Cisco Cisco IOS Software Release 12.4(23)
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
5. IT Security Requirements
Document Organization
19
Security Target For Cisco IOS IPSec
5. IT Security Requirements
5.1 TOE Security Functional Requirements
The TOE functional security requirements are drawn from [CC] Part 2, with the exception of
FAU_AUD.1, which is a bespoke security functional component, based on the [CC] Part 2 component
FAU_GEN.1.
FAU_AUD.1, which is a bespoke security functional component, based on the [CC] Part 2 component
FAU_GEN.1.
It was found to be necessary to include FAU_AUD.1 instead of FAU_GEN.1 as the requirements
imposed by FAU_GEN.1 are not appropriate for the TOE. The TOE does not record the startup and
shutdown of audit functions as the TOE has no facility to shutdown the audit functionality. Additionally,
the TOE is designed to remain operational at all times, making the requirement for audit of startup and
shutdown redundant.
imposed by FAU_GEN.1 are not appropriate for the TOE. The TOE does not record the startup and
shutdown of audit functions as the TOE has no facility to shutdown the audit functionality. Additionally,
the TOE is designed to remain operational at all times, making the requirement for audit of startup and
shutdown redundant.
Selections are enclosed in [square brackets], assignments are enclosed in [square brackets and
underlined], refinements are in bold and/or strikethrough.
underlined], refinements are in bold and/or strikethrough.
5.1.1. Audit data generation (FAU_AUD.1)
The TSF shall be able to generate an audit record of the following auditable events:
a.
All auditable events for the [not specified] level of audit; and
b.
[ Errors during IKE processing,
Errors during IPSEC processing,
When a packet matches a filtering rule, and
Errors during digital certificate processing ]
Errors during IPSEC processing,
When a packet matches a filtering rule, and
Errors during digital certificate processing ]
The TSF shall record within each audit record at least the following information:
c.
Date and time of the event, type of event, subject identity, and the outcome (success or failure) of
the event; and
the event; and
d.
For each audit event type, based on the auditable event definitions of the functional components
included in the PP/ST, [no other audit relevant information]
included in the PP/ST, [no other audit relevant information]
FAU_AUD.1.2
5.1.2. Audit Review (FAU_SAR.1)
The TSF shall provide [authorized users] with the capability to read [all audit information] from the audit
records.
records.
FAU_SAR1.1
The TSF shall provide the audit records in a manner suitable for the user to interpret the
information.
information.
FAU_SAR.1.2