Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipment4404 - Wireless LAN Controller
81828384858687888990
88
O.AUDIT_GENERATION
FAU_GEN.1(1) defines the set of events that the TOE must be capable of recording.
This requirement ensures that the administrator has the ability to audit any security
relevant event that takes place in the TOE. This requirement also defines the information
that must be contained in the audit record for each auditable event. There is a minimum
of information that must be present in every audit record and this requirement defines
that, as well as the additional information that must be recorded for each auditable event.
FAU_GEN.2 ensures that the audit records associate a user identity with the auditable
event. In the case of authorized users, the association is accomplished with the user ID.
In all other cases, the association is based on the source network identifier, which is
presumed to be the correct identity, but cannot be confirmed since these subjects are not
authenticated.
FAU_SEL.1(1) allows for the selection of events to be audited. This requires that the
criteria used for the selection of auditable events to be defined. For example, the event
type can be used as selection criteria for the events to be audited.
FIA_USB.1(1), FIA_USB.1(2) play a role is satisfying this objective by requiring a
binding of security attributes associated with wireless users and administrators that are
authenticated with the subjects that represent them in the TOE. This only applies to
authorized users, since the identity of unauthenticated users cannot be confirmed.
Therefore, the audit trail may not always have the proper identity of the subject that
causes an audit record to be generated (e.g., presumed network address of an
unauthenticated user may be a spoofed address).
FPT_STM_(EXT).1 supports the audit functionality by ensuring that the TOE is capable
of obtaining a time stamp for use in recording audit events.
FTP_ITC_(EXT).1 provides a trusted channel for services provided by the TOE
operational environment (the audit server and the time server).
O.CONFIGURATION_
IDENTIFICATION
ALC_CMC.4 contributes to this objective by requiring the developer have a
configuration management plan that describes how changes to the TOE and its
evaluation deliverables are managed.
ALC_CMS.4 is necessary to define the items that must be under the control of the CM
system. This requirement ensures that the TOE implementation representation, design
documentation, test documentation (including the executable test suite), user and
administrator guidance, and CM documentation are tracked by the CM system.
ALC_FLR.2 plays a role in satisfying this objective by requiring the developer to have
procedures that address flaws that have been discovered in the product, either through
developer actions (e.g., developer testing) or discovery by others. The flaw remediation
process used by the developer corrects any discovered flaws and performs an analysis to
ensure new flaws are not created while fixing the discovered flaws.
O.CORRECT_TSF_
OPERATION
FPT_TST_(EXT).1, FPT_TST.1(1) and FPT_TST.1(2) are necessary to ensure the
correct operation of the TSF hardware and software and FIPS 140-2 self tests.