Manuals / Nortel Networks / Computer Equipment / Network Router

Nortel Networks 7.11, 7.05 manual T.Hack

Models: 7.11 7.05

1 67
Download 67 pages 33.01 Kb
Page 53
Image 53
Manual background

Security Target, Version 3.9March 18, 2008

T.AUTH-ERROR An authorized user may accidentally alter the configuration of a policy that permits or denies information flow through the TOE, thereby affecting the integrity of the transmitted information.

The TOE provide facilities to enable an authorized administrator to effectively manage the TOE and its security function, and ensures that only authorized administrators are able to access such functionality (O.ADMIN). The TOE provides functionality that enables testing of its correct functioning and integrity (O.TEST). Those responsible for the TOE train TOE users to establish and maintain sound security policies and practices (OE.TRAINED).

O.ADMIN, O.TEST, and OE.TRAINED combined ensure that this threat is removed.

T.DATA-MOD An attacker may intercept and alter the data transmitted between the Nortel VPN Client and the Nortel VPN Router, and/or between two Nortel VPN Routers, in order to deceive the intended recipient.

The TOE protects itself from unauthorized modifications and access to its functions and data (O.SELFPROTECT). The TOE uses IPSec tunneling protocol to ensure confidentiality and integrity of data transmitted between the Nortel VPN Client and the Nortel VPN Router, and/or between two Nortel VPN Routers (O.CONFIDENT & O.INTEGRITY). The TOE provides functionality that enables testing of its correct functioning and integrity (O.TEST). The TOE provides functionality that enables detection of replay attack and thus take action is a replay attack is detected (O.REPLAY).

O.SELFPROTECT, O.CONFIDENT, O.INTEGRITY, O.TEST, and O.REPLAY combined ensure that this threat is removed.

T. HACK-CRYPTO An attacker may successfully intercept and decrypt, then recover and modify the encrypted data that is in transit between the Nortel VPN Router and VPN Client, and/or between two Nortel VPN Routers.

The TOE protects itself from unauthorized modifications and access to its functions and data (O.SELFPROTECT). The TOE uses IPSec tunneling protocol to ensure confidentiality and integrity of data transmitted between the Nortel VPN Client and the Nortel VPN Router, and/or between two Nortel VPN Routers (O.CONFIDENT & O.INTEGRITY). The TOE provides functionality that enables testing of its correct functioning and integrity (O.TEST). The TOE provides functionality that enables detection of replay attack and thus take action is a replay attack is detected (O.REPLAY).

O.SELFPROTECT, O.CONFIDENT, O.INTEGRITY, O.TEST, O.REPLAY combined ensure that this threat is removed.

T.HACK

An attacker may use malformed IP packets or similar attack methods against the TSF or

 

user data protected by the TOE in order to corrupt normal operation.

 

 

The TOE protects itself from unauthorized modifications and access to its functions and data

 

(O.SELFPROTECT). The TOE filters all incoming and outgoing packets that pass through it, and

 

accepts or rejects transmissions based on their attributes (O.FILTER). The environment ensures

 

that the required certificate infrastructure is provided so that the validity of certificates can be

 

verified. The TOE provides functionality that enables testing of its correct functioning and

 

integrity (O.TEST). The TOE provides functionality that enables detection of replay attack and

 

thus take action is a replay attack is detected (O.REPLAY). The Environment also ensures that

 

the chosen infrastructure is maintained so that certificates have their state accurately provided to

 

the TOE (OE.CERTIFICATE).

 

 

O.SELFPROTECT, O.FILTER, O.TEST, O.REPLAY, and OE.CERTIFICATE combined ensure

 

that this threat is removed.

 

 

 

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 53 of 67

 

© 2008 Nortel Networks

 

Page 52 Page 54
Page 53
Image 53
Nortel Networks 7.11, 7.05 manual T.Hack
Page 52 Page 54