Brocade Communications Systems NetIron CER Series Specifications download pdf (Page 28)

Brocade MLXe® and NetIron® Family Devices with Multi-Service IronWare R05.7.00

Security Target Version 1., July 15, 2014

Page 28 of 50

The evaluator shall perform the following tests for each method by which administrators access

the TOE (local and remote), as well as for each type of credential supported by the login method:

Test 1: The evaluator shall use the operational guidance to configure the appropriate

credential supported for the login method. For that credential/login method, the evaluator

shall show that providing correct I&A information results in the ability to access the

system, while providing incorrect information results in denial of access.

Test 2: The evaluator shall configure the services allowed (if any) according to the

operational guidance, and then determine the services available to an external remote

entity. The evaluator shall determine that the list of services available is limited to those

specified in the requirement.

Test 3: For local access, the evaluator shall determine what services are available to a

local administrator prior to logging in, and make sure this list is consistent with the

requirement.

5.1.5 Security management (FMT)

5.1.5.1 Management of TSF Data (for general TSF data) (FMT_MTD.1)

FMT_MTD.1.1

The TSF shall restrict the ability to manage the TSF data to the Security Administrators.

Assurance Activity:

The evaluator shall review the operational guidance to determine that each of the TSF-data-

manipulating functions implemented in response to the requirements of the NDPP is identified,

and that configuration information is provided to ensure that only administrators have access to

the functions. The evaluator shall examine the TSS to determine that, for each administrative

function identified in the operational guidance; those that are accessible through an interface prior

to administrator log-in are identified. For each of these functions, the evaluator shall also confirm

that the TSS details how the ability to manipulate the TSF data through these interfaces is

disallowed for non-administrative users.

5.1.5.2 Specification of Management Functions (FMT_SMF.1)

FMT_SMF.1.1

The TSF shall be capable of performing the following management functions:

• Ability to administer the TOE locally and remotely;

• Ability to update the TOE, and to verify the updates using [digital signature]

capability prior to installing those updates; [

• Ability to configure the list of TOE-provided services available before an entity is

identified and authenticated, as specified in FIA_UIA_EXT.1;

• Ability to configure the cryptographic functionality].

Component Assurance Activity:

The security management functions for FMT_SMF.1 are distributed throughout the NDPP and are

included as part of the requirements in FMT_MTD, FPT_TST_EXT, and any cryptographic

management functions specified in the reference standards. Compliance to these requirements

satisfies compliance with FMT_SMF.1.

1 2 ... 23 24 25 26 27 28 29 30 31 32 33 ... 49 50

Comments to this Manuals

No comments

Brocade Communications Systems NetIron CER Series Specifications Page 28

Comments to this Manuals

Related products and manuals for Network switches Brocade Communications Systems NetIron CER Series