Installation guide
Motorola WS5100 Wireless Switch and RFS7000 RF Switch Security Target
Page 43 of 85
6.1.7 TOE Access
The TOE terminates a local serial console administrator or a wireless user session after a
configurable time interval of user inactivity is reached. A default banner regarding unauthorized
access is displayed before establishing a user session.
6.1.8 Trusted Path/Channels
The TOE maintains a trusted channel with audit, authentication, and network time protocol servers.
The channel is protected by IPSec/IKE protocol with pre-shared keys and can be initiated by the
TOE or the servers.
The TOE maintains a trusted path with wireless users during the wireless user authentication
phase. The trusted path is based on EAP-TLS, EAP-TTLS and PEAP protocols and can be
established by wireless client devices with the help of the external authentication server, which
performs authentication and cryptographic key derivation operations required by the EAP-TLS,
EAP-TTLS and PEAP protocols.
6.2 Assurance Measures
The assurance requirements for this TOE are for Evaluation Assurance Level EAL4. The following
items are provided as evaluation evidence to satisfy the EAL4 assurance requirements:
Table 6-1 Assurance Measures
Security Assurance Requirement Evaluation Evidence Documentation
ACM_AUT.1 Partial CM automation Motorola Wireless Switch Configuration Management
Plan and Procedures
ACM_CAP.4 Generation support and
acceptance procedures
Motorola Wireless Switch Configuration Management
Plan and Procedures
ACM_SCP.2 Problem tracking CM
coverage
Motorola Wireless Switch Configuration Management
Plan and Procedures
ADO_DEL.2 Detection of modification Motorola Wireless Switch Delivery and Operation
Plan and Procedures
ADO_IGS.1 Installation, generation, and
start-up procedures
Motorola Wireless Switch Installation Guide
ADV_FSP.2 Fully defined external
interfaces
Motorola Wireless Switch Functional Specification
ADV_HLD.2 Security enforcing high-level
design
Motorola Wireless Switch High-Level Design
Specification