Brocade Communications Systems FCX Series User Manual download pdf (Page 24)

Version 1.1, 05/19/2014

GSS CCT Evaluation Technical Report Page 24 of 53

Document: AAR-BrocadeFastIron8010

Test 1: The evaluator shall, for each public key algorithm supported, show that the TOE supports the use of that

public key algorithm to authenticate a user connection. Any configuration activities required to support this test

shall be performed according to instructions in the operational guidance.

Test 2: Using the operational guidance, the evaluator shall configure the TOE to accept password-based

authentication, and demonstrate that a user can be successfully authenticated to the TOE over SSH using a

password as an authenticator.

The evaluator used the Putty client to connect to the TOE using password authentication. The evaluator performed

this test using ASE 128 and ASE 256 encryption.

2.2.8.3 FCS_SSH_EXT.1.3

TSS Assurance Activities: The evaluator shall check that the TSS describes how 'large packets' in terms of RFC 4253

are detected and handled.

Section 6.2 explains that there is a 256K packet buffer and as SSH packets are received they are combined to form

a complete packet to be decrypted, but if the packet is not completed when the buffer becomes full the packet will

be dropped.

Guidance Assurance Activities: None Defined

Testing Assurance Activities: The evaluator shall also perform the following test:

Test 1: The evaluator shall demonstrate that if the TOE receives a packet larger than that specified in this

component, that packet is dropped.

The evaluator created a test program that sends a packet of length 257K to the SSH server on the TOE. When the

large packet was sent to the TOE, the SSH connection was closed.

2.2.8.4 FCS_SSH_EXT.1.4

TSS Assurance Activities: The evaluator shall check the description of the implementation of this protocol in the

TSS to ensure that optional characteristics are specified, and the encryption algorithms supported are specified as

well. The evaluator shall check the TSS to ensure that the encryption algorithms specified are identical to those

listed for this component.

1 2 ... 19 20 21 22 23 24 25 26 27 28 29 ... 52 53

No comments

Brocade Communications Systems FCX Series User Manual Page 24