Cisco IPS4345 Bedienungsanleitung PDF herunterladen (Seite 17)

Cisco Intrusion Prevention System Security Target

1.6.6 Protection of the TSF

The TOE protects against interference and tampering by untrusted subjects by implementing

identification, authentication, and access controls to limit configuration to authorized

administrators. Additionally Cisco IPS is not a general-purpose operating system and access to

Cisco IPS functionality is restricted to only Cisco IPS processes and IPS administrators.

The TOE internally maintains the date and time. This date and time is used as the timestamp that

is applied to audit records generated by the TOE. Administrators can update the TOE’s clock

manually, or can configure the TOE to use NTP to synchronize the TOE’s clock with an external

time source. Finally, the TOE performs testing to verify correct operation of the router itself and

that of the cryptographic module.

1.6.7 TOE Access

The TOE can terminate inactive sessions after an authorized administrator configurable time-

period. Once a session has been terminated, the TOE requires the user to re-authenticate to

establish a new session.

The TOE can also display an authorized administrator specified banner on the CLI management

interface prior to allowing any administrative access to the TOE.

1.6.8 Trusted path/Channels

The TOE allows trusted paths to be established to itself from remote administrators over SSHv2

and TLSv1.2. When configured by an Administrator to dynamically modify access control lists

on compatible network traffic filtering devices such as routers and firewalls, the TOE supports

initiation of SSH connections to those network devices. The TOE also supports remote retrieval

of audit records over TLS/HTTPS connections initiated to the TOE from authorized and

authenticated remote systems.

1.7 Excluded Functionality

The following functionality is excluded from use in the certified configurations.

Table 6: Excluded Functionality

Excluded Functionality

Exclusion Rationale

Use of telnet for remote administration.

The NDPPv1.1 requires all remote administration to be

secured in one of IPsec, SSH, or TLS. Use of telnet would

transmit authentication and configuration data unencrypted.

SSHv2 will be used for remote administration via the CLI.

Use of HTTP (instead of HTTPS/TLS) for remote

administration or for retrieval of event log data.

The NDPPv1.1 requires all remote administration to be

secured in one of IPsec, SSH, or TLS. Use of HTTP would

transmit authentication and configuration data unencrypted.

TLS will be used for remote administration via any GUI, and

for retrieval of event log data.

1 2 ... 12 13 14 15 16 17 18 19 20 21 22 ... 60 61

Keine Kommentare

Cisco IPS4345 Bedienungsanleitung Seite 17