Resource Utilization; Toe Access; Trusted Path/Channels; Excluded Functionality - Cisco Catalyst 4503-E Manual
Catalyst 4500 series
Hide thumbs
Also See for Catalyst 4503-E:
- Brochure (2 pages) ,
- Configuration manual (612 pages) ,
- Installation manual (172 pages)
Table of Contents
Advertisement
Cisco Cat4K NDPP ST
EDCS-1228241
the TOE's clock with an external time source. Finally, the TOE performs testing to
verify correct operation of the switch itself and that of the cryptographic module
1.7.7 Resource Utilization
The TOE provides the capability of controlling and managing resources so that a denial
of service will not occur. The resource allocations are configured to limit the number of
concurrent administrator sessions.
1.7.8 TOE Access
The TOE can terminate inactive sessions after an authorized administrator configurable
time-period. Once a session has been terminated the TOE requires the user to re-
authenticate to establish a new session.
The TOE also provides the authorized administrator with the ability to specify a
notification of use banner on the CLI management interface prior to allowing any
administrative access to the TOE.
1.7.9 Trusted Path/Channels
The TOE establishes a trusted path between the appliance and the CLI using SSHv2, with
the syslog server and if configured with the NTP server and external authentication server
using IPsec.
1.8 Excluded Functionality
The Cisco IOS contains a collection of features that build on the core components of the
system. Those features that are not within the scope of the evaluated configuration
include:
Features that must remain disabled in the evaluated configuration:
HTTP or HTTPS Server - The IOS web server (using HTTPS or HTTP) cannot
satisfy all the NDPP requirements for administrative interfaces and must remain
disabled in the evaluated configuration. The CLI interface is used to manage the
TOE. Not including this feature does not interfere with the management of TOE
as defined in the Security Target or the operation of the TOE.
IEEE 802.11 Wireless Standards requires additional hardware beyond what is
included in the evaluated configuration.
SNMP Server does not enforce the required user-specific authentication. This
feature is disabled by default and must remain disabled in the evaluated
8
The cryptographic module, which is security relevant, implements support for cryptographic operations
used by other parts of the TOE.
28
11 March 2014
8
.
Hide quick links:
Advertisement
Table of Contents
