS, or SNMPv3),
and binds the username and the user’s access mode (as established at authentication), with the
session ID for the duration of the authenticated session.
Regardless of whether an administrative session was authenticated locally (for SNMPv3 Users),
or remotely (via RADIUS for Management Users) the username and access mode are bound to
the session ID.
FIA_USB.1(2)
The TOE is able to associate wireless clients with their identifying attributes by matching the
host MAC address with the session ID. Regardless of whether wireless user session was
authenticated locally, or remotely (via RADIUS) the wireless client’s MAC address are bound to
the session ID.
FMT_MOF.1(1)
FMT_SMF.1(1)
FMT_SMF.1(3)
The Controller provides management interfaces for administration of the Controllers and the
APs. The Controllers administer the APs that have been associated with the Controller during
installation of the APs using CAPWAP. The Controller maintains a policy file for the APs that
the Controller pushes out to the APs. The policy file contains the information on what encryption
policies that the AP enforces. The encryption policies can be set on a per WLAN SSID basis.
The Controller administrator sets the Controller to use WPA2 then selects between Preshared
Key (PSK) and 802.1X requests, which get sent to the ACS/ISE for authentication.
The Controller administrator configures cryptographic settings for the Controller and AP
modules and has the ability to load and zeroize keys, select cryptographic algorithms, execute
self test functions and configure the TOE to encrypt or not encrypt wireless transmissions. The
Controller management interfaces permit management of cryptographic keys and key data in
support of FDP_PUD_EXT as well as executing cryptographic key tests.
The capability to verify integrity of stored code can only be performed through the Controller
CLI, thus can only be performed by Management User accounts, not SNMPv3 User accounts.
FMT_MOF.1(2)
FMT_SMF.1(2)
FMT_MTD.1(1)
The Controller administrator is able to configure audit generation functions described earlier in
this table for FAU_SEL.1(1).
The Controller administrator is also able to enable or disable logging to the local audit log, or to
the local console, or to remote syslog servers, and to display the configuration and status of audit
functions.
Related TOE IT Environment SFRs:
FMT_MOF.1(4): The Syslog administrator, after authentication by the Syslog Host,
may configure the audit preselection parameters, and start and stop syslog.
The ACS/ISE administrator may configure audit preselection parameters and start and
stop audit logging at the ACS/ISE.