System information
Cisco Cat3K ST 6 June 2012
63
TOE SFRs How the SFR is Met
FMT_MTD.1
The TOE provides the ability for authorized administrators to access TOE data,
such as audit data, configuration data, security attributes, information flow rules,
routing tables, and session thresholds. Each of the predefined and
administratively configured privilege level has delete set of permissions that will
grant them access to the TOE data, though with some privilege levels, the access
is limited. The TOE performs role-based authorization, using TOE platform
authorization mechanisms, to grant access to the semi-privileged and privileged
levels. For the purposes of this evaluation, the privileged level is equivalent to
full administrative access to the CLI, which is the default access for IOS
privilege level 15; and the semi-privileged level equates to any privilege level
that has a subset of the privileges assigned to level 15. Privilege levels 0 and 1
are defined by default and are customizable, while levels 2-14 are undefined by
default and are also customizable. The term “authorized administrator” is used
in this ST to refer to any user which has been assigned to a privilege level that is
permitted to perform the relevant action; therefore has the appropriate privileges
to perform the requested functions. Therefore, semi-privileged administrators
with only a subset of privileges can also modify TOE data based if granted the
privilege.
FMT_SMF.1
The TOE provides all the capabilities necessary to securely manage the TOE.
The administrative user can connect to the TOE using the CLI to perform these
functions via SSHv2, a terminal server, or at the local console. Rrefer to the
Guidance documentation for configuration syntax, commands, and information
related to each of these functions.
The management functionality provided by the TOE include the following
administrative functions:
• Ability to manage the cryptographic functionality - allows the
authorized administrator the ability to identify and configure the
algorithms used to provide protection of the data, such as generating
the RSA keys to enable SSHv2, configuration of routing protocols, and
if used the configuration of remote authentication
• Ability to manage the audit logs and functions - allows the authorized
administrator to configure the audit logs, view the audit logs, and to
clear the audit logs
• Ability to manage information flow control attributes - allows the
authorized administrator to configure the VLANs, PVLANS, and
ACLs, to control the Ethernet and IP network traffic
• Ability to manage routing tables - allows the authorized administrator
the ability to create, modify, and delete the routing tables to control the
routed network traffic
• Ability to manage security attributes belonging to individual users -
allows the authorized administrator to create, modify, and delete other
administrative users
• Ability to manage the default values of the security attributes - allows
the authorized administrator to specify the attributes that are used
control access and/or manage users
• Ability to manage the warning banner message and content – allows
the authorized administrator the ability to define warning banner that is
displayed prior to establishing a session (note this applies to the
interactive (human) users; e.g. administrative users
• Ability to manage the time limits of session inactivity – allows the
authorized administrator the ability to set and modify the inactivity