Specifications

ManualsBrandsCisco ManualsComputer equipment4404 - Wireless LAN Controller

O.ADMIN_GUIDANCE

O.AUDIT_GENERATION

O.CONFIGURATION_IDENTIFICATION

O.CORRECT_TSF_OPERATION

O.CRYPTOGRAPHY

O.CRYPTOGRAPHY_VALIDATED

O.DISPLAY_BANNER

O.DOCUMENTED_DE SIGN

O.WIPS_FUNCTIONS

O.MANAGE

O.MEDIATE

O.PARTIAL_FUNCTIONAL_TESTING

O.RESIDUAL_INFORMATION

O.SELF_PROTECTION

O.TIME_STAMPS

O.TOE_ACCESS

O.VULNERABILITY_ANALYSIS

OE.AUDIT_PROTECTION

OE.AUDIT_REVIEW

OE.MANAGE

OE.NO_EVIL

OE.NO_GENERAL_PURPOSE

OE.PHYSICAL

OE.PROTECT_MGMT_COMMS

OE.RESIDUAL_INFORMATION

OE.SELF_PROTECTION

OE.TIME_STAMPS

OE.TOE_ACCESS

OE.TOE_NO_BYPASS

OE.CLIENT_PROTECT

A.NO_EVIL

A.NO_GENERAL_

PURPOSE

A.PHYSICAL

A.TOE_NO_BYPASS

A.CLIENT_PROTECT

Table 20 Threats, Assumptions & Policies to Security Objectives Rationale

Threat / Assumption /

Policy

Security Objectives Rationale

T.ACCIDENTAL_ADMIN_

ERROR

O.ADMIN_GUIDANCE helps to mitigate this threat by ensuring the TOE

administrators have guidance that instructs them how to administer the TOE in a

secure manner. Having this guidance helps to reduce the mistakes that an

administrator might make that could cause the TOE to be configured in a way

that is insecure.

O.MANAGE also contributes to mitigating this threat by providing

administrators the capability to view and manage configuration settings. For

example, if the administrator made a mistake when configuring the set of

permitted users’ authentication credentials, providing them the capability to

view the lists of authentication credentials affords them the ability to review the

list and discover any mistakes that might have been made.

OE.NO_EVIL contributes to mitigating this threat by ensuring that the

administrators are non-hostile and are trained to appropriately manage and

administer the TOE.

OE.NO_GENERAL_PURPOSE also helps to mitigate this threat in ensuring

that can be no accidental errors by providing that there are no general-purpose or

storage repository applications available on the TOE.

T.ACCIDENTAL_CRYPTO_

COMPROMISE

O.RESIDUAL_INFORMATION; OE.RESIDUAL_INFORMATION

contributes to the mitigation of this threat by ensuring that any residual data is

removed from network packet objects and ensuing that cryptographic material is

not accessible once it is no longer needed.

O.SELF_PROTECTION ensures that the TOE will have adequate protection

from external sources and that all TSP functions are invoked.

OE.SELF_PROTECTION ensures that the TOE operational environment will

have protection similar to that of the TOE