HP A-Series Especificaciones Pagina 12
- Pagina / 66
- Tabla de contenidos
- MARCADORES
Valorado. / 5. Basado en revisión del cliente
Security Target Version 1.02, 08/16/2013
12
queue management, semaphore management, time management, IPC, RPC, module loading management
and component management.
Underlying the main Comware components are the hardware-specific Board Support Package (BSP) and device
drivers to provide necessary abstractions of the hardware components for the higher-level software components.
The Comware software components are composed of subsystems designed to implement applicable functions. For
example there are subsystems dedicated to the security management interface. There are also subsystems dedicated
to the IPv4 and IPv6 network stacks as well as the applicable network protocols and forwarding, routing, etc.
From a security perspective, the TOE includes FIPS certified cryptographic algorithms that support IPsec, SSH and
also digital signatures used to protect the available remote management and to enable secure update capabilities of
the TOE. Otherwise, the TOE implements a wide range of network switching protocols and functions.
The various TOE devices include the same security functions. The salient differences between the devices are the
available ports and port adapters (supporting different pluggable modules), primarily representing differences in
numbers, types, and speeds of available network connections.
2.2.1 Intelligent Resilient Framework
As indicated above, multiple HP Network switch devices can be deployed as an IRF group. Each device in the IRF
group is directly connected to the other IRF group members using an IRF stack utilizing dedicated network
connections. One device in the group is designated as master and should that device fail a voting procedure ensues
to elect a new master among the remaining IRF group members.
All Network devices in the group share the same configuration, which is shared across the IRF connections when the
group is formed and later when configuration changes occur. Management of the IRF group can occur via any of the
IRF group members by an authorized administrator.
Once configured, the IRF group acts as a single, logical switch with a common configuration and will act to receive
and forward network traffic in accordance with that common configuration. When necessary, network traffic is
forwarded through the IRF connection in order to get the network traffic to and from the applicable physical
network connections used to attach other network peers or clients.
The IRF connections are not secured (e.g., using encryption) by the TOE, so the IRF group members must
necessarily be collocated and the IRF connections need to be as protected as the IRF group devices themselves.
2.2.2 Physical Boundaries
The TOE is a physical network rack-mountable appliance (or IRF connected group of appliances) that supports
modules that serve to offer a wide range of network ports varying in number, form factor (copper or fiber), and
performance (1 – 10 Gb). The list of applicable series and devices is provided in section 1.1 and the applicable
modules for each series are identified in section 2.1.
The TOE can be configured to rely on and utilize a number of other components in its operational environment.
SYSLOG server – to receive audit records when the TOE is configured to deliver them to an external log
server.
RADIUS and TACACS servers – The TOE can be configured to utilize external authentication servers.
SNMP server – The TOE can be configured to issue SNMP traps.
Certificate Authority (CA) server – The TOE can be configured to utilize digital certificates, e.g., for SSH
connections.
Management Workstation – The TOE supports CLI access and as such an administrator would need a
terminal emulator (supporting SSHv2) to utilize this administrative interface.
2.2.3 Logical Boundaries
This section summarizes the security functions provided by HP Network Switch:
- Switches Security Target 1
- 1.2 Conformance Claims 5
- 1.3 Conventions 6
- 2. TOE Description 6
- 2.1 TOE Overview 7
- 2.2 TOE Architecture 11
- 2.2.2 Physical Boundaries 12
- 2.2.3 Logical Boundaries 12
- 2.3 TOE Documentation 14
- 3.1 Organizational Policies 15
- 3.2 Threats 15
- 3.3 Assumptions 15
- 4. Security Objectives 17
- 5.1 Extended Requirements 19
- 5.2.1 Security audit (FAU) 20
- 5.2.7 TOE access (FTA) 25
- 5.3.1 Development (ADV) 27
- 5.3.4 Tests (ATE) 28
- 6.1 Security audit 42
- 6.2 Cryptographic support 42
- 6.3 User data protection 48
- 6.5 Security management 49
- 6.6 Protection of the TSF 50
- 6.7 TOE access 51
- 6.8 Trusted path/channels 51
- 8. Rationale 54
Relacionado con productos y manuales para Barebones Pc / Estación De Trabajo HP A-Series
Barebones Pc / Estación De Trabajo HP Compaq Presario,Presario 7AP135 Especificaciones
(213 paginas)
(213 paginas)
Barebones Pc / Estación De Trabajo HP All-in-One G1-2000 - Desktop PC Especificaciones rápidas
(43 paginas)
(43 paginas)
Barebones Pc / Estación De Trabajo HP Compaq Presario,Presario 5270 Información técnica
(146 paginas)
(146 paginas)
© 2020, manymanuals.es. Todos los derechos reservados | 0.054 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales