System information
Cisco Cat3K ST 6 June 2012
45
Component How requirement will be met
ADV_FSP.2 The functional specification describes the external interfaces of the TOE; such as the means
for a user to invoke a service and the corresponding response of those services. The
description includes the interface(s) that enforces a security functional requirement, the
interface(s) that supports the enforcement of a security functional requirement, and the
interface(s) that does not enforce any security functional requirements. The interfaces are
described in terms of their purpose (general goal of the interface), method of use (how the
interface is to be used), parameters (explicit inputs to and outputs from an interface that control
the behavior of that interface), parameter descriptions (tells what the parameter is in some
meaningful way), and error messages (identifies the condition that generated it, what the
message is, and the meaning of any error codes).The development evidence also contains a
tracing of the interfaces to the SFRs described in this ST.
ADV_TDS.1 The TOE design describes the TOE security functional (TSF) boundary and how the TSF
implements the security functional requirements. The design description includes the
decomposition of the TOE into subsystems and/or modules, thus providing the purpose of the
subsystem/module, the behavior of the subsystem/module and the actions the
subsystem/module performs. The description also identifies the subsystem/module as SFR
(security function requirement) enforcing, SFR supporting, or SFR non-interfering; thus
identifying the interfaces as described in the functional specification. In addition, the TOE
design describes the interactions among or between the subsystems/modules; thus providing a
description of what the TOE is doing and how.
AGD_OPE.1 The Administrative Guide provides the descriptions of the processes and procedures of how
the administrative users of the TOE can securely administer the TOE using the interfaces that
provide the features and functions detailed in the guidance.
AGD_PRE.1 The Installation Guide describes the installation, generation, and startup procedures so that the
users of the TOE can put the components of the TOE in the evaluated configuration.
ALC_CMC.2 The Configuration Management (CM) document(s) describes how the consumer (end-user) of
the TOE can identify the evaluated TOE (Target of Evaluation). The CM document(s),
identifies the configuration items, how those configuration items are uniquely identified, and
the adequacy of the procedures that are used to control and track changes that are made to the
TOE. This includes details on what changes are tracked, how potential changes are
incorporated, and the degree to which automation is used to reduce the scope for error.
ALC_CMS.2
ALC_DEL.1 The Delivery document describes the delivery procedures for the TOE to include the procedure
on how to download certain components of the TOE from the Cisco website and how certain
components of the TOE are physically delivered to the user. The delivery procedure detail how
the end-user may determine if they have the TOE and if the integrity of the TOE has been
maintained. Further, the delivery documentation describes how to acquire the proper license
keys to use the TOE components.
ALC_DVS.1
ALC_FLR.2
The Lifecycle document(s) describes the security measures and controls that are in place at the
development site(s), the security measures and controls that are in place regarding employees,
and the security measures and controls that are in place during the development and
maintenance of the TOE. These procedures also include the flaw remediation and reporting
procedures so that security flaw reports from TOE users can be appropriately acted upon, and
TOE users can understand how to submit security flaw reports to the developer.
ATE_COV.1 The Test document(s) consist of a test plan describes the test configuration, the approach to
testing, and how the TSFI (TOE security function interfaces) has been tested against its
functional specification as described in the TOE design and the security architecture
description. The test document(s) also include the test cases/procedures that show the test
steps and expected results, specify the actions and parameters that were applied to the
interfaces, as well as how the expected results should be verified and what they are. Actual
results are also included in the set of Test documents.
ATE_FUN.1
ATE_IND.2 Cisco will provide the TOE for testing.
AVA_VAN.2 Cisco will provide the TOE for testing.