Specifications
Cisco ISR-800 Security Target
29
TOE Objective
TOE Security Objective Definition
O.ADDRESS_FILTERING
The TOE will provide the means to filter and log network
packets based on source and destination addresses.
O.AUTHENTICATION
The TOE will provide a means to authenticate the user to
ensure they are communicating with an authorized external IT
entity.
O.CRYPTOGRAPHIC_FUNCTIONS
The TOE will provide means to encrypt and decrypt data as a
means to maintain confidentiality and allow for detection and
modification of TSF data that is transmitted outside of the TOE
O.FAIL_SECURE
Upon a self-test failure, the TOE will shutdown to ensure data
cannot be passed while not adhering to the security policies
configured by the administrator.
O.PORT_FILTERING
The TOE will provide the means to filter and log network
packets based on source and destination transport layer ports.
4.2 Security Objectives for the Environment
All of the assumptions stated in section 3.1 are considered to be security objectives for the
environment. The following are the Protection Profile non-IT security objectives, which, in
addition to those assumptions, are to be satisfied without imposing technical requirements on the
TOE. That is, they will not require the implementation of functions in the TOE hardware and/or
software. Thus, they will be satisfied largely through application of procedural or administrative
measures.
Table 13 Security Objectives for the Environment
Environment Security Objective
IT Environment Security Objective Definition
Reproduced from the U.S. Government Protection Profile for Security Requirements for Network Devices
OE.NO_GENERAL_PURPOSE
There are no general-purpose computing capabilities (e.g.,
compilers or user applications) available on the TOE, other
than those services necessary for the operation, administration
and support of the TOE.
OE.PHYSICAL
Physical security, commensurate with the value of the TOE
and the data it contains, is provided by the environment.
OE.TRUSTED_ADMIN
TOE Administrators are trusted to follow and apply all
administrator guidance in a trusted manner.
Reproduced from the VPNGWEP
OE.CONNECTIONS
TOE administrators will ensure that the TOE is installed in a
manner that will allow the TOE to effectively enforce its
policies on network traffic flowing among attached
networks.