Manualshelf

System information

ManualsBrandsCisco ManualsComputer equipmentCatalyst 3750X-48PF
21222324252627282930
Cisco Cat3K ST 6 June 2012
21
3 SECURITY PROBLEM DEFINITION
This section describes the security environment in which the TOE is intended to be used.
This document identifies assumptions as A.assumption with “assumption” specifying a
unique name. Threats are identified as T.threat with “threat” specifying a unique name.
3.1 Assumptions
The specific conditions listed in the following subsections are assumed to exist in the
TOE’s environment. These assumptions include both practical realities in the
development of the TOE security requirements and the essential environmental
conditions on the use of the TOE.
Table 4 TOE Assumptions
Assumption Assumption Definition
A.NOEVIL All authorized administrators are assumed not evil and will not disrupt the
operation of the TOE intentionally.
A.TRAIN_AUDIT Administrators will be trained to periodically review audit logs to identify
sources of concern
A.TRAIN_GUIDAN Personnel will be trained in the appropriate use of the TOE to ensure security.
A.LOCATE The processing resources of the TOE will be located within controlled access
facilities, which will prevent unauthorized physical access.
A.CONFIDENTIALITY Copies of TOE configuration data including representations of authentication
data maintained off the TOE in hard-copy or soft-copy will be kept confidential
and access will be limited to authorized administrators. Audit data transmitted
by the TOE and routing table updates exchanged with neighbor routers, and
associated neighbor router authentication data will be protected from
unauthorized disclosure through isolation of associated network traffic.
A.INTEROPERABILITY The TOE will be able to function with the software and hardware of other
switch vendors on the network.
A.LOWEXP The threat of malicious attacks aimed at exploiting the TOE is considered low.
3.2 Threats
The following table lists the threats addressed by the TOE and the IT Environment. The
assumed level of expertise of the attacker for all the threats identified below is Basic.
Table 5 Threats
Threat Threat Definition
T.AUDIT_REVIEW Actions performed by users may not be known to the administrators due
to actions not being recorded locally or remotely in a manner suitable for
allow interpretation of the messages.
T.AUTHADMIN An authorized administrative user may either intentionally or
unintentionally gain access to the configuration services for which the
user is not authorized.
T.MEDIATE An unauthorized entity may send impermissible information through the
TOE which results in the exploitation of network the recipient of the
network traffic.
T.NOAUDIT An unauthorized user modifies or destroys audit data.