Specifications

ManualsBrandsCisco ManualsComputer equipmentA9014CFD

Cisco Aggregation Services Router (ASR) 901 Series Security Target

Page 9 of 50

The TOE consists of any one of a number of hardware models as listed above in Table 3: ST and

TOE Identification, each running the same version of IOS software. The ASR 901 Series chassis

provides power, cooling, and backplane for the Ethernet interfaces and Small Form-Factor

Pluggable (SFP) and enhanced SFP (SFP+) optics modules, as defined in Table 3 in Section 1.1.

Cisco IOS is a Cisco-developed highly configurable proprietary operating system that provides

for efficient and effective routing. Although IOS performs many networking functions, this TOE

only addresses the functions that provide for the security of the TOE itself as described in

Section 1.4.4 TOE logical scope below.

1.2.1 TOE Product Type

The Cisco Aggregation Services Router (ASR) 901 Series is a cell-site access platform

specifically designed to aggregate and transport mixed-generation RAN traffic. The RAN cell

sites are places of transformation between mobile radio and mobile transport networks. The

Cisco ASR 901 routers are designed to minimize operating costs and optimize this radio-to-

transport transformation through scalable time-division multiplexing (TDM) and IP/Ethernet

interfaces for any combination of multivendor, multi-generation radios and transport networks.

The ASR 901, supports Layer2 Control Protocol Forwarding by performing analysis of incoming

frames, makes forwarding decisions based on information contained in the frames, and forwards

the frames toward the destination. The router also supports Layer 2 Control Protocol Tunneling

for tunneling Ethernet protocol frames across Layer 2 switching domains and Carrier Ethernets

(CE). In addition, the router also supports Layer 2 peering. In support of the routing

capabilities, the Cisco Aggregation Services Router (ASR) 901 Series supports the listed IP

routing protocols in section 1.4 for load balancing and for constructing scalable, routed

backbones.

1.2.2 Supported non-TOE Hardware/ Software/ Firmware

The TOE supports (in some cases optionally) the following hardware, software, and firmware in

its environment:

Table 4 IT Environment Components

Component

Required

Usage/Purpose Description for TOE performance

Management

Workstation

with SSH Client

Yes

This includes any IT Environment Management workstation with a SSH client

installed that is used by the TOE administrator to support TOE administration

through SSH protected channels. Any SSH client that supports SSHv2 may be

used.

NTP Server

The TOE supports communications with an NTP server to synchronize date and

time.

Syslog server

Yes

The syslog audit server is used for remote storage of audit records that have been

generated by and transmitted from the TOE.

RADIUS or

TACACS+

AAA Server

This includes any IT environment RADIUS or TACACS+ AAA server that

provides authentication services to TOE administrators.