Manualshelf

Specifications

ManualsBrandsCisco ManualsNetworkingCISCO881W-GN-A-K9
31323334353637383940
Cisco ISR-800 Security Target
40
composed of any combination of upper and lower case letters, numbers, and special
characters (that include: “!”, “@”, “#”, “$”, “%”, “^”, “&”, “*”, “(“, and “)”).
FIA_PSK_EXT.1.3 The TSF shall condition the text-based pre-shared keys by using [SHA-1].
FIA_PSK_EXT.1.4 The TSF shall be able to [accept] bit-based pre-shared keys.
5.3.4.4 FIA_UIA_EXT.1 User Identification and Authentication
FIA_UIA_EXT.1.1 The TSF shall allow the following actions prior to requiring the non-TOE
entity to initiate the identification and authentication process:
Display the warning banner in accordance with FTA_TAB.1;
[no other actions]
FIA_UIA_EXT.1.2 The TSF shall require each administrative user to be successfully
identified and authenticated before allowing any other TSF-mediated action on behalf of that
administrative user.
5.3.4.5 FIA_UAU_EXT.2 Extended: Password-based Authentication Mechanism
FIA_UAU_EXT.2.1 The TSF shall provide a local password-based authentication mechanism,
[remote password-based authentication via RADIUS and TACACS+, public-key based
authentication for SSH connections] to perform administrative user authentication.
5.3.4.6 FIA_UAU.7 Protected Authentication Feedback
FIA_UAU.7.1 The TSF shall provide only obscured feedback to the administrative user while
the authentication is in progress at the local console.
5.3.4.7 FIA_X509_EXT.1 Extended: X.509 Certificates
FIA_X509_EXT.1.1 The TSF shall use X.509v3 certificates as defined by RFC 5280 to support
authentication for IPsec and [SSH] connections.
FIA_X509_EXT.1.2 The TSF shall store and protect certificate(s) from unauthorized deletion
and modification.
FIA_X509_EXT.1.3 The TSF shall provide the capability for authenticated Administrators to
load X.509v3 certificates into the TOE for use by the security functions specified in this PP.
FIA_X509_EXT.1.4 The TSF shall generate a Certificate Request Message as specified in RFC
2986 and be able to provide the following information in the request: public key, Common
Name, Organization, Organizational Unit, and Country.
FIA_X509_EXT.1.5 The TSF shall validate the certificate using [the Online Certificate Status
Protocol (OCSP) as specified in RFC 2560, a Certificate Revocation List (CRL) as specified in