Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipmentASR 900 Series
12345678910
Cisco Aggregation Services Router (ASR) 900 Series Security Target
Page 10 of 52
1.3 TOE DESCRIPTION
This section provides an overview of the Cisco Aggregation Services Router (ASR) 900 Series
Target of Evaluation (TOE). This section also defines the TOE components included in the
evaluated configuration of the TOE. The TOE consists of a number of components including:
Chassis: The TOE chassis is designed for low power consumption, line rate performance
for all Layer 2 and Layer 3 interfaces, the different hardware configuration options
include 3-RU modular chassis and slots to support various cards and processors.
There are also flexible clocking options, and redundant power and cooling. The chassis
is the component of the TOE in which all other TOE components are housed.
Route/Switch Processor (RSP) as noted above, this card the centralized card in the
system performing the data plane, network timing, and control plane functions for the
system. The four supported RSP cards, RSP1A-55, RSP1B-55, RSP2A-64 and RSP2A-
128 are very similar in their performance, switching capabilities, interface (port) density,
can be installed in both the ASR902 and ASR903. The differences are mainly in the
services support scalability such as the amount of DRAM, the number of supported IP
and multicast routes, MAC addresses, bridge domains and Ethernet flow points.
Cisco IOS-XE software is a Cisco-developed highly configurable proprietary operating
system that provides for efficient and effective routing and switching. Although IOS-XE
performs many networking functions, this TOE only addresses the functions that provide
for the security of the TOE itself as described in Section 1.7 Logical Scope of the TOE
below.
1.4 TOE Evaluated Configuration
The TOE consists of one or more physical devices as specified in section 1.5 below and includes
the Cisco IOS-XE software. The TOE has two or more network interfaces and is connected to at
least one internal and one external network. The Cisco IOS-XE configuration determines how
packets are handled to and from the TOE’s network interfaces. The TOE also provides timing
services required in today’s converged access networks by offering integrated support for the
Building Integrated Timing Supply (BITS), 1 Pulse Per Second (1PPS) and Time Of Day (TOD)
interfaces. The ASR 900 Series also supports Synchronous Ethernet (SyncE) and IEEE-1588 and
can act as the source for network clocking for time-division multiplexing (TDM), Synchronous
Digital Hierarchy (SDH), and Synchronous Optical Network (SONET), SyncE, and Global
Positioning Satellite (GPS) interfaces. The ASR 900 Series router configuration will prioritize
and process the data and signaling traffic for transport across the available networks. Typically,
packet flows are passed through the internetworking device and forwarded to their configured
destination.
The TOE can optionally connect to an NTP server on its internal network for time services. Also,
if the ASR 900 Series is to be remotely administered, then the management workstation station
must be connected to an internal network, SSHv2 must be used to connect to the TOE. A syslog
server is also used to store audit records. If these servers are used, they must be attached to the
internal (trusted) network. The internal (trusted) network is meant to be separated effectively
from unauthorized individuals and user traffic; one that is in a controlled environment where
implementation of security policies can be enforced.