Security audit, 1 security audit – Nortel Networks Nortel Network VPN Router and Client Workstation 7.05 User Manual
Page 43
Security Target, Version 3.9
March 18, 2008
Nortel VPN Router v7.05 and Client Workstation v7.11
Page 43 of 67
© 2008 Nortel Networks
TOE Security
Function
SFR ID
Description
FMT_MSA.3(b)
Static Attribute Initialization
FMT_MSA.3(c)
Static Attribute Initialization
FMT_SMF.1
Specification of Management Functions
FMT_SMR.1
Security Roles
Protection of the TSF
FPT_AMT.1
Abstract Machine Testing
FPT_RPL.1
Replay Detection
FPT_TST.1
TSF Testing
Trusted Path/Channels FTP_TRP.1
Trusted Path
6.1.1 Security Audit
The TOE generates five types of audit data:
Accounting Logs
The Accounting Log records the following data about user sessions:
Last name
First name
User ID
Tunnel type
Session start date
Session end date
Number of packets transferred
Number of bytes transferred
Security Log
The Security Log records data about both successful and failed system and user security
events. The audited events include:
Authentication and authorization events
Tunnel or administration requests
Encryption and decryption, authentication, or compression
Hours of access
Number of session violations
Communications with servers
LDAP
RADIUS
Configuration Log
The Configuration Log records data about configuration changes, including the addition,
modification, or deletion of:
Group or user profiles
Local Area Network (LAN or Wide Area Network (WAN) interfaces
Filters
System access hours
Shutdown or startup policies
File maintenance or backup policies