Table of Contents
Advertisement
Security Target, Version 3.9
4 Security Objectives
This section identifies the security objectives for the TOE and its supporting environment. The security objectives
identify the responsibilities of the TOE and its environment in meeting the security needs.
4.1 Security Objectives for the TOE
The specific security objectives are as follows:
The TOE must be able to identify and authenticate users prior to allowing access to TOE
O.I&A
functions and data.
O.AUDIT
The TOE must record audit records for data accesses and use of the System functions.
O.SELFPROTECT
The TOE must protect itself from unauthorized modifications and access to its functions
and data.
The TOE must provide functionality that enables only authorized users to establish VPN
O.FUNCTIONS
sessions with the TOE using the IPSec protocol.
The TOE must provide facilities to enable an authorized administrator to effectively
O.ADMIN
manage the TOE and its security function, and must ensure that only authorized
administrators are able to access such functionality.
O.TEST
The TOE must provide functionality that enables testing of its correct functioning and
integrity.
The TOE must provide functionality that enables detection of replay attack and take
O.REPLAY
appropriate action if an attack is detected.
The TOE must use the IPSec tunneling protocol to ensure confidentiality of data
O.CONFIDENT
transmitted between the Nortel VPN Client and the Nortel VPN Router, and/or between
two Nortel VPN Routers.
The TOE must use the IPSec tunneling protocol to ensure integrity of data transmitted
O.INTEGRITY
between the Nortel VPN Client and the Nortel VPN Router, and/or between two Nortel
VPN Routers.
The TOE must filter all incoming and outgoing packets that pass through it, and accept or
O.FILTER
reject packets based on their attributes.
Nortel VPN Router v7.05 and Client Workstation v7.11
© 2008 Nortel Networks
March 18, 2008
Page 18 of 67
Advertisement
Table of Contents
