System information
Cisco Cat3K ST 6 June 2012
76
Objective Rationale
auditable for the TOE [FAU_GEN.1 and FAU_GEN.2]. Timestamps
associated with the audit record must be reliable [FPT_STM.1].
O.AUDIT_VIEW The TOE will provide the authorized administrators the capability to
review Audit data. Security relevant events must be available for
review by authorized administrators [FAU_SAR.1]. The TOE does
not have an interface to modify audit records, though there is an
interface available for the authorized administrator to delete audit
data stored locally on the TOE [FAU_STG.1].
O.CFG_MANAGE The TOE will provide management tools/applications to allow
authorized administrators to manage its security functions. The TOE
is capable of performing numerous management functions including
the ability to manage the cryptographic functionality, to manage the
audit logs and functions, to manage information flow control
attributes, to manage security attributes that allows authorized
administrators to manage the specified security attributes, to manage
the default values of the security attributes, to initiate TOE self test,
to manage the warning banner message and content, and to manage
the time limits of session inactivity [FMT_SMF.1]. The TOE must
be able to recognize the administrative privileges that exist for the
TOE [FMT_SMR.1] and [FDP_ACC.2/FDP_ACF.1] ensures the
access to the commands is controlled and only those users
(administrators) assigned the appropriate privilege can execute the
command. FTA_SSL.3 also meets this objective by terminating a
session due to meeting/exceeding the inactivity time limit. The TOE
requires that all users, switches, devices and hosts actions resulting
in the access to TOE security functions and configuration data are
controlled to prevent unauthorized activity. The TOE ensures that
access to TOE security functions and configuration data is done in
accordance with the rules of the access control policy.
O.IDAUTH The TOE must uniquely identify and authenticate the claimed
identity of all administrative users before granting management
access. The TOE is required to provide users with security attributes
to enforce the authentication policy of the TOE and to associate
security attributes with users [FIA_ATD.1]. Users authorized to
access the TOE must be defined using an identification and
authentication process [FIA_UAU.5]. Before access is granted, all
users must be successfully identified and authenticated [FIA_UID.2
and FIA_UAU.2]. The password is obscured when entered
[FIA_UAU.7]. If the period of inactivity has been exceeded, the
user is required to re-authenticate to re-establish the session
[FTA_SSL.3].
O.MEDIATE The TOE must mediate the flow of all information between clients
and servers located on internal and external networks governed by
the TOE. The TOE is required to identify the subject attributes and
information attributes necessary to enforce the VLAN information
flow control SFP, and IP information flow control SFP
[FDP_IFC.1(1), (2), (3) and FDP_IFF.1(1), (2), (3)]. The policy is
defined by rules defining the conditions for which information is
permitted or denied to flow [FDP_IFF.1(1),(2), (3)]. The TOE
provided the capability for administrators to define default deny
rules, though the default policy for the information flow control
security rules is permissive where no explicit rules exist until created
and applied by an authorized administrator [FMT_MSA.3(1)].