Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipment4404 - Wireless LAN Controller
90919293949596979899
92
O.TOE_ACCESS
FIA_UID.2 plays a small role in satisfying this objective by ensuring that every user is
identified before the TOE performs any mediated functions. In most cases, the
identification cannot be authenticated (e.g., a user attempting to send a data packet
through the TOE that does not require authentication). It is impractical to require
authentication of all users that attempt to send data through the TOE, therefore, the
requirements specified in the TOE require authentication where it is deemed necessary.
This does impose some risk that a data packet was sent from an identity other than
specified in the data packet.
FIA_UAU.1, and FIA_UAU_(EXT).5(1) contributes to this objective by ensuring that
administrators and users are authenticated before they are provided access to the TOE or
its services.
In order to control logical access to the TOE, an authentication mechanism is required.
The local administrator authentication mechanism is necessary to ensure an
administrator has the ability to login to the TOE regardless of network connectivity
(e.g., it would be unacceptable if an administrator could not login to the TOE because
the authentication server was down, or that the network path to the authentication server
was unavailable).
FIA_AFL.1(1) ensures that the TOE can protect itself and its users from brute force
attacks on their authentication credentials.
FIA_ATD.1(1),(2) Management requirements provide additional control to supplement
the authentication requirements.
FTA_SSL.3 ensures that an inactive user and administrative sessions are dropped.
FTP_TRP.1 ensures that remote users have a trusted path in order to authenticate.
FTP_ITC_(EXT).1 provides a trusted channel for services provided by the TOE
operational environment (the remote authentication server).
O.VULNERABILITY_
ANALYSIS
The AVA_VAN.3 component provides the necessary level of confidence that
vulnerabilities do not exist in the TOE that could cause the security policies to be
violated. AVA_VAN.3 requires the evaluator to perform a search for potential
vulnerabilities in all the TOE deliverables. For those vulnerabilities that are not
eliminated by the developer, a rationale must be provided that describes why these
vulnerabilities cannot be exploited by a threat agent with a basic attack potential, which
is in keeping with the desired assurance level of this TOE. This component provides the
confidence that security flaws do not exist in the TOE that could be exploited by a threat
agent of basic attack potential to violate the TOE’s security policies. For this TOE, the
vulnerability analysis is specified for an attack potential of basic. This requirement
ensures the evaluator has performed an analysis of the authentication mechanism to
ensure the probability of guessing a user’s authentication data would require a medium-
attack potential, as defined in Annex B of the CEM.