Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS7000 Series

Motorola WS5100 Wireless Switch and RFS7000 RF Switch Security Target

Page 73 of 85

TOE in a manner that is

commensurate with the

risks posed to the network.

OE.RESIDUAL_INFORMA

TION

The TOE IT environment

will ensure that any

information contained in a

protected resource within

its Scope of Control is not

released when the

resource is reallocated.

FDP_RIP.1(2) FDP_RIP.1(2) ensures that the TOE IT

environment provides same protections for

residual information in a network packet that

the TOE will provide. This ensures that neither

the TOE nor the TOE IT environment will allow

data from previously transmitted packets to be

insert into new packets.

OE.SELF_PROTECTION

The IT environment will

maintain a domain for its

own execution that protects

itself and its resources

from external interference,

tampering, or unauthorized

disclosure through its own

interfaces.

FPT_SEP.1(2)

FPT_RVM.1(2)

The TOE IT environment must protect itself in

a manner similar to that provided for the TOE.

FPT_SEP.1(2) ensures the environment

provides a domain that protects itself from

untrusted users. If the environment cannot

protect itself it cannot be relied upon to

enforce its security policies. FPT_RVM.1(2)

ensures that the environment makes policy

decisions on all interfaces that perform

operations on subjects and objects that are

scoped by the policies.

OE.TOE_ACCESS

The environment will

provide mechanisms that

support the TOE in

providing user’s logical

access to the TOE.

FIA_AFL.1(2)

FIA_ATD.1(2)

FIA_UAU_EXP.5(2)

FIA_UID.1

The TOE IT environment will provide a remote

authentication mechanism in order to support

TOE authentication of users.

FIA_UAU_EXP.5(2) and FIA_UID.1 ensure

that users are identified and authenticated.

FIA_ATD.1(2) and FIA_AFL.1(2) ensure that

the proper attributes are associated with users

and that authentication failure is handled

properly.

OE.TOE_NO_BYPASS

Wireless clients are

configured so that

information cannot flow

between a wireless client

and any other wireless

client or host networked to

the TOE without passing

through the TOE.

FIA_UAU.1

FIA_UAU_EXP.5(2)

FIA_UID.1

FIA_UAU.1, FIA_UAU_EXP.5(2), and

FIA_UID.1 ensure that the TOE has the ability

to mediate packet flow based upon the

authentication credentials of the wireless user.