Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipment4404 - Wireless LAN Controller
81828384858687888990
84
P.ENCRYPTED_CHANNEL
O.CRYPTOGRAPHY and O.CRYPTOGRAPHY_VALIDATED satisfies this
policy by requiring the TOE to implement NIST FIPS validated cryptographic
services. These services will provide confidentiality and integrity protection of
user data while in transit wireless clients that are authorized to join the network.
O.MEDIATE allows the TOE administrator to set a policy to encrypt all
wireless traffic.
OE.PROTECT_MGMT_COMMS provides that the remote network
management information and authentication data will be protected by means of
an encrypted channel in the environment.
P.NO_AD_HOC_NET WORKS
O.MEDIATE works to mitigate this policy by ensuring that all network packets
that flow through the TOE are subject to the information flow policies.
OE.TOE_NO_BYPASS supports this policy by ensuring that wireless clients
must be configured to use the wireless access system for all information flowing
between a wireless client and any other host on the network. If the clients are
properly configured, any information passing through the TOE will be inspected
to ensure it is authorized by TOE polices.
P.WIRELESS_LOCATION_
POLICY
O.WIPS_FUNCTIONS addresses this policy by providing an audit mechanism
to create records based on the presence and relative location information (based
on wireless signal strength detected at one or multiple APs) for ad-hoc rogues,
rogue access points, rogue clients and authorized wireless devices.
Five of the security objectives for the IT environment are simply restatements of an
assumption found in the Security Problem Definition. Therefore, these five objectives for the
environment, OE.NO_EVIL, OE.PHYSICAL, OE.NO_GENERAL_PURPOSE and
OE.TOE_NO_BYPASS, and OE.CLIENT_PROTECT traces to the assumptions trivially.
8.2 Rationale for Security Functional
Requirements
8.2.1 Rationale for Security Functional Requirements of the TOE Objectives
This section provides rationale for the Security Functional Requirements demonstrating that
the Security Functional Requirements are suitable to address the security objectives. Table 21
identifies each Security Functional Requirement and the associated TOE security objective(s)
addressed by that SFR.
As noted in sections 3.2 and section 3.3.2, some SFRs were added to this ST beyond those
specified in the WLAN PP, and some refinements were made to SFRs from the PP. All these
modifications serve augment the set of SFRs that were present in the WLAN PP, they do not
interfere with any that were specified in the WLAN PP, and the additions and refinements
result in a statement of security requirements that is more restrictive than the statement of
security requirements in the WLAN PP.