Manualshelf

System information

ManualsBrandsCisco ManualsComputer equipmentCatalyst 3750X-48PF
11121314151617181920
Cisco Cat3K ST 6 June 2012
14
1.7 Logical Scope of the TOE
The TOE is comprised of several security features. Each of the security features
identified above consists of several security functionalities, as identified below.
1. Security audit
2. Cryptographic support
3. User data protection
4. Identification and authentication
5. Secure Management
6. Protection of the TSF
7. TOE access
These features are described in more detail in the subsections below.
1.7.1 Security audit
The TOE generates a comprehensive set of audit logs that identify specific TOE
operations. For each event, the TOE records the date and time of each event, the type of
event, the subject identity, and the outcome of the event. Auditable events include;
modifications to the group of users that are part of the authorized administrator roles
(assigned the appropriate privilege level), all use of the user identification mechanism,
any use of the authentication mechanism, any change in the configuration of the TOE,
any matching of packets to access control entries in ACLs when traversing the TOE;
and any failure of a packet to match an access control list (ACL) rule allowing traversal
of the TOE. The TOE will write audit records to the local logging buffer by default
and can be configured to send audit data via syslog to a remote audit server, or
display to the local console. The TOE does not have an interface to modify audit
records, though there is an interface available for the authorized administrator to
delete audit data stored locally on the TOE
1.7.2 Cryptographic support
The TOE provides cryptography support for secure communications and protection of
information when operated in FIPS mode. The crypto module is FIPS 140-2 SL2
validated (certificate 1657). The cryptographic services provided by the TOE include:
symmetric encryption and decryption using AES; digital signature using RSA;
cryptographic hashing using SHA1; and keyed-hash message authentication using
HMAC-SHA1. In the evaluated configuration, the TOE must be operated in FIPS mode
of operation per the FIPS Security Policy (certificate 1657). The TOE also implements
SSHv2 secure protocol for secure remote administration.