Installation guide
Motorola WS5100 Wireless Switch and RFS7000 RF Switch Security Target
Page 60 of 85
P.NO_AD_HOC_NETWORKS
In concordance with the DOD
Wireless Policy, there will be no
ad hoc 802.11 or 802.15
networks allowed.
O.MEDIATE
The TOE must mediate the
flow of information to and
from wireless clients
communicating via the TOE
in accordance with its
security policy.
OE.TOE_NO_BYPASS
Wireless clients are
configured so that information
cannot flow between a
wireless client and any other
wireless client or host
networked to the TOE without
passing through the TOE
O.MEDIATE works to support
this policy by ensuring that all
network packets that flow
through the TOE are subject to
the information flow policies.
OE.TOE_NO_BYPASS
supports this policy by
ensuring that wireless clients
must be configured to use the
wireless access system for all
information flowing between a
wireless client and any other
host on the network. If the
clients are properly configured,
any information passing
through the TOE will be
inspected to ensure it is
authorized by TOE policies.
8.2 Rationale for Security Objectives in the TOE Environment
Four of the security objectives for the TOE are simply restatements of an assumption found in
Section 3.1. Therefore, these four objectives for the environment, OE.NO_EVIL, OE.PHYSICAL,
OE.NO_GENERAL_PURPOSE, and OE.TOE_NO_BYPASS trace to the assumptions trivially.
The remainder of the security objectives for the IT environment have been included in this ST in
order to support the TOE IT environment security functions. The rationale support is documented in
Table 8-1 Security Objectives to Threats and Policies Mappings along with the rationale for security
objectives for the TOE.