Cisco Email Security Appliance Security Target .Cisco Email Security Appliance Security Target 2

  • View
    217

  • Download
    1

Embed Size (px)

Text of Cisco Email Security Appliance Security Target .Cisco Email Security Appliance Security Target 2

  • Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA 2014 Cisco Systems, Inc. All rights reserved.

    Cisco Email Security Appliance

    Security Target Version 1.0 October 2014

  • Cisco Email Security Appliance Security Target

    2

    Table of Contents

    1 SECURITY TARGET INTRODUCTION ................................................................................ 8 1.1 ST and TOE Reference ...................................................................................................... 8 1.2 TOE Overview ................................................................................................................... 8

    1.2.1 TOE Product Type ...................................................................................................... 8 1.2.2 Supported non-TOE Hardware/ Software/ Firmware ................................................. 9

    1.3 TOE DESCRIPTION ....................................................................................................... 10 1.4 TOE Evaluated Configuration ......................................................................................... 12 1.5 Physical Scope of the TOE .............................................................................................. 13 1.6 Logical Scope of the TOE................................................................................................ 16

    1.6.1 Security Audit ........................................................................................................... 16 1.6.2 Cryptographic Support .............................................................................................. 16 1.6.3 Full Residual Information Protection........................................................................ 17 1.6.4 Identification and authentication............................................................................... 17 1.6.5 Security Management ............................................................................................... 18 1.6.6 Protection of the TSF ................................................................................................ 18 1.6.7 TOE Access .............................................................................................................. 18 1.6.8 Trusted path/Channels .............................................................................................. 19

    1.7 Excluded Functionality .................................................................................................... 19 2 Conformance Claims ............................................................................................................... 20

    2.1 Common Criteria Conformance Claim ............................................................................ 20 2.2 Protection Profile Conformance ...................................................................................... 20 2.3 Protection Profile Conformance Claim Rationale ........................................................... 20

    2.3.1 TOE Appropriateness................................................................................................ 20 2.3.2 TOE Security Problem Definition Consistency ........................................................ 20 2.3.3 Statement of Security Requirements Consistency .................................................... 20

    3 SECURITY PROBLEM DEFINITION .................................................................................. 22 3.1 Assumptions ..................................................................................................................... 22 3.2 Threats.............................................................................................................................. 22 3.3 Organizational Security Policies ...................................................................................... 23

    4 SECURITY OBJECTIVES ..................................................................................................... 24 4.1 Security Objectives for the TOE ...................................................................................... 24 4.2 Security Objectives for the Environment ......................................................................... 25

    5 SECURITY REQUIREMENTS .............................................................................................. 26 5.1 Conventions ..................................................................................................................... 26 5.2 TOE Security Functional Requirements .......................................................................... 26 5.3 SFRs Drawn from NDPP ONLY ..................................................................................... 27

    5.3.1 Security audit (FAU)................................................................................................. 27 5.3.2 Cryptographic Support (FCS) ................................................................................... 29 5.3.3 User data protection (FDP) ....................................................................................... 31 5.3.4 Identification and authentication (FIA) .................................................................... 31 5.3.5 Security management (FMT) .................................................................................... 32 5.3.6 Protection of the TSF (FPT) ..................................................................................... 33 5.3.7 TOE Access (FTA) ................................................................................................... 33

  • Cisco Email Security Appliance Security Target

    3

    5.3.8 Trusted Path/Channels (FTP) .................................................................................... 34 5.4 TOE SFR Dependencies Rationale for SFRs Found in NDPP ........................................ 35 5.5 Security Assurance Requirements ................................................................................... 35

    5.5.1 SAR Requirements.................................................................................................... 35 5.5.2 Security Assurance Requirements Rationale ............................................................ 35

    5.6 Assurance Measures......................................................................................................... 35 6 TOE Summary Specification ................................................................................................... 37

    6.1 TOE Security Functional Requirement Measures ........................................................... 37 Annex B: References ..................................................................................................................... 47

  • Cisco Email Security Appliance Security Target

    4

    List of Tables TABLE 1 ACRONYMS............................................................................................................................................................................................ 5 TABLE 2 TERMINOLOGY ..................................................................................................................................................................................... 6 TABLE 3 ST AND TOE IDENTIFICATION .......................................................................................................................................................... 8 TABLE 4 IT ENVIRONMENT COMPONENTS ...................................................................................................................................................... 9 TABLE 5 TOE MODELS AND SPECIFICATIONS ............................................................................................................................................... 14 TABLE 6 FIPS REFERENCES ............................................................................................................................................................................. 16 TABLE 7 TOE PROVIDED CRYPTOGRAPHY ................................................................................................................................................... 17 TABLE 8 EXCLUDED FUNCTIONALITY ............................................................................................................................................................ 19 TABLE 9 PROTECTION PROFILES ..................................................................................................................................................................... 20 TABLE 10 TOE ASSUMPTIONS ........................................................................................................................................................................ 22 TABLE 11 THREATS .......................................................................................................................................................................................... 22 TABLE 12 ORGANIZATIONAL SECURITY POLICIES ....................................................................................................................................... 23 TABLE 13 SECURITY OBJECTIVES FOR THE TOE .......................................................................................................................................... 24 TABLE 14 SECURITY OBJECTIVES FOR THE ENVIRONMENT ........................................................................................................................ 25 TABLE 15 SECURITY FUNCTIONAL REQUIREMENTS.................................................................................................................................... 26 TABLE 16 AUDITABLE EVENTS ......................