Cisco Cisco IOS Software Release 12.4(23)
2.0 TOE Description
Document Organization
9
Security Target For Cisco IOS IPSec
2.1.1 Cisco IOS Routers
Routers forward packets from one network segment to another based on network layer information (such
as an IP address). Interconnected routers will exchange information to determine the optimal path along
which network traffic should be forwarded. The primary function of a router is to provide connectivity
between networks of end systems. Routers can also filter packets to permit or deny packet flows.
as an IP address). Interconnected routers will exchange information to determine the optimal path along
which network traffic should be forwarded. The primary function of a router is to provide connectivity
between networks of end systems. Routers can also filter packets to permit or deny packet flows.
All Cisco routers use common operating system software called the Internetwork Operating Systems
(IOS). For a Cisco router to be compliant with the TOE, it must be equipped with the appropriate version
of the Cisco IOS software that includes the IPSec function and configured in accordance with the TOE.
The TOE-compliant routers and Cisco IOS software versions are identified in
(IOS). For a Cisco router to be compliant with the TOE, it must be equipped with the appropriate version
of the Cisco IOS software that includes the IPSec function and configured in accordance with the TOE.
The TOE-compliant routers and Cisco IOS software versions are identified in
.
2.2 General TOE Functionality
The primary security function of the TOE is the use of IPSec to provide confidentiality, authenticity, and
integrity services for packet flows. Other functions of the TOE support this primary function.
integrity services for packet flows. Other functions of the TOE support this primary function.
This section describes IPSec options that are supported by the TOE and the TOE functions that support
IPSec. A more detailed description of the operation of IPSec can be found in Appendix A.
IPSec. A more detailed description of the operation of IPSec can be found in Appendix A.
2.2.1 IPSec
IPSec is a proposed Internet standard developed by the IETF and described in RFCs 2401-2410 and
2451. It provides network data encryption at the IP packet level to guarantee the confidentiality,
authenticity, and integrity of IP packets. IPSec only supports IP packets; other network protocols must
be encapsulated within IP to be encrypted with IPSec.
2451. It provides network data encryption at the IP packet level to guarantee the confidentiality,
authenticity, and integrity of IP packets. IPSec only supports IP packets; other network protocols must
be encapsulated within IP to be encrypted with IPSec.
Individual IP packets encrypted with IPSec can be detected during transmission, but the IP packet
contents (payload) cannot be read. IPSec encrypted packets are forwarded through an IP network in
exactly the same manner as normal IP packets, allowing IPSec encrypted packets to be transported across
networks and internetworking devices that do not participate in IPSec.
contents (payload) cannot be read. IPSec encrypted packets are forwarded through an IP network in
exactly the same manner as normal IP packets, allowing IPSec encrypted packets to be transported across
networks and internetworking devices that do not participate in IPSec.
The actual encryption and decryption of IP packets occurs only at devices that are capable of, and
configured for, IPSec. When an IP packet is transmitted or received by an IPSec-enabled device, it is
encrypted or decrypted only if the packet meets criteria defined by the administrator. These criteria are
typically described in the form of access-lists.
configured for, IPSec. When an IP packet is transmitted or received by an IPSec-enabled device, it is
encrypted or decrypted only if the packet meets criteria defined by the administrator. These criteria are
typically described in the form of access-lists.
Internetworking devices such as routers are used to connect networks together to form larger networks.
They are therefore logical places in which to implement IPSec to provide confidentiality, authenticity,
and integrity for packet flows passing from one network to another.
They are therefore logical places in which to implement IPSec to provide confidentiality, authenticity,
and integrity for packet flows passing from one network to another.
This is the functionality described by the TOE; for example, internetworking devices compliant with the
TOE are deployed at the edges of untrusted networks (such as the Internet), to provide secure
communications between two trusted networks that are physically separated. Cleartext (unencrypted)
packet flows that enter an internetworking device from the trusted network side are encrypted by the
TOE and forwarded across the untrusted network. When the encrypted packet flow reaches the remote
internetworking device, the TOE decrypts the traffic before forwarding it into the remote secure network.
IP Packets are encrypted at one internetworking device’s outbound interface and decrypted at the other
device’s inbound interface.
TOE are deployed at the edges of untrusted networks (such as the Internet), to provide secure
communications between two trusted networks that are physically separated. Cleartext (unencrypted)
packet flows that enter an internetworking device from the trusted network side are encrypted by the
TOE and forwarded across the untrusted network. When the encrypted packet flow reaches the remote
internetworking device, the TOE decrypts the traffic before forwarding it into the remote secure network.
IP Packets are encrypted at one internetworking device’s outbound interface and decrypted at the other
device’s inbound interface.
lists the IPSec options that are supported by the TOE.