Manualshelf

Common Criteria for HP Networking Switches

ManualsBrandsHP ManualsComputer AccessoriesHP 20-port 10/100/1000 PoE+ / 4-port Mini-GBIC zl Module
12345678910
3
Contents
Scope ........................................................................................................................................ 5
Purpose ..................................................................................................................................... 5
Security Audit Functions ......................................................................................................... 6
Cryptographic Functions ......................................................................................................... 6
Information Flow Control Functions ........................................................................................ 6
Identification and Authentication Functions ............................................................................. 7
Security Management Functions ............................................................................................ 7
TOE Access Functions ........................................................................................................... 8
Protection of the TSF Functions ............................................................................................. 8
Operational Assumptions ........................................................................................................... 8
Switch Configuration Overview .................................................................................................. 8
Evaluation Exclusions ...............................................................................................................10
Downloading the K.15.09.0004 or KA.15.09.004 Software Version ...........................................10
Downloading the K.15.09 or KA.15.09 Software Manual Set .....................................................10
Hardening HP Networking Switches ..........................................................................................11
Executive Summary and Purpose ..........................................................................................11
Insecure Protocols and Secure Alternatives ..........................................................................11
Telnet vs. Secure Shell ......................................................................................................11
HTTP vs. HTTPS ...............................................................................................................12
TFTP vs. SFTP and SCP ...................................................................................................12
SNMPv1/2c vs. SNMPv3 ...................................................................................................12
IP Stack Management ........................................................................................................13
Access Control ..........................................................................................................................14
Secure Management VLAN ...................................................................................................14
Authorized IP Managers .....................................................................................................14
Authentication ....................................................................................................................15
Local Authentication ...........................................................................................................16
RADIUS Authentication ......................................................................................................17
TACACS Authentication .....................................................................................................17
Server-Supplied Privilege Level .........................................................................................17
Console Inactivity Timer .....................................................................................................18
Attack Prevention ......................................................................................................................18