Brocade Communications Systems FCX Series User Manual download pdf (Page 45)

Version 1.1, 05/19/2014

GSS CCT Evaluation Technical Report Page 45 of 53

Document: AAR-BrocadeFastIron8010

Guidance Assurance Activities: None Defined

Testing Assurance Activities: None Defined

2.8.1.3 FTP_ITC.1.3

TSS Assurance Activities: None Defined

Guidance Assurance Activities: None Defined

Testing Assurance Activities: None Defined

Component Assurance Activities: The evaluator shall examine the TSS to determine that, for all communications

with authorized IT entities identified in the requirement, each communications mechanism is identified in terms of

the allowed protocols for that IT entity. The evaluator shall also confirm that all protocols listed in the TSS are

specified and included in the requirements in the ST.

Section 6.8 indicates that TLS is required to communicate with a SYSLOG server and SCP (based on SSH) is used to

communicate with an update server. This is consistent with the choices made in FPT_ITC.1.

The evaluator shall confirm that the operational guidance contains instructions for establishing the allowed

protocols with each authorized IT entity, and that it contains recovery instructions should a connection be

unintentionally broken.

The FIPS Configuration Guide – Configuring an encrypted syslog server and Appendix A with the same name offer

instructions and examples to set up a secure channel to a SYSLOG server.

The FIPS Configuration Guide states in Table 2 that TFTP is disabled in FIPS mode. It provides commands for using

SCP in Table 3.

The evaluator shall also perform the following tests:

1 2 ... 40 41 42 43 44 45 46 47 48 49 50 51 52 53

No comments

Brocade Communications Systems FCX Series User Manual Page 45