Brocade Communications Systems FCX Series User Manual download pdf (Page 15)

Version 1.1, 05/19/2014

GSS CCT Evaluation Technical Report Page 15 of 53

Document: AAR-BrocadeFastIron8010

The evaluator shall examine the TSS to ensure it describes the means by which the audit data are transferred to

the external audit server, and how the trusted channel is provided.

Section 6.1 explains how the audit trail is protected. Only the TOE User role can access the audit trail and use of

that role requires a valid logon. Only administrators log onto the TOE. Section 6.1 also explains there is a local

audit log and the possibility of a remote audit log. The local log stores up to 50 entries after which the audit

entries will be overwritten, oldest first. The administrator (with Super User privilege) can choose to configure one

or more external syslog servers where the TOE will send a copy of the audit records if so desired. The TOE can be

configured to use TLS to protect audit logs exported to an external server.

Guidance Assurance Activities: TOE acts as audit server

The evaluator shall also examine the operational guidance to ensure it describes how to establish the trusted

channel with the TOE, as well as describe any requirements for other IT entities to connect and send audit data to

the TOE (particular audit server protocol, version of the protocol required, etc.), as well as configuration of the TOE

needed to communicate with other IT entities.

TOE is not an audit server

The evaluator shall also examine the operational guidance to ensure it describes how to establish the trusted

channel to the audit server, as well as describe any requirements on the audit server (particular audit server

protocol, version of the protocol required, etc.), as well as configuration of the TOE needed to communicate with

the audit server.

Appendix A of the FIPS Configuration Guide provides detailed instructions for configuring the SSL/TLS connection

between the TOE and the audit server. The commands provided are for the Ubuntu 10.4 audit server. The reader

is told that the TOE will work with Red Hat or Centos but the commands are slightly different (and left to the

reader). The steps provide are as follows. Each major step has several sub-steps explained.

• Set up stunnel

• Create a certificate with the openssl tool

• Create a configuration file

• Change the stunnel4 startup file

• Restart the stunnel service

• Configure rsyslog

• Enable accepting remote logs

• Restart rsyslog service

• Print log messages

Testing Assurance Activities: TOE acts as audit server

1 2 ... 10 11 12 13 14 15 16 17 18 19 20 ... 52 53

No comments

Brocade Communications Systems FCX Series User Manual Page 15