ZXR10M6000&T8000&8900ESecurityTarget
THREATDESCRIPTION
T.NO_PRIVILEGEAnunauthorizedusermaygainaccesstoinappropriatelyview,tamper,
modify,ordeleteTOESecurityFunctionalitydata.
T.MEDIATEAnunauthorizedentitymaysendimpermissibleinformationthrough
theTOEwhichresultsintheexploitationofresourcesonthenetwork.
T.NO_AUTH_SESSIONAusermaygainunauthorizedaccesstoanunattendedsessionand
altertheTOEsecurityconguration.
T.NO_AUTH_ACCESSAnunauthorizedusergainsmanagementaccesstotheTOEandalter
theTOEsecurityconguration.
3.2Assumption
Theassumptionsareorderedintothreegroups:PersonnelAssumptions,Physical
EnvironmentAssumptions,andOperationalAssumptions.
3.2.1PersonnelAssumptions
Table3-2PersonnelAssumption
ASSUMPTIONDESCRIPTION
A.NO_EVIL&TRAINTheauthorizedadministratorsarenotcareless,willfullynegligent,or
hostile,andwillfollowandabidebytheinstructionsprovidedbythe
TOEdocumentation,includingtheadministratorguidance;however,
theyarecapableoferror.Theadministratorsaretrainedinthe
appropriateuseoftheTOE.
3.2.2PhysicalEnvironmentAssumptions
Table3-3PhysicalAssumption
ASSUMPTIONDESCRIPTION
A.CONNECTIVITYAllTOEexternalinterfacesexceptforthenetworktrafc/datainterface
areattachedtotheinternal(trusted)network.Thisincludes:
1.RADIUS,TACACS+serverinterface(optional)
2.SNMP/SYSLOGinterface(required)
3.NTPinterface(required)
4.SSHinterfaceforremoteclient(atleastoneofthelocalor
remoteadministrationclientisrequired)
3-2
SJ-20110815105844-030|2011/08/19(R1.6)ZTECORPORATION
To Next Page
Loading...
