EasyManua.ls Logo

Zte ZXR10 M6000 Series - Fdp_Uit.1; Fia_Afl.1; Fia_Sos.1

Zte ZXR10 M6000 Series
57 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Chapter5SECURITYREQUIREMENTS
FDP_IFF.1.5TheTSFshallexplicitlydenyaninformationowbasedonthefollowing
rules:[none].
5.1.2.10FDP_UIT.1Dataexchangeintegrity
FDP_UIT.1.1TheTSFshallenforce
the[assignment:accesscontrolSFP(s)and/or
informationowcontrolSFP(s)]totransmitandreceiveroutingdatato/fromtrustedrouters
inamannerprotectedfrommodication,insertionandreplayerrors
ApplicationNote:inordertoprotecttheroutingdatafrommodication,insertionand
replayerror,OnlyRIPv2,OSPFv2mode2,IS-ISandBGPv4routingprotocolsareallowed
toensuretheintegrity.Thereisnoneedtoprotectthecondentialityoftheroutingdata.
5.1.2.11FIA_AFL.1Authenticationfailurehandling
FIA_AFL.1.1TheTSFshalldetectwhen[anadministratorcongurablepositive
integer(withinarangeofvalues316)]unsuccessfulauthenticationattemptsoccur
relatedtoanyclaimedadministratorIDattemptingtoauthenticatetotheTOE.
FIA_AFL.1.2Whenthedenednumberofunsuccessfulauthenticationattemptshas
been[met],theTSFshall[attheoptionoftheAdministratorpreventtheadministrators
excepttheadministratorfromperformingactivitiesthatrequireauthenticationuntilan
actionistakenbytheAdministrator,oruntilanAdministratordenedtimeperiod(withina
rangeofvalues1-1440minutes)haselapsed].
5.1.2.12FIA_SOS.1Verificationofsecrets
FIA_SOS.1.1TheTSFshallprovideamechanismtoverifythatsecretsmeet:
1.aminimumlength(characters)default6andwithinarangeof3-32;
2.Complexityrequirements:[numeric][special-character][mixed-case]
a.i:atleastone(1)numericcharactermustbepresentinthepassword;and
b.ii)atleastone(1)specialcharactermustbepresentinthepassword.Special
charactersinclude:~!@#$%^&*()_+|{}:”<>?`-=\[];’
c.iii)atleastone(1)upperandone(1)lowercasecharacter
3.Anadministratordenednumberofdaysanadministratorpasswordisvalidbefore
theadministratormustchangetheirpassword.Thisparametershallbeusedtoforce
theadministratortochangethepasswordattheconguredinterval.Themaximum
numberofdaysthepasswordisvalidshallbedenablewithinarangeofvaluesof15
365.
4.Eithertheadministratormustchangehispasswordattherstlogin,orthe
administratorisnotforcedtochangehispasswordattherstlogin,asconguredby
theadministrator]
ApplicationNote:theTOEcannotenforcethisSFRwhenperformingremote
authenticationwithRADIUS/TACACS+server.
5-7
SJ-20110815105844-030|2011/08/19R1.6ZTECORPORATION

Table of Contents

Related product manuals