Vai alla pagina of
Manuali d’uso simili
-
Network Router
Nortel Networks NN46120-104
300 pagine 1.57 mb -
Network Router
Nortel Networks 4134
70 pagine 0.62 mb -
Network Router
Nortel Networks BSG8ew
66 pagine 3.34 mb -
Network Router
Nortel Networks 15000
20 pagine 0.17 mb -
Network Router
Nortel Networks 2700
12 pagine 0.44 mb -
Network Router
Nortel Networks Instant Internet 400 Unit
60 pagine 0.71 mb -
Network Router
Nortel Networks Remote Gateway 50
260 pagine 3.99 mb -
Network Router
Nortel Networks BSGX4e
31 pagine 1.48 mb
Un buon manuale d’uso
Le regole impongono al rivenditore l'obbligo di fornire all'acquirente, insieme alle merci, il manuale d’uso Nortel Networks 7.11. La mancanza del manuale d’uso o le informazioni errate fornite al consumatore sono la base di una denuncia in caso di inosservanza del dispositivo con il contratto. Secondo la legge, l’inclusione del manuale d’uso in una forma diversa da quella cartacea è permessa, che viene spesso utilizzato recentemente, includendo una forma grafica o elettronica Nortel Networks 7.11 o video didattici per gli utenti. La condizione è il suo carattere leggibile e comprensibile.
Che cosa è il manuale d’uso?
La parola deriva dal latino "instructio", cioè organizzare. Così, il manuale d’uso Nortel Networks 7.11 descrive le fasi del procedimento. Lo scopo del manuale d’uso è istruire, facilitare lo avviamento, l'uso di attrezzature o l’esecuzione di determinate azioni. Il manuale è una raccolta di informazioni sull'oggetto/servizio, un suggerimento.
Purtroppo, pochi utenti prendono il tempo di leggere il manuale d’uso, e un buono manuale non solo permette di conoscere una serie di funzionalità aggiuntive del dispositivo acquistato, ma anche evitare la maggioranza dei guasti.
Quindi cosa dovrebbe contenere il manuale perfetto?
Innanzitutto, il manuale d’uso Nortel Networks 7.11 dovrebbe contenere:
- informazioni sui dati tecnici del dispositivo Nortel Networks 7.11
- nome del fabbricante e anno di fabbricazione Nortel Networks 7.11
- istruzioni per l'uso, la regolazione e la manutenzione delle attrezzature Nortel Networks 7.11
- segnaletica di sicurezza e certificati che confermano la conformità con le norme pertinenti
Perché non leggiamo i manuali d’uso?
Generalmente questo è dovuto alla mancanza di tempo e certezza per quanto riguarda la funzionalità specifica delle attrezzature acquistate. Purtroppo, la connessione e l’avvio Nortel Networks 7.11 non sono sufficienti. Questo manuale contiene una serie di linee guida per funzionalità specifiche, la sicurezza, metodi di manutenzione (anche i mezzi che dovrebbero essere usati), eventuali difetti Nortel Networks 7.11 e modi per risolvere i problemi più comuni durante l'uso. Infine, il manuale contiene le coordinate del servizio Nortel Networks in assenza dell'efficacia delle soluzioni proposte. Attualmente, i manuali d’uso sotto forma di animazioni interessanti e video didattici che sono migliori che la brochure suscitano un interesse considerevole. Questo tipo di manuale permette all'utente di visualizzare tutto il video didattico senza saltare le specifiche e complicate descrizioni tecniche Nortel Networks 7.11, come nel caso della versione cartacea.
Perché leggere il manuale d’uso?
Prima di tutto, contiene la risposta sulla struttura, le possibilità del dispositivo Nortel Networks 7.11, l'uso di vari accessori ed una serie di informazioni per sfruttare totalmente tutte le caratteristiche e servizi.
Dopo l'acquisto di successo di attrezzature/dispositivo, prendere un momento per familiarizzare con tutte le parti del manuale d'uso Nortel Networks 7.11. Attualmente, sono preparati con cura e tradotti per essere comprensibili non solo per gli utenti, ma per svolgere la loro funzione di base di informazioni e di aiuto.
Sommario del manuale d’uso
-
Pagina 1
© 2008 Nortel Networks Nortel Net works VPN Router v7.0 5 and Client Workstation v7.11 Security Target Evaluation Assurance Level : EAL 4 + Document Versio n: 3.9 Prepared for: Prepared b y : Nortel Networks Corsec Securit y, Inc. 600 Technolog y Park Drive Billerica, MA 01821 10340 Democr acy La ne, Suite 201 Fairfax, VA 22030 Phone: (800) 466- 7[...]
-
Pagina 2
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 2 of 67 © 2008 Nortel Networks Revision Histor y Version Modification Date Modified By Description of Changes 1.0 2005 - 05 - 31 Kiran Kadambari Initial draft. 2.0 2006 - 01 - 17 Nathan Lee Revised to use new document layout; addressed lab verdic[...]
-
Pagina 3
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 3 of 67 © 2008 Nortel Networks Table of Contents REVISION HISTORY ................................................................................................................................................ 2 TABLE OF CONTEN TS ..............[...]
-
Pagina 4
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 4 of 67 © 2008 Nortel Networks 7 PROTECTION PROFI LE CLAIMS ................................................................ ............................................... 51 7.1 P ROTECTI ON P ROFIL E R EFEREN CE ...............................[...]
-
Pagina 5
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 5 of 67 © 2008 Nortel Networks 1 Security T arget Introduction This section identifies the Security Target (ST), Target of Evaluatio n (T OE) identificatio n, ST conventions, ST conformance clai ms, and the ST organizatio n. The Tar gets of Evalu[...]
-
Pagina 6
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 6 of 67 © 2008 Nortel Networks Ke y w ords VPN, Router, Firewall, IPSec 1.3 Conven tions, A cronyms, and Terminology 1.3.1 Conventions There are several f ont variat ions used within this ST . Sel ected presentation choices are d iscussed here to[...]
-
Pagina 7
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 7 of 67 © 2008 Nortel Networks Term Explanation Manage Nortel VPN Router Grants administrative rights to view (monitor) and manage (configure) Nortel VPN Router configuration settings or user rights settings. This is the highest level of administ[...]
-
Pagina 8
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 8 of 67 © 2008 Nortel Networks 2 T OE Descripti on This section pro vides a general overview o f the TOE as an aid to understanding the general capabilities and security requirements provided b y the TOE . The TOE description provides a context f[...]
-
Pagina 9
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 9 of 67 © 2008 Nortel Networks mode, a No rtel VPN Rou ter on one Enterprise net work segment will establish a VPN tunnel with a nother Nortel VPN Ro uter on another Enterprise net w ork segment. All co mm unicatio ns between the two net work seg[...]
-
Pagina 10
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 10 of 67 © 2008 Nortel Networks Configuration of the T OE is performed via a Co mmand Line Interface ( CLI) by physicall y connecti ng a device (such as a laptop) to the serial interface of t he TOE and utilizing dumb-terminal software. After the[...]
-
Pagina 11
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 11 of 67 © 2008 Nortel Networks In Figure 3 above, the T OE is installed at the boun dar y of the private (“Enterprise”) network a nd the p ublic (“Internet”) network . I n Figure 4 above, the TOE is installed at the boundar y of the two [...]
-
Pagina 12
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 12 of 67 © 2008 Nortel Networks Legend: TOE Boundary The World Enterprise Corporate Network Internet Nortel VPN Client Workstation Nortel VPN Router VPN Tunnel Windows OS General Purpose Computing Hardware Nortel VPN Client Software Nortel VPN Sw[...]
-
Pagina 13
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 13 of 67 © 2008 Nortel Networks Nortel VPN Router: E ach of the logical components contained within t he physical Nortel VPN Router ar e included within the TOE boundary. T hese components are: o Nortel VPN S w itch Soft ware o VxWorks OS o Conti[...]
-
Pagina 14
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 14 of 67 © 2008 Nortel Networks Nortel VPN Rou ters, as well as p roviding protection agai nst external attac k. The ar chitecture of t he T OE ensures that VPN data is subj ect to enforcement of the VPN IFC SFP, and that all data passing through[...]
-
Pagina 15
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 15 of 67 © 2008 Nortel Networks 2.3.3 Excluded TOE Functionality The following prod uct features and functionali ty are excluded from the evaluated configuration of t he TOE: Remote VPN connection s using a tunneling proto col other than IPSec Re[...]
-
Pagina 16
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 16 of 67 © 2008 Nortel Networks 3 T OE Securi ty Environment This sectio n d escribes the security aspects of the environ ment in whic h t he TOE will be us ed and the manner i n which the TOE is expected to b e employed. Sectio n 3.1 provides as[...]
-
Pagina 17
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 17 of 67 © 2008 Nortel Networks Attackers w ho a re no t TOE users: T hese attackers have no knowled ge of how t he TOE operates and are assumed to po ssess a low skill level, a lo w level of motivation, li m ited resources to alter TOE configura[...]
-
Pagina 18
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 18 of 67 © 2008 Nortel Networks 4 Security Objectives This section identifie s the security objectives for the T OE and its supp orting environ m ent . T he securit y objectives identify the responsibilities o f the TOE and its environment in m e[...]
-
Pagina 19
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 19 of 67 © 2008 Nortel Networks 4.2 Security Objectives for the Env ironment 4.2.1 IT Security Objectives The following IT security objectives are to be satisfied b y the environment: OE.TIME The environment must provide reliable ti mestamps for [...]
-
Pagina 20
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 20 of 67 © 2008 Nortel Networks 5 IT Securit y Req uirement s This section d efines the Sec urity F unctional Requirements (SFRs) and Security Assurance Req uirements (SARs) met by the T OE as well as SFRs met by the T OE IT environment. These re[...]
-
Pagina 21
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 21 of 67 © 2008 Nortel Networks SFR ID Description ST Operation FMT_MSA.1(b) Management of Security Attributes FMT_MSA.1(c) Management of Security Attributes FMT_MSA.2 Secure Security Attributes FMT_MSA.3(a) Static Attribu[...]
-
Pagina 22
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 22 of 67 © 2008 Nortel Networks 5.1.1 Class FAU: Security A udit FAU_GEN.1 Audit Data Generation Hierarchical to : No other components. FAU_GEN.1.1 The TSF shall be able to generate an audit record of the following auditable events: a) Start-up a[...]
-
Pagina 23
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 23 of 67 © 2008 Nortel Networks The TSF shall provide the a udit records in a manner suitable for the user to interpret the information. Dependencies: FAU_GEN.1 Audit dat a generation[...]
-
Pagina 24
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 24 of 67 © 2008 Nortel Networks 5.1.2 Class FCS: Cryptographic Support FCS_CKM.1(a) Cryptographic key generation (Diffie-Hellman) Hierarchical to : No other components. FCS_CKM .1.1(a) The TSF shall generate cr yptographic keys in accordance with[...]
-
Pagina 25
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 25 of 67 © 2008 Nortel Networks FCS_COP.1.1 (a) The T SF shall perform [ encry ption and decryptio n ] in accordance with a specified cr y ptographic algorithm [ 3DES and AES ] and cryptographic key sizes [ 168 - bit key , 128 and 256-bit keys, r[...]
-
Pagina 26
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 26 of 67 © 2008 Nortel Networks Dependencies: [FDP_ITC.1 Import of user data without security a ttributes, or FDP_ITC.2 Import of user data with security attributes, or FCS_CKM .1 Cryptographic key generation] FCS_CKM .4 Cryptographic key destruc[...]
-
Pagina 27
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 27 of 67 © 2008 Nortel Networks 5.1.3 Class FDP: User Data Protection FDP_ACC.2 Complete access control Hierarchical to : FDP_ACC.1 FDP_ACC.2.1 The T SF shall e nforce the [ Access Control SFP ] on [ Subjects: administrators; Objects: VPN Ro uter[...]
-
Pagina 28
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 28 of 67 © 2008 Nortel Networks The TSF shall enforce the [ VPN Information Flow Con trol SFP ] on [ remote authenticated VPN Clients connecting to a Nortel VPN Router ] and all operations that cause that infor mation to flow to and fro m subject[...]
-
Pagina 29
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 29 of 67 © 2008 Nortel Networks FDP_IFF.1. 3(a) The TSF shall enforce t he [ none ]. FDP_IFF.1.4 (a) The TSF shall provide the following [ sta teful Firewall, Network Ad dress Translation (NAT), IPS ec ]. FDP_IFF.1.5 (a) The TSF shall explicitl y[...]
-
Pagina 30
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 30 of 67 © 2008 Nortel Networks Dependencies: FDP_IFC.1 Subset infor mation flow control FMT_M SA.3 Static attribute initialisation FDP_UCT.1 Basic data exchange confidentiality Hierarchical to : No other components. FDP_UCT.1.1 The T SF shall en[...]
-
Pagina 31
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 31 of 67 © 2008 Nortel Networks 5.1.4 Class FI A : Identification and Authentication FIA_UAU.1 Timing of authentication Hierarchical to : No other components. FIA_UAU.1.1 The TSF shall allow [ o connection co nfiguration, o username entry, o pass[...]
-
Pagina 32
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 32 of 67 © 2008 Nortel Networks The TSF shall require ea ch user to identif y itself be fore allowing any other 4 TSF-med iated actions on behalf of that user. Dependencies: No dependencies 4 “ Other ” in this SFR means any action not include[...]
-
Pagina 33
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 33 of 67 © 2008 Nortel Networks 5.1.5 Class FMT: Security Management FMT_MOF.1(a) Management of security functions behaviour Hierarchical to : No other components. FMT_MOF .1.1(a) The T SF shall restrict t he ability to [ modify th e behavio ur o[...]
-
Pagina 34
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 34 of 67 © 2008 Nortel Networks Dependencies: [FDP_ACC.1 Subset a ccess control or FDP_IFC.1 Subset infor mation flow control] FMT_SM F.1 Specification of m anage m ent functio ns FMT_SM R.1 Security roles FMT_MSA.1(c) Manageme nt of security att[...]
-
Pagina 35
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 35 of 67 © 2008 Nortel Networks FMT_MSA.3(b) Static attribute initialisation Hierarchical to : No other components. FMT_M SA.3.1(b) The TSF sh al l en force the [ Firewall Informatio n Control SFP ] to p rovide [ restrictive ] default values for [...]
-
Pagina 36
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 36 of 67 © 2008 Nortel Networks The TSF shall maintai n the roles [ Primary Admin, Restricted Ad min, VPN Us er ]. FMT_SM R.1.2 The TSF shall be able to associate users with roles. Dependencies: FIA_UID.1 Ti ming of identification[...]
-
Pagina 37
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 37 of 67 © 2008 Nortel Networks 5.1.6 Class FPT: Protection of the TSF FPT_AMT.1 Abstract machine testing Hierarchical to : No other components. FPT_AMT.1 .1 The TSF shall run a suite of tests [ during initial start- up, periodically during no r [...]
-
Pagina 38
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 38 of 67 © 2008 Nortel Networks 5.1.7 Class FTP: Trusted Path/Channels FTP_TRP.1 Trusted path Hierarchical to : No other components. FTP_TRP.1.1 The TSF shall provide a communication path between it self a nd [ remote ] users that is logically di[...]
-
Pagina 39
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 39 of 67 © 2008 Nortel Networks 5.2 Security Functional Requiremen ts on the IT Environmen t The T OE has the following se curity requirement for its IT environment. Table 5 identifies all SFRs implemented b y the IT Environment and indica tes th[...]
-
Pagina 40
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 40 of 67 © 2008 Nortel Networks The TSF TOE Env ironment shall be able to provide reliable time stamps for it’s the TO E’s own use. Dependencies: No dependencies[...]
-
Pagina 41
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 41 of 67 © 2008 Nortel Networks 5.3 A ssurance Requirements This section defines the assur ance requirements for the TOE. The assurance requ irements are taken fro m Part 3 of the CC and are EAL 4 augmented with ALC_F LR.2. Tab le 6 below summari[...]
-
Pagina 42
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 42 of 67 © 2008 Nortel Networks 6 T OE Summar y Specif icatio n This section presents infor mation to detail how the TOE meets the functional a nd ass urance requirements described in previous sections of thi s ST. 6.1 TOE Security Functions Each[...]
-
Pagina 43
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 43 of 67 © 2008 Nortel Networks TOE Security Function SFR ID Description FMT_MSA.3(b) Static Attribute Initialization FMT_MSA.3(c) Static Attribute Initialization FMT_SMF.1 Specification of Management Functions FMT_SMR.1 Security Roles Protection[...]
-
Pagina 44
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 44 of 67 © 2008 Nortel Networks System Log The System Log records data about System eve nts which are considered significant enoug h to b e written to disk, including t hose displa y ed in the Conf ig uration and Sec urity logs. Examples of event[...]
-
Pagina 45
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 45 of 67 © 2008 Nortel Networks 6.1.2 Cryptographic Support The T OE ’s cr y ptograph ic functionalit y is provided by a FIPS 140 -2-validated cryptographic m odule. All modules have received either a Level 1 or Level 2 FIPS 140 -2 vali dation.[...]
-
Pagina 46
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 46 of 67 © 2008 Nortel Networks for reuse. T his ensures that the keys a re co m pletely destroyed before an y other pro cess might have ac cess to that memory location. TOE Security Functio nal Require m ents Satisfied: FCS_CKM.1(a) , FCS_CKM.1([...]
-
Pagina 47
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 47 of 67 © 2008 Nortel Networks VPN Information Flow Control SFP and Firewall Information Flow Control SFP: B oth S FPs e nforce a stateful Fire wall. Eac h time a T CP connection is e stablished from a host on the internal network to a host on t[...]
-
Pagina 48
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 48 of 67 © 2008 Nortel Networks functions. The VPN User has no acce ss to administrative functions and may only aut henticate to the Nortel VP N Router through the Nor tel VPN Client in order to access the private network. The se roles deter mine[...]
-
Pagina 49
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 49 of 67 © 2008 Nortel Networks o Runs when a rando m number needs to be generated. Continuous RN G for Entropy Gathering : Verifi es that t he seed for the FIP S 182 -2 PRNG is not failing to a constant value. o Runs when a seed for the RNG need[...]
-
Pagina 50
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 50 of 67 © 2008 Nortel Networks Assurance Component Assurance Measure ALC_DVS.1 Nortel Networks Virtual Private Network Router v7.05 Life Cycle Support ALC_FLR.2 8 Nortel Networks Virtual Private Network Router v7.05 Life Cycle Support ALC_LCD.1 [...]
-
Pagina 51
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 51 of 67 © 2008 Nortel Networks 7 Protection Profile Claim s This section provides t he identification and justificatio n for any Protection Pr ofile conformance claims. 7.1 Protection Prof ile Reference There are no protection profile claims for[...]
-
Pagina 52
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 52 of 67 © 2008 Nortel Networks 8 Rationale This section provides th e rationale for the selection o f the sec urity require m e nts, o bjectives, assumptions, and threats. In particular, it shows that the security requireme nts ar e suitable to [...]
-
Pagina 53
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 53 of 67 © 2008 Nortel Networks T. AUTH- ERROR An authorized user may acc identally alter the co nfiguration of a policy tha t per m its or denies infor m ation flo w throug h the TOE, thereby affect ing t he integrity of the transmitted infor m [...]
-
Pagina 54
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 54 of 67 © 2008 Nortel Networks TE.PHYSICAL An attacker may physicall y attack the Ha rdware appliance in o rder to co m pro m ise its secure operation. The environ ment ensures that the T OE is ph ysically protected so that o nly TOE user s who [...]
-
Pagina 55
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 55 of 67 © 2008 Nortel Networks This may mean t he environ ment pro vides a co nnection to a trusted Certificate Autho rity, or that the required certificates are o therwise av ailable to the TO E. It is assumed that the appropriate infrastruct u[...]
-
Pagina 56
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 56 of 67 © 2008 Nortel Networks Table 12 - Rel ationship of Securit y Requirements to Objectiv es Objectives Requirements O.I&A O.AUDIT O.SELFPROTECT O.CONFIDENT O.FUNCTIONS O.ADMIN O.INTEGRITY O.REPLAY O.FILTER O.TEST OE.TIME OE.PROTECT OE.N[...]
-
Pagina 57
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 57 of 67 © 2008 Nortel Networks Objectives Requirements O.I&A O.AUDIT O.SELFPROTECT O.CONFIDENT O.FUNCTIONS O.ADMIN O.INTEGRITY O.REPLAY O.FILTER O.TEST OE.TIME OE.PROTECT OE.NONBYPASS FPT_AMT.1 FPT_RLT.1 FPT_TST.1 FTP_TRP.1 E[...]
-
Pagina 58
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 58 of 67 © 2008 Nortel Networks required to us e SH A-1 and i t must b e implemented acco rding to RFC 3 174 [ FCS_CKM.1(a) , FCS_CKM.4, and FCS_ COP.1(a, b,c,d,e,f) ]. O.CONFIDENT The TOE must use the IPSec tunnel ing proto col to ensure confide[...]
-
Pagina 59
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 59 of 67 © 2008 Nortel Networks The TSF is required to perfo rm security management functions such as create users and assign roles to users [FMT_SMF.1 ]. The TOE mu st be able to recognize the different administrative and user roles that exist f[...]
-
Pagina 60
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 60 of 67 © 2008 Nortel Networks authorized users with t he ability to verify the integrit y of TSF Data and T SF executable co de [FPT_AMT. 1 and FPT_TST.1]. OE.TIME The environment must provi de reliable timestamps for the time-stamping o f audi[...]
-
Pagina 61
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 61 of 67 © 2008 Nortel Networks SFR ID Dependencies Dependency Met FCS.CKM.4 FCS_CKM.1(a) FMT_MSA.2 FCS_COP.1 FCS_CKM.1(a) FCS_CKM.4 F MT _MSA.2 FDP_ACC.2 FDP_ACF.1 FDP_ACF.1 FDP_ACC.1 9 FMT_MSA.3 FDP_IFC.2 FDP_IFF.1 FDP_IFF.1[...]
-
Pagina 62
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 62 of 67 © 2008 Nortel Networks SFR ID Dependencies Dependency Met FPT_TST.1 FPT_AMT.1 FTP_TRP.1 [n one] 8.6 TOE Summary Specification Ration ale 8.6.1 TOE Summary Specification Rationale for the Security Functional Requirements Each s ub[...]
-
Pagina 63
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 63 of 67 © 2008 Nortel Networks 8.6.2 TOE Summary Spe cification Rationale for the Security Assurance Requirements 8.6.2.1 Configuration M anagement The Configuratio n Management d ocumentation pro vides a d escription of tools used to control th[...]
-
Pagina 64
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 64 of 67 © 2008 Nortel Networks Corresponding CC Ass urance Components: Functional Specification with Complete Su mmary Securi ty - E nforcing High-Le vel Design Descriptive Lo w-L e vel Design Implementation of the T SF Informal TOE Securit y Po[...]
-
Pagina 65
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 65 of 67 © 2008 Nortel Networks Corresponding CC Ass urance Components: Analysis of Coverage High-Level Design Functional Testing Independent Testing 8.6.2.7 Vulnerability and TOE Strength of Fu nction Analyses The Valid ation of An al ysis docu [...]
-
Pagina 66
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 66 of 67 © 2008 Nortel Networks 9 Acronyms Table 15 - Acronyms Ac ron y m Definition 3DES Triple DES AES Advanced Encryption Standard CC Common Criteria CLI Command Line Interface CPU Central Processing Unit DES Data Encryption Standard DoD Depar[...]
-
Pagina 67
Security Target, Version 3.9 March 18, 2008 Nortel VPN Router v7.05 and Client W orkstation v7.11 Page 67 of 67 © 2008 Nortel Networks Ac ron y m Definition SHA Secure Hash Algorithm SOF Strength of Function ST Security Target TCP Transmission Control Protocol TOE Target of Evaluation TSF TOE Security Function TSP TOE Security Policy UDP User Data[...]