HP 3PAR InForm OS Common Criteria Administrator's Reference (QL226-96586, October 2012)

ManualsBrandsHP ManualsComputer AccessoriesHP 3PAR InForm V400/4x600GB 15K Magazine LTU

21 Operating in Common Criteria Mode

Requirement

Auditable

Event(s)

Additional Audit

Record Content

InServ Event

FDP_ACC.2

The TOE controls all operations

between attached host clients

and Virtual Volumes.

None None None

FDP_ACF.1

The TOE enforces access

control rules to determine

whether attached hosts can

access (read-only or read-write)

configured Virtual Volumes as

described in the STs.

All requests to

perform an

operation on an

object covered by

the SFP

The identity of the subject

performing the operation

All tpdtcl actions that result in

modification of objects (create,

modify, delete) are logged via the

‘CLI Command’ type event, where

the message includes the name of

the command and the result, as

well as the user involved and the

source of the command.

FDP_AVL_EXT.1

The TOE allows CPGs to be

configured in RAID 0, 1, 5,

and 6 configurations and both

CPGs and VVs are configured

with warning and limit levels as

described in the STs.

None None None

FDP_RIP.2

The TOE is designed to ensure

that residual information will be

cleared prior to any potential

access when underlying

resources are reallocated

between user accessible objects

(i.e., Virtual Volumes).

None None None

FIA_ATD.1

The TOE defines users in terms

of user identity (i.e., name),

domain, class and password.

None. None None

FIA_UAU.1

With the exception of hosts

identified by iSCSI identifiers

and Fiber Channel WWNs

accessing virtual volumes on

designated ports, the TOE

doesn’t offer any services to

users until they are successfully

authenticated with their user

name and password or public

key.

All use of the

authentication

mechanism

Provided user identity,

origin of the attempt (e.g.,

IP address)

All authentications generate

events of type: ‘Authentication

Failure’, ‘Authentication Error’, or

‘CLI server process event’.

Hosts which appear (e.g., at

startup) and disappear (e.g., at

shutdown) on their ports display in

the audit log as 'Notification'

type events with either their FC

WWN, or iSCSI name in the

message text. The event indicates

'logged in' when a host appears

and 'lost' and/or 'logged out'

when a host disappears.

FIA_UAU.5

The TOE can be configured to

automatically utilize an external

LDAP server for authentication

of users not internally defined.

All use of the

authentication

mechanism

Origin of the attempt

(e.g., IP address)

See FIA_UAU.1. The type of

authentication (local, LDAP,

keyed) is not included in the log.