Specifications

ManualsBrandsCisco ManualsComputer equipmentASR 900 Series

Cisco Aggregation Services Router (ASR) 900 Series Security Target

Page 6 of 52

Acronyms/Abbreviations

Definition

autonomous system). A link-state routing protocol which calculates the shortest path

to each node.

Protection Profile

RAN

Radio Access Network

RSP

Route Switch Processor

QoS

Quality of Service

SFP

Small–form-factor pluggable port

SHS

Secure Hash Standard

SSHv2

Secure Shell (version 2)

Security Target

TCP

Transport Control Protocol

TDM

Time-division multiplexing. Is a method of putting multiple data streams in a single

transmission signal, separating the signal into many segments, each having a very

short duration, hence each data stream having their own time slot on the channel.

Trunk Port

A port that sends and receives tagged frames on all VLANs, except the native

VLAN, if one is configured. Frames belonging to the native VLAN do NOT carry

VLAN tags when sent over the trunk. Conversely, if an untagged frame is received

on a trunk port, the frame is associated with the native VLAN configured on that

port.

TSC

TSF Scope of Control

TSF

TOE Security Function

TSP

TOE Security Policy

UNI

User Network Interfaces (UNIs) to connect to customer networks.

WAN

Wide Area Network

VLAN

Virtual Local Area Network

Terminology

Table 2 Terminology

Term

Definition

Authorized

Administrator

Any user which has been assigned to a privilege level that is permitted to perform all TSF-

related functions.

Peer router

Another router on the network that the TOE interfaces with.

Privilege level

Assigns a user specific management access to the TOE to run specific commands. The

privilege levels are from 1-15 with 15 having full administrator access to the TOE similar

to root access in UNIX or Administrator access on Windows. Privilege level 1 has the

most limited access to the CLI. By default when a user logs in to the Cisco IOS, they will

be in user EXEC mode (level 1). From this mode, the administrator has access to some

information about the TOE, such as the status of interfaces, and the administrator can view

routes in the routing table. However, the administrator can't make any changes or view the

running configuration file. The privilege levels are customizable so that an Authorized

Administrator can also assign certain commands to certain privilege levels.

Remote VPN

Gateway/Peer

A remote VPN Gateway/Peer is another network device that the TOE sets up a VPN

connection with. This could be a VPN client or another router.

Security

Administrator

Synonymous with Authorized Administrator for the purposes of this evaluation.

User

Any entity (human user or external IT entity) outside the TOE that interacts with the TOE.

Vty

vty is a term used by Cisco to describe a single terminal (whereas Terminal is more of a

verb or general action term).