Specifications
Cisco ISR-800 Security Target
50
TOE SFRs
How the SFR is Met
The termination of an
interactive session.
An audit event is generated by an authorized
administrator when the exit command is used.
Initiation of the trusted
channel/ path.
Termination of the trusted
channel/ path.
Failure of the trusted
channel/ path functions.
See the rows for IPsec and SSH above.
FAU_GEN.2
The TOE ensures that each auditable event is associated with the user that
triggered the event and as a result they are traceable to a specific user. For
example a human user, user identity, or related session ID would be included in
the audit record. For an IT entity or device, the IP address, MAC address, host
name, or other configured identification is presented.
FAU_STG_EXT.1
The administrator can set the level of the audit records to be stored in a local
buffer, displayed on the console, sent to the syslog server or all of the above. For
instance all emergency, alerts, critical, errors, and warning messages can be sent to
the console and local buffer alerting the administrator that some action needs to be
taken as these types of messages mean that the functionality of the TOE is
affected. All notifications and information type message can be sent to the syslog
server. The audit records are transmitted using IPsec channel to the syslog server.
If the communications to the syslog server is lost, the TOE generates an audit
record and all permit traffic is denied until the communications is re-established.
The local logging buffer size can be configured from a range of 4096 (default) to
2147483647 bytes. It is noted to not make the buffer size too large because the
TOE could run out of memory for other tasks. Use the show memory privileged
EXEC command to view the free processor memory on the TOE. However, this
value is the maximum available, and the buffer size should not be set to this
amount.
The local logging buffer is circular, so newer messages overwrite older messages
after the buffer is full. Administrators are instructed to monitor the log buffer
using the show logging privileged EXEC command to view the audit records. The
first message displayed is the oldest message in the buffer. There are other
associated commands to clear the local buffer, to set the logging level, etc.
The TOE is configured to export syslog records to a specified, external syslog
server. The TOE protects communications with an external syslog server via
IPsec. The TOE transmits its audit events to all configured syslog servers at the
same time logs are written to the local log buffer and to the console. The TOE is
capable of detecting when the IPsec connection fails. The TOE also stores a
limited set of audit records locally on the TOE, and continues to do so if the
communication with the syslog server goes down. If the IPsec connection fails,
the TOE will buffer a small amount of audit records on the TOE when it discovers
it can no longer communicate with its configured syslog server, and will transmit