Manualshelf

System information

ManualsBrandsCisco ManualsComputer equipmentCatalyst 3750X-48PF
61626364656667686970
Cisco Cat3K ST 6 June 2012
67
TOE SFRs How the SFR is Met
session
Router> show privilege
Current privilege level is 1
The term “authorized administrator” is used in this ST to refer to any user that
has been assigned to a privilege level that is permitted to perform the relevant
action; therefore has the appropriate privileges to perform the requested
functions. The privilege level determines the functions the user can perform;
hence the authorized administrator with the appropriate privileges. Refer to the
Guidance documentation and IOS Command Reference Guide for available
commands and associated roles and privilege levels.
The Switch can and shall be configured to authenticate all access to the
command line interface using a username and password.
FPT_RPL.1
By virtue of the cryptographic and path mechanisms implemented by the TOE,
replayed network packets directed (terminated) at the TOE will be detected and
discarded.
Note: The intended scope of this requirement is trusted communications with the
TOE (e.g., administrator to TOE, IT entity (e.g., authentication server) to TOE,).
As such, replay does not apply to receipt of multiple network packets due to
network congestion or lost packet acknowledgments.
FPT_STM.1
The TOE provides a source of date and time information used in audit
timestamps and in calculating session inactivity. The clock function is reliant on
the system clock provided by the underlying hardware. The TOE can optionally
be set to receive clock updates from an NTP server. This date and time is used
as the time stamp that is applied to TOE generated audit records and used to
track inactivity of administrative sessions.
FPT_TST_EXT.1
As a FIPS 140-2 validated product, the TOE runs a suite of self tests during
initial start-up to verify its correct operation. Refer to the FIPS Security Policy
for available options and management of the cryptographic self test.
For testing of the TSF, the TOE automatically runs checks and tests at startup
and during resets to ensure the TOE is operating correctly. Refer to the
Guidance documentation for installation configuration settings and information
and troubling shooting if issues are identified.
FTA_SSL.3 An administrator can configure maximum inactivity times for both local and
remote administrative sessions. When a session is inactive (i.e., not session
input) for the configured period of time the TOE will terminate the session,
flush the screen, and no further activity is allowed requiring the administrator
to log in (be successfully identified and authenticated) again to establish a
new session.
The allowable range is from 1 to 65535 seconds.
FTA_TAB.1
The TOE displays a privileged Administrator specified banner on the CLI
management interface prior to allowing any administrative access to the TOE.