Brocade Communications Systems Brocade Superx Series User Manual download pdf (Page 11)

VALIDATION REPORT

Brocade Communications Systems, Inc. FastIron SX, ICX, and FCX Series Switch/Router

both platforms and the only differences are in the number (8 or 16) of interface slots (and,

consequently, external network connections) supported

 FCX Series Hardware Platform FCX-624S—the other FCX Series devices included in the TOE

are functionally equivalent. The same firmware image is executed on all platforms and the only

differences are in the number (24 or 48) of ports and the support for Power over Ethernet (PoE)

 ICX Series Hardware Platform ICX 6610-24—the other ICX 6610 devices included in the TOE

are functionally equivalent. The same firmware image is executed on all platforms and the only

differences are in the number (24 or 48) and type (RJ-45, SFP, or POE+) ports.

An initial round of testing was conducted the week of May 20, 2013 at the vendor’s facility in San Jose,

CA. This round of testing identified a number of functional areas where the TOE did not satisfy the

requirements specified in the Security Requirements for Network Devices. The developer updated the

TOE and subsequent testing took place July 31

, August 1

and August 5

. Final product testing took

place on August 20, 2013 at the Leidos facility. The developer assisted during the testing phase.

The final round of testing demonstrated the TOE satisfies the security functional requirements specified in

the Security Requirements for Network Devices.

The testing performed by the evaluation team is summarized as follows:

 The evaluation team confirmed the TOE’s ability to generate the audit events specified in the ST

 The evaluation team confirmed the TOE’s ability to establish a trusted channel with an external

audit server and transfer audit records to the audit server via the trusted channel

 The evaluation team confirmed the TOE supports RSA for public key authentication and

password-based authentication over SSH

 The evaluation confirmed the TOE drops an SSH connection if it receives a packet over 256K

bytes in length

 The evaluation team confirmed the TOE supports SSH connections using AES-CBC-128 and

AES-CBC-256

 The evaluation team confirmed the TOE does not support DH Group 1 and that it does support

DH Group 14

 The evaluation team confirmed the TOE supports each of the TLSv1.0 ciphersuites specified in

the ST

 The evaluation team confirmed the TOE supports the specified password composition

requirements, including the specified minimum length

 The evaluation team confirmed the TOE provides only obscured feedback when authentication

information is entered at the local console

 The evaluation team confirmed, for all supported methods of administrator access, the TOE

allows access to the CLI when the correct authentication credentials are provided, and denies

access when incorrect credentials are provided, and that the services available without

authentication are as specified in the ST

 The evaluation team confirmed the time could be set by the administrator and synchronized using

an external NTP server. Note, the ST does not make any claims about using cryptographic

protocols to protect the connection to the NTP server, so testing with the NTP server occurred

only over TCP/IP

1 2 ... 6 7 8 9 10 11 12 13 14

Comments to this Manuals

No comments

Brocade Communications Systems Brocade Superx Series User Manual Page 11

Comments to this Manuals

Related products and manuals for Network switches Brocade Communications Systems Brocade Superx Series