Nortel Networks 7.11, 7.05 manual Security Audit, Accounting Logs, Security Log, Configuration Log

Page 43

Security Target, Version 3.9

 

 

 

March 18, 2008

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

TOE Security

 

SFR ID

 

Description

 

 

 

 

 

 

 

 

 

 

Function

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

FMT_MSA.3(b)

 

Static Attribute Initialization

 

 

 

 

 

 

 

 

 

 

 

FMT_MSA.3(c)

 

Static Attribute Initialization

 

 

 

 

 

 

 

 

 

 

 

FMT_SMF.1

 

Specification of Management Functions

 

 

 

 

 

 

 

 

 

 

 

FMT_SMR.1

 

Security Roles

 

 

 

 

 

 

 

 

 

Protection of the TSF

 

FPT_AMT.1

 

Abstract Machine Testing

 

 

 

 

 

 

 

 

 

 

 

FPT_RPL.1

 

Replay Detection

 

 

 

 

 

 

 

 

 

 

 

FPT_TST.1

 

TSF Testing

 

 

 

 

 

 

 

 

 

Trusted Path/Channels

 

FTP_TRP.1

 

Trusted Path

 

 

 

 

 

 

 

 

6.1.1 Security Audit

The TOE generates five types of audit data:

Accounting Logs

The Accounting Log records the following data about user sessions:

 

 

Last name

 

 

First name

 

 

User ID

 

 

Tunnel type

 

 

Session start date

 

 

Session end date

 

 

Number of packets transferred

 

 

Number of bytes transferred

 

Security Log

The Security Log records data about both successful and failed system and user security

 

events. The audited events include:

 

 

Authentication and authorization events

 

 

Tunnel or administration requests

 

 

Encryption and decryption, authentication, or compression

 

 

Hours of access

 

 

Number of session violations

 

 

Communications with servers

 

 

LDAP

 

 

RADIUS

 

Configuration Log

The Configuration Log records data about configuration changes, including the addition,

 

modification, or deletion of:

 

 

Group or user profiles

 

 

Local Area Network (LAN or Wide Area Network (WAN) interfaces

 

 

Filters

 

 

System access hours

 

 

Shutdown or startup policies

 

 

File maintenance or backup policies

 

 

 

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 43 of 67

 

© 2008 Nortel Networks

 

Page 42 Page 44
Image 43
Page 42 Page 44
Contents Nortel Networks Corsec Security, Inc Version Modification Date Modified By Description of Changes Revision HistoryTable of Contents Rationale Table of FiguresTable of Tables Protection Profile ClaimsST, TOE, and CC Identification and Conformance Security Target IntroductionPurpose Security Target, TOE and CC Identification and ConformanceTerminology Conventions, Acronyms, and TerminologyConventions TerminologyPrimary Admin password Product Type TOE DescriptionProduct Description Branch Office Deployment Configuration of the TOE Physical Boundary TOE Boundaries and ScopeTOE Environment Logical BoundaryEnterprise WorldCryptographic Support Security AuditUser Data Protection Trusted Path/Channels Identification and AuthenticationSecurity Management Protection of the TOE Security FunctionsExcluded TOE Functionality Assumptions TOE Security EnvironmentThreats to Security Threats Addressed by the TOE Environment Threats Addressed by the TOESecurity Objectives for the TOE Security ObjectivesOE.TIME Security Objectives for the EnvironmentIT Security Objectives Non-IT Security ObjectivesST Operation IT Security RequirementsTOE Security Functional Requirements TOE Security Functional RequirementsDescription ST Operation Auditable Events Class FAU Security AuditFAUGEN.1 Audit Data Generation FAUSAR.1 Audit reviewDependencies FAUGEN.1 Audit data generation FCSCKM.4 Cryptographic key destruction Class FCS Cryptographic SupportFCSCKM.1a Cryptographic key generation Diffie-Hellman FCSCKM.1b Cryptographic key generation RSAFCSCOP.1d Cryptographic operation random number generation FCSCOP.1b Cryptographic operation authenticationFCSCOP.1e Cryptographic operation hashing Security Target, Version March 18 FDPIFC.2a Complete information flow control VPN FDPACC.2 Complete access controlFDPACF.1 Security attribute based access control Class FDP User Data ProtectionFDPIFF.1a Simple security attributes VPN FDPIFC.2b Complete information flow control FirewallFDPIFF.1b Simple security attributes Firewall FDPUIT.1.1 FDPUCT.1 Basic data exchange confidentialityFDPUIT.1 Data exchange integrity FDPUCT.1.1FIAUID.2 User identification before any action Class FIA Identification and AuthenticationFIAUAU.1 Timing of authentication FIAUAU.5 Multiple authentication mechanismsDependencies No dependencies FMTMSA.1a Management of security attributes Class FMT Security ManagementFMTMOF.1a Management of security functions behaviour FMTMOF.1b Management of security functions behaviourFMTMSA.2.1 FMTMSA.1c Management of security attributesFMTMSA.2 Secure security attributes FMTMSA.3a Static attribute initialisationFMTSMR.1 Security roles FMTSMF.1 Specification of Management FunctionsFMTMSA.3b Static attribute initialisation FMTMSA.3c Static attribute initialisationFMTSMR.1.2 FPTRPL.1 Replay detection FPTAMT.1 Abstract machine testingFPTTST.1 TSF testing Class FPT Protection of the TSFFTPTRP.1.2 Class FTP Trusted Path/ChannelsFTPTRP.1 Trusted path FTPTRP.1.1FPTSTM.1 Reliable time stamps Security Functional Requirements on the IT EnvironmentFPTRVM.1 Non-bypassability of the TSP FPTSEP.1 TSF domain separation Security Target, Version 3.9March 18 Assurance Components Assurance RequirementsAssurance Requirements Description Function TOE Summary SpecificationTOE Security Functions TOE SecuritySecurity Log Configuration LogSecurity Audit Accounting LogsEvent Log System LogValidation Modules Fips 140-2 Certificate # Cryptographic SupportFips Validated Modules FIPS-Validated Cryptographic AlgorithmsUser Data Protection Security Management Identification and AuthenticationProtection of the TOE Security Functions Power-Up Self-TestsConditional Self-Tests Assurance Assurance Measure Component TOE Security Assurance MeasuresTrusted Path/Channels TOE Security Functional Requirements Satisfied FTPTRP.1Augmentation to EAL 4+ assurance level Protection Profile Reference Protection Profile ClaimsTOE Objectives Environmental Objectives Non-IT RationaleSecurity Objectives Rationale Relationship of Security Threats to ObjectivesHack Certificate OE.CERTIFICATE Security Functional Requirements RationaleObjectives Requirements Relationship of Security Requirements to ObjectivesEnv Functions and dataFMTMSA.3a,b,c Able to access such functionalityIntegrity Reject packets based on their attributesFunctional Requirements Dependencies Security Assurance Requirements RationaleRationale for Strength of Function Dependency RationaleFCSCOP.1 TOE Summary Specification Rationale Secure Delivery and Operation Configuration ManagementDevelopment Life Cycle Support Documents Guidance DocumentationTests Vulnerability and TOE Strength of Function Analyses Strength of FunctionDoD AcronymsAcronyms Acronym DefinitionSHA
Top Page Image Contents