Specifications

These features are described in more detail in the subsections below. In addition, the TOE

operations. For each event, the TOE records the date and time of each event, the type of event,

the subject identity, and the outcome of the event. Auditable events include: failure on invoking

cryptographic functionality such as establishment, termination and failure of an IPsec SA;

establishment, termination and failure of an SSH session; modifications to the group of users that

are part of the authorized administrator roles; all use of the user identification mechanism; any

use of the authentication mechanism; any change in the configuration of the TOE, changes to

time, initiation of TOE update, indication of completion of TSF self-test, maximum sessions

being exceeded, termination of a remote session and attempts to unlock a termination session;

and initiation and termination of a trusted channel.

the date/time the event occurred, the event/type of event, the user associated with the event, and

additional information of the event and its success and/or failure. The TOE does not have an

interface to modify audit records, though there is an interface available for the authorized

administrator to clear audit data stored locally on the TOE.

The TOE provides cryptography in support of other Cisco Aggregation Services Router (ASR)

900 Series security functionality. The algorithms shown in Table 9 FIPS References are

implemented in the Cisco IOS Common Cryptographic Module (IC2M) Algorithm Module

firmware version 2.0.