Manualshelf

Hardware manual

ManualsBrandsBrocade Communications Systems ManualsComputer equipmentNetIron CER Series
41424344454647484950
Version 1.1, 03/31/2015
GSS CCT Evaluation Technical Report Page 43 of 56 © 2015 Gossamer Security Solutions, Inc.
Document: AAR-BrocadeNetIron5.8 All rights reserved.
Component Assurance Activities: Updates to the TOE either have a hash associated with them, or are signed by an
authorized source. If digital signatures are used, the definition of an authorized source is contained in the TSS,
along with a description of how the certificates used by the update verification mechanism are contained on the
device. The evaluator ensures this information is contained in the TSS. The evaluator also ensures that the TSS (or
the operational guidance) describes how the candidate updates are obtained; the processing associated with
verifying the digital signature or calculating the hash of the updates; and the actions that take place for successful
(hash or signature was verified) and unsuccessful (hash or signature could not be verified) cases.
Section 6.6 of the ST discusses TOE software updates. Updates can either be manually obtained by the
administrator using CLI commands over SCP. Prior to actually installing and using the new software image, its
digital certificate is verified by the TOE using the public key in the certificate configured in the TOE. An unverified
image cannot be installed. Note that the TOE comes preinstalled with an applicable Brocade public certificate.
The evaluator shall perform the following tests:
Test 1: The evaluator performs the version verification activity to determine the current version of the product.
The evaluator obtains a legitimate update using procedures described in the operational guidance and verifies that
it is successfully installed on the TOE. Then, the evaluator performs a subset of other assurance activity tests to
demonstrate that the update functions as expected. After the update, the evaluator performs the version
verification activity again to verify the version correctly corresponds to that of the update.
Test 2: The evaluator performs the version verification activity to determine the current version of the product.
The evaluator obtains or produces an illegitimate update, and attempts to install it on the TOE. The evaluator
verifies that the TOE rejects the update.
The evaluator updated the TOE to a later development version of the TOE. The version did update properly. For
the improper update, the evaluator attempted to load a correct image and incorrect signature and the reverse.
The signature verification failed in each case.
2.7 TOE ACCESS (FTA)
2.7.1 TSF-INITIATED TERMINATION (FTA_SSL.3)
2.7.1.1 FTA_SSL.3.1