hit counter script

Toe Bypass And Interference/Logical Tampering Protection Measures - Cisco Catalyst 4503-E Manual

Catalyst 4500 series
Hide thumbs Also See for Catalyst 4503-E:
Table of Contents

Advertisement

Cisco Cat4K NDPP ST
EDCS-1228241
TOE SFRs
FTA_TAB.1
FTP_ITC.1(1) and
FTP_ITC.(2)
FTP_TRP.1(1) and
FTP_TRP.1(2)
6.2
TOE Bypass and interference/logical tampering Protection
Measures
The TOE consists of a hardware platform in which all operations in the TOE scope are
protected from interference and tampering by untrusted subjects. All administration and
configuration operations are performed within the physical boundary of the TOE. Also,
all TSP enforcement functions must be invoked and succeed prior to functions within the
TSC proceeding.
The TOE has been designed so that all locally maintained TSF data can only be
manipulated via the secured management interface, the CLI interface. There are no
undocumented interfaces for managing the product.
All sub-components included in the TOE rely on the main chassis for power, memory
management, and access control. In order to access any portion of the TOE, the
Identification and Authentication mechanisms of the TOE must be invoked and succeed.
No processes outside of the TOE are allowed direct access to any TOE memory. The
TOE only accepts traffic through legitimate TOE interfaces. Specifically, processes
outside the TOE are not able to execute code on the TOE. None of these interfaces
provide any access to internal TOE resources.
The TOE enforces information flow control policies and applies network traffic security
on its interfaces before traffic passes into or out of the TOE. The TOE controls every
ingress and egress traffic flow. Policies are applied to each traffic flow. Traffic flows
characterized as unauthorized are discarded and not permitted to circumvent the TOE.
There are no unmediated traffic flows into or out of the TOE. The information flow
policies identified in the SFRs are applied to all traffic received and sent by the TOE.
Each
communication
communications, and administrative communications are mediated by the TOE. The data
How the SFR is Met
The allowable range is from 1 to 65535 seconds.
The TOE displays a privileged Administrator specified banner on
the CLI management interface prior to allowing any
administrative access to the TOE. This is applicable for both
local and remote TOE administration.
The TOE protects communications with authorized IT entities with
IPSec. This protects the data from disclosure by encryption and by
checksums that verify that data has not been modified.
All remote administrative communications take place over a
secure encrypted SSHv2 session. The SSHv2 session is
encrypted using AES encryption. The remote users are able to
initiate SSHv2 communications with the TOE.
including
data
79
plane
communication,
11 March 2014
control
plane

Advertisement

Table of Contents
loading

Table of Contents