Cisco Cisco IOS Software Release 12.4(4)T

To clarify the nature of the security problem that the TOE is intended to solve, this section describes the 
following:

Any assumptions about the security aspects of the environment and of the manner for which the TOE 
is intended.

Any known or assumed threats to the assets against which specific protection within the TOE or its 
environment is required.

Any organizational security policy statements or rules with which the TOE must comply.

 lists assumptions that are made in relation to the operation of TOE. 

A.PHYSEC

The TOE is physically secure.

A.MODEXP

The threat of malicious attacks aimed at discovering exploitable 
vulnerabilities is considered moderate.

A.GENPUR

There is no general purpose computing capabilities (e.g., the 
ability to execute arbitrary code or applications) and storage 
repository capabilities on the TOE.

A.PUBLIC

The TOE does not host public data.

A.NOEVIL

Authorized administrators are non-hostile and follow all 
administrator guidance; however, they are capable of error.

A.SINGEN

Information cannot flow among the internal and external 
networks unless it passes through the TOE.

A.DIRECT

Human users within the physically secure boundary protecting 
the TOE may attempt to access the TOE from some direct 
connection (e.g., a console port) if the connection is part of the 
TOE.

A.REMACC

Authorized administrator may access the TOE remotely from 
the internal and external networks.

A.PROTECTIF

The PFSS is to be connected to the Cisco IOS Firewall enabled 
router such that the network interface of the PFSS is only 
accessible by the TSF. This may be achieved by either directly 
connecting the PFSS to the router, or indirectly over the trusted 
network. This protection of the PFSS network interface is 
required by PD-0113.