System information
Cisco Cat3K ST 6 June 2012
61
TOE SFRs How the SFR is Met
FIA_UID.2 allowing any TSF mediated actions to be performed. Administrative access to
the TOE is facilitated through the TOE’s CLI. The TOE mediates all
administrative actions through the CLI. Once a potential administrative user
attempts to access the CLI of the TOE through either a directly connected
console or remotely through an SSHv2 connection, the TOE prompts the user
for a user name and password. Only after the administrative user presents the
correct authentication credentials will access to the TOE administrative
functionality be granted. No access is allowed to the administrative functionality
of the TOE until an administrator is successfully identified and authenticated.
For neighbor routers, which do not have access to the CLI, the neighbor router
must present the correct hashed password prior to exchanging routing table
updates with the TOE. The TOE authenticates the neighbor router using its
supplied password hash, and the source IP address from the IP packet header.
The supported routing protocols (BGPv4, EIGRP, PIM-SMv2, and OSPFv2) use
MD5 hashes to secure the passwords as specified in FCS_COP.1.1(4). Note,
OSPFv2 also supports hmac-sha1 hashes to secure the password. It is
recommended for additional security, router protocol traffic also be isolated to
separate VLANs.
FIA_UAU.5
The TOE can be configured to require local authentication and/or remote
authentication via a RADIUS or TACACS+ server as defined in the
authentication policy for interactive (human) users. Neighbor routers are
authenticated only to passwords stored locally, and authentication is performed
implicitly through the supported protocols.
The policy for interactive (human) users (Administrators) can be authenticated
to the local user database, or have redirection to a remote authentication server.
Interfaces can be configured to try one or more remote authentication servers,
and then fail back to the local user database if the remote authentication servers
are inaccessible.
FIA_UAU.7
When a user enters their password at the local console or via SSHv2, the TOE
echoes none of the characters of the password.
FMT_MOF.1 The TOE provides the authorized administrative user the ability to perform the
actions required to control the TOE, including: audit trail (create, delete, empty,
review) management, network traffic (information flow) rules (create, delete,
modify, and view), routing tables (create, modify, delete), session inactivity time
period (set, modify threshold limits), time determination (set, change
date/timestamp), and TSF self test (TOE and cryptographic module). For each of
these functions that require data to be entered, only secure (authorized) values
are accepted. Refer to the Guidance documentation for configuration syntax,
commands, and information related to each of the functions. Some of the
functions are restricted to a specific administrative privilege level and/or to an
authorized administrator with the proper permissions (level).
FMT_MSA.2 The TOE inspects the headers of incoming frames and packets to ensure that the
headers and the security-relevant information they contain, such as VLAN tags
and addresses, is appropriately structured, and malformed frames and packets
are discarded.