Security Measures For The Operational Environment; Table 9: Operational Environment Security Measures - Cisco ASR 1000 Series Common Criteria Operational User Guidance And Preparative Procedures
Aggregation services router
Hide thumbs
Also See for ASR 1000 Series:
- Software configuration manual (602 pages) ,
- Configuration manual (442 pages) ,
- Replacing (120 pages)
Table of Contents
Advertisement
8 Security Measures for the Operational Environment
Proper operation of the TOE requires functionality from the environment. It is the
responsibility of the authorized administrator of the TOE to ensure that the Operational
Environment provides the necessary functions, and adheres to the environment security
objectives listed below. The environment security objective identifiers map to the
environment security objectives as defined in the Security Target.
Table 10: Operational Environment Security Measures
Environment
Security Objective
OE.NO_GENERAL_PURPO
SE
OE.PHYSICAL
OE.TRUSTED_ADMIN
OE.CONNECTIONS
Operational Environment
Security Objective
Definition
There are no general-purpose
computing capabilities (e.g.,
compilers or user applications)
available on the TOE, other than
those services necessary for the
operation, administration and
support of the TOE.
Physical security, commensurate
with the value of the TOE and the
data it contains, is provided by the
environment.
TOE Administrators are trusted to
follow and apply all administrator
guidance in a trusted manner.
TOE administrators will ensure that
the TOE is installed in a manner that
will allow the TOE to effectively
enforce its policies on network
traffic flowing among attached
networks.
Privileged and Semi-
privileged
administrator
responsibility
Administrators will make sure
there are no general-purpose
computing capabilities (e.g.,
compilers or user applications)
available on the TOE.
Administrators must ensure the
TOE is installed and maintained
within a secure physical
location. This can include a
secured building with key card
access or within the physical
control of an authorized
administrator in a mobile
environment.
Administrators must be properly
trained in the usage and proper
operation of the TOE and all the
provided functionality per the
implementing organization's
operational security policies.
These administrators must
follow the provided guidance.
Administrators must ensure that
the TOE can enforce its security
policies on the network traffic
and not allowed to be ineffective
due to faulty installation.
Page 70 of 72
Hide quick links:
Advertisement
Table of Contents
