Cisco Cisco IOS Software Release 12.4(23)
8. Rationale
Document Organization
45
Security Target For Cisco IOS IPSec
FMT_MTD.1
The TSF CONFIG.2 satisfies this requirement by only allowing the privileged administrator to alter the
TSF configuration
TSF configuration
FMT_SMF.1
The TSFs CONFIG.1, CONFIG.2 and CONFIG.3 satisfy this requirement as these TSFs provide all the
means with which to interact with the security configuration of the TOE.
means with which to interact with the security configuration of the TOE.
FMT_SMR.2
The TSF CONFIG.2 satisfies this requirement by maintaining administrator and privileged administrator
roles and ensuring that a user is authenticated as an administrator before allowing them to authenticate
as a privileged administrator by using the “enable” password.
roles and ensuring that a user is authenticated as an administrator before allowing them to authenticate
as a privileged administrator by using the “enable” password.
FMT_SMR.3
The TSF CONFIG.2 satisfies this requirement by requiring the user to explicitly request using the
“enable” command to assume the role of privileged administrator.
“enable” command to assume the role of privileged administrator.
FPT_AMT.1
The TSF CONFIG.2 satisfies this requirement by initiating a suite of tests upon startup to ensure proper
operation of the underlying abstract machine which underlies the TOE.
operation of the underlying abstract machine which underlies the TOE.
FPT_STM.1
The TSF CONFIG.1 satisfies this requirement by monitoring the network time and using the timestamp
in audit records.
in audit records.
FPT_TST.1
The TSF CONFIG.2 satisfies this requirement by initiating a suite of tests upon startup to ensure proper
operation of the TOE functions.
operation of the TOE functions.
FTA_TSE.1
The TSF PACKETFILTER.1 satisfies this requirement by examining each packet and discarding those
which do not match the access control list it holds.
which do not match the access control list it holds.
FTP_ITC.1
The TSFs IPSEC.1, IPSEC.2 and IPSEC.3 satisfy this requirement by authenticating IPSec peers using
pre-shared keys, RSA keys or digital certificates and establishing a trusted channel (called Security
Associations) for the communication of information with assured identification of end-points; using ESP
on IP datagrams to provide confidentiality, authentication, integrity and non-repudiation of sender; and
maintaining a cryptographic map which ensures that packet flow source, destination and transmission
parameters are controlled
pre-shared keys, RSA keys or digital certificates and establishing a trusted channel (called Security
Associations) for the communication of information with assured identification of end-points; using ESP
on IP datagrams to provide confidentiality, authentication, integrity and non-repudiation of sender; and
maintaining a cryptographic map which ensures that packet flow source, destination and transmission
parameters are controlled
8.2.3 SFR Dependency Rationale
shows that the security target has been satisfied SFR’s with dependencies.