Brocade Communications Systems FCX Series User Manual download pdf (Page 12)

Version 1.1, 05/19/2014

GSS CCT Evaluation Technical Report Page 12 of 53

Document: AAR-BrocadeFastIron8010

Requirement

Auditable Events

Additional

Audit Record

Contents

Guidance Location

recorded using this event type

Logging CLI_CMD operation enabled by user

from console session.

"logging cli-command" by user from console

The following commands were identified by the evaluators as security-related. Each command is identified and a

brief purpose is provided. These commands were found in the user guidance and consist of all the commands

needed to configure or examine the security settings through the process of testing the security claims. This same

list is found in Section 6.5 of the ST. As such, they are all identified in the DTR, along with the results and

corresponding audit records. Note that every administrator command issued by the evaluators during testing was

found to be audited without exception.

• fips

o (no) fips enable common-criteria (turn fips and cc modes on or off)

o fips show (show the current fips configuration)

• write memory (write the current configuration settings to persistent memory)

• openssl s_server (set syslog port, key and cipher)

• (no) logging host <ip-address> ssl-port <port> (configure or remove the secure logging host)

• ip

o ip ssh pub-key-file (load a user’s public key for authentication)

o ip ssh idle-time <time> (set SSH idle timeout period)

• aaa authentication (configure authentication settings)

• enable

o enable aaa (enable login at console)

o enable password-min-length 15 (configure min password size)

o enable user password-masking (set as part of turning on FIPS mode)

• username <user> password (set a user password)

• clock set <time> (set time)

• server <ntp server ip> minpoll <time> (configure NTP poll interval)

• show

o show flash (show flash info)

o show ver (show version)

o show clock (query time)

o show ip client-pub-key (show the client public key used for SSH login)

o show ip ssl (show ssl connections)

o show logging (show current logging configuration and log buffer)

o show run | <options> (show running configuration details)

• boot system flash <primary or secondary> (boot a loaded flash image)

1 2 ... 7 8 9 10 11 12 13 14 15 16 17 ... 52 53

Comments to this Manuals

No comments

Brocade Communications Systems FCX Series User Manual Page 12

Comments to this Manuals

Related products and manuals for Network switches Brocade Communications Systems FCX Series