Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipmentA9014CFD
11121314151617181920
Cisco Aggregation Services Router (ASR) 901 Series Security Target
Page 14 of 50
Power supplies
2 power supplies (DC only); module redundancy: 1:1
1 power supply (AC only)
Software
Cisco IOS
15.5(1)S1
1.6 Logical Scope of the TOE
The TOE is comprised of several security features. Each of the security features identified above
consists of several security functionalities, as identified below.
1. Security Audit
2. Cryptography Support
3. User Data Protection
4. Identification & Authentication
5. Security Management
6. Protection of the TSF
7. Trusted Path/Channel
8. TOE Access
These features are described in more detail in the subsections below. In addition, the TOE
implements all RFCs of the NDPP as necessary to satisfy testing/assurance measures prescribed
therein.
1.6.1 Security audit
The Cisco Aggregation Services Router (ASR) 901 Series provides extensive auditing
capabilities. The TOE generates a comprehensive set of audit logs that identify specific TOE
operations. For each event, the TOE records the date and time of each event, the type of event,
the subject identity, and the outcome of the event. Auditable events include: failure on invoking
cryptographic functionality such as establishment, termination and failure of an IPsec SA;
establishment, termination and failure of an SSH session; modifications to the group of users that
are part of the authorized administrator roles; all use of the user identification mechanism; any
use of the authentication mechanism; any change in the configuration of the TOE, changes to
time, initiation of TOE update, indication of completion of TSF self-test, maximum sessions
being exceeded, termination of a remote session and attempts to unlock a termination session;
and initiation and termination of a trusted channel.
The TOE is configured to transmit its audit messages to an external syslog server.
Communication with the syslog server is protected using IPsec and the TOE can determine when
communication with the syslog server fails. If that should occur, the TOE can be configured to
block new permit actions.
The logs can be viewed on the TOE using the appropriate IOS commands. The records include
the date/time the event occurred, the event/type of event, the user associated with the event, and