Manualshelf

System information

ManualsBrandsCisco ManualsComputer equipmentCatalyst 3750X-48PF
21222324252627282930
Cisco Cat3K ST 6 June 2012
24
TOE Objective TOE Security Objective Definition
O.TIME The TOE will provide a reliable time stamp for its
own use.
O.DISPLAY_BANNER The TOE will display an advisory warning regarding
use of the TOE.
O.RESIDUAL_INFORMATION_CLEARING The TOE will ensure that any data contained in a
protected resource is not available when the resource
is reallocated.
4.2 Security Objectives for the Environment
All of the assumptions stated in Section 3.1 are considered to be security objectives for
the environment. The following are the non-IT security objectives, which, in addition to
those assumptions, are to be satisfied without imposing technical requirements on the
TOE. That is, they will not require the implementation of functions in the TOE hardware
and/or software. Thus, they will be satisfied largely through application of procedural or
administrative measures.
Table 8 Security Objectives for the Environment
Environment Security
Objective
IT Environment Security Objective Definition
OE.AUDIT_REVIEW Administrators will be trained to periodically review the audit logs to identify
sources of concern and will make a syslog server available for use by the TOE
and TOE administrators.
OE.CONFIDENTIALITY The hard copy documents and soft copy representations that describe the
configuration of the TOE, I&A information and Audit storage will be kept
confidential and access will be limited to Authorized administrators. Audit
data transmitted by the TOE and routing table updates exchanged with
neighbor routers, and associated neighbor router authentication data will be
protected from unauthorized disclosure through isolation of associated
network traffic.
OE.INTEROPERABILITY The TOE will be able to function with the software and hardware of other
vendors on the network.
OE.LOCATE The processing resources of the TOE will be located within controlled access
facilities, which will prevent unauthorized physical access.
OE.LOWEXP The threat of malicious attacks aimed at exploiting the TOE is considered low.
OE.NOEVIL The authorized administrators are not careless, willfully negligent, or hostile,
and will follow and abide by the instructions provided by the TOE
documentation, including the administrator guidance; however, they are
capable of error.
OE.TRAIN_GUIDAN Personnel will be trained in the appropriate use of the TOE to ensure security
and will refer to all administrative guidance to ensure the correct operation of
the TOE.