ZXR10M6000&T8000&8900ESecurityTarget
4.2SECURITYOBJECTIVESFORTHEENVIRONMENT
ThefollowingITsecurityobjectivesfortheenvironmentaretobeaddressedbythe
operationalenvironmentviatechnicalmeans.
Table4-2SecurityObjectivefortheenvironment
OBJECTIVESDESCRIPTION
OE.TIMESNTPservermustbeavailabletoprovideaccurate/synchronizedtime
servicestotheTOE.
OE.CONNECTIVITYAllTOEexternalinterfacesexceptforthenetworktrafc/datainterface
areattachedtotheinternal(trusted)network.Thisincludes:
1.RADIUS,TACACS+serverinterface(optional)
2.SNMP ,SYSLOGinterface(required)
3.NTPinterface(required)
4.SSHinterfaceforremoteclient(atleastoneofthelocalor
remoteadministrationclientisrequired)
OE.NO_EVIL&TRAINTheauthorizedadministratorsarenotcareless,willfullynegligent,or
hostile,andwillfollowandabidebytheinstructionsprovidedbythe
TOEdocumentation,includingtheadministratorguidance;however,
theyarecapableoferror.Theadministratorsaretrainedinthe
appropriateuseoftheTOE.
OE.PHYSICALTheoperationalenvironmentprovidestheTOEwithappropriate
physicalsecuritytopreventunauthorizedphysicalaccess,
commensuratewiththevalueoftheITassetsprotectedbytheTOE
anduninterruptiblepower,temperaturecontrolrequiredforreliable
operation.
OE.USERSAlladministratorsareassessedfortheirtrustworthiness,and
administratorconnectivitytotheTOEisrestricted.Non-administrative
entitiesmayhavetheirpacketsroutedbytheTOE,butthatisthe
extentoftheirauthorizationtotheTOE'sresources.
OE.AUDIT_REVIEWTheSYSLOG/SNMPserverwillprovidetheprivilegedadministrators
andauthenticationadministratorsthecapabilitytoreviewAuditdata
storedinthelogserversandwillrestrictauditreviewtoadministrators
whohavebeengrantedexplicitread-access.
4-2
SJ-20110815105844-030|2011/08/19(R1.6)ZTECORPORATION
To Next Page
Loading...
