Cisco Cisco IOS Software Release 12.4(23)
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
3. TOE Security Environment
Document Organization
15
Security Target For Cisco IOS IPSec
3.2 Threats to Security
The Threat agents against the TOE are attackers with expertise, resources, and motivation that combines
to be a low attack potential.
to be a low attack potential.
3.2.1 Threats Addressed by the TOE
TOE addresses threats listed in
3.2.3 Organization Security Policies
describes the organizational security policies relevant to the operation of the TOE.
The organizational security policy, P.Connectivity, is required because it determines how packet flows
between trusted networks can be transmitted over an untrusted network. Each instance of the TOE
implements a portion of P.Connectivity, which must be matched to, and consistent with, other instances
of the TOE for the TOE security functions to be effective.
between trusted networks can be transmitted over an untrusted network. Each instance of the TOE
implements a portion of P.Connectivity, which must be matched to, and consistent with, other instances
of the TOE for the TOE security functions to be effective.
Table 7
Threats Addressed by the TOE
Name
Description
T.Attack
An attacker (whether an insider or outsider) may
gain access to the TOE and compromise its
security functions by altering its configuration.
gain access to the TOE and compromise its
security functions by altering its configuration.
T.Untrusted-Path
An attacker may attempt to disclose, modify, or
insert data within packet flows transmitted and
received by the TOE over an untrusted network.
insert data within packet flows transmitted and
received by the TOE over an untrusted network.
If such an attack was successful, the
confidentiality, integrity, and authenticity of
packet flows transmitted and received over an
untrusted path would be compromised.
confidentiality, integrity, and authenticity of
packet flows transmitted and received over an
untrusted path would be compromised.
Table 8
Organizational Security Policies
Name
Description
P.Connectivity
The organizational security policy will
•
Specify whether networks connected to the
TOE are trusted or untrusted
TOE are trusted or untrusted
•
Define which packet flows are to be protected
by the TOE
by the TOE
•
Associate each protected packet flow with a
peer TOE that will decrypt/encrypt the flow
peer TOE that will decrypt/encrypt the flow