Manualshelf

System information

ManualsBrandsCisco ManualsComputer equipmentCatalyst 3750X-48PF
41424344454647484950
Cisco Cat3K ST 6 June 2012
49
TOE SFRs How the SFR is Met
authentication, and the username
attempting to authenticate will be
included in the log record.
Any use of the authentication
mechanism.
Events will be generated for
attempted identification/
authentication, and the username
attempting to authenticate will be
included in the log record, along
with the origin or source of the
attempt.
Management functions The use of the security management
functions is logged; modifications of
the behavior of the functions in the
TSF and modifications of default
settings.
Detection of replay attacks Attempts of replaying data
previously transmitted and
terminated at the TOE are logged,
along with the origin or source of the
attempt.
Changes to the time. Changes to the time are logged.
Failure to establish and/or
establishment/failure of an SSH
session
Attempts to establish an SSH
session or the failure of an
established SSH is logged.
Indication that TSF self-test was
completed.
During bootup, if the self test
succeeds a login prompt is
displayed. If the self-test fails, the
failure is logged.
FAU_GEN.2 The TOE shall ensure that each auditable event is associated with the user that
triggered the event and as a result they are traceable to a specific user. For
example a human user, user identity or related session ID would be included in
the audit record. For an IT entity or device, the IP address, MAC address, host
name, or other configured identification is presented. Refer to the Guidance
documentation for configuration syntax and information.
FAU_SAR.1 The TOE provides the interface for the authorized administrator to read all of
the TOE audit records. The records include the information described in
FAU_GEN.1 above
Refer to the Guidance documentation for commands, configuration syntax and
information related to viewing of the audit log files.
FAU_STG.1 The TOE provides the ability for privileged administrators to delete audit
records stored within the TOE. The TOE provides dedicated CLI commands
that are only available to the privileged administrator to facilitate the deletion of
audit records. The local events cannot be altered by any users or mechanisms.
Refer to the Guidance documentation for commands, configuration syntax and
information related to viewing of the audit log files.