Installation guide

ManualsBrandsBrocade Communications Systems ManualsOtherFCX624S-HPOE

Brocade FastIron SX, ICX, and FCX Series Switch/Router 08.0.01 Security Target Version 1.1, May 13, 2014

Page 2 of 48

1. SECURITY TARGET INTRODUCTION ........................................................................................................ 3

1.1 SECURITY TARGET REFERENCE ...................................................................................................................... 4

1.2 TOE REFERENCE ............................................................................................................................................ 4

1.3 TOE OVERVIEW ............................................................................................................................................. 4

1.4 TOE DESCRIPTION ......................................................................................................................................... 5

1.4.1 TOE Architecture ................................................................................................................................... 6

1.4.2 TOE Documentation .............................................................................................................................. 8

2. CONFORMANCE CLAIMS ............................................................................................................................ 10

2.1 CONFORMANCE RATIONALE ......................................................................................................................... 10

3. SECURITY OBJECTIVES .............................................................................................................................. 11

3.1 SECURITY OBJECTIVES FOR THE TOE ........................................................................................................... 11

3.2 SECURITY OBJECTIVES FOR THE ENVIRONMENT ........................................................................................... 11

4. EXTENDED COMPONENTS DEFINITION ................................................................................................ 13

5. SECURITY REQUIREMENTS ....................................................................................................................... 14

5.1 TOE SECURITY FUNCTIONAL REQUIREMENTS ............................................................................................. 14

5.1.1 Security Audit (FAU) ........................................................................................................................... 15

5.1.2 Cryptographic Support (FCS).............................................................................................................. 18

5.1.3 User Data Protection (FDP) ............................................................................................................... 25

5.1.4 Identification and Authentication (FIA) ............................................................................................... 25

5.1.5 Security management (FMT) ............................................................................................................... 27

5.1.6 Protection of the TSF (FPT) ................................................................................................................ 28

5.1.7 TOE access (FTA) ................................................................................................................................ 30

5.1.8 Trusted path/channels (FTP) ............................................................................................................... 31

5.2 TOE SECURITY ASSURANCE REQUIREMENTS ............................................................................................... 32

5.2.1 Development (ADV) ............................................................................................................................. 33

5.2.2 Guidance documents (AGD) ................................................................................................................ 33

5.2.3 Life-cycle support (ALC) ..................................................................................................................... 35

5.2.4 Tests (ATE) .......................................................................................................................................... 36

5.2.5 Vulnerability assessment (AVA) ........................................................................................................... 37

5.3 REQUIREMENT DEPENDENCY RATIONALE .................................................................................................... 37

6. TOE SUMMARY SPECIFICATION .............................................................................................................. 39

6.1 SECURITY AUDIT .......................................................................................................................................... 39

6.2 CRYPTOGRAPHIC SUPPORT ........................................................................................................................... 40

6.3 USER DATA PROTECTION .............................................................................................................................. 43

6.4 IDENTIFICATION AND AUTHENTICATION ....................................................................................................... 43

6.5 SECURITY MANAGEMENT ............................................................................................................................. 44

6.6 PROTECTION OF THE TSF ............................................................................................................................. 46

6.7 TOE ACCESS ................................................................................................................................................. 47

6.8 TRUSTED PATH/CHANNELS ........................................................................................................................... 47

LIST OF TABLES

Table 1 TOE Security Functional Components ...................................................................................................... 15

Table 2 Auditable Events .......................................................................................................................................... 17

Table 3 EAL 1 Assurance Components ................................................................................................................... 33

Table 4 Requirement Dependencies ......................................................................................................................... 38

Table 5 Cryptographic Functions ............................................................................................................................ 40

Table 6 NIST SP800-56B Conformance .................................................................................................................. 41

Table 12 Keys and CSPs ........................................................................................................................................... 41

Table 9 Security Related Configuration Commands .............................................................................................. 45