Nortel Networks Nortel Network VPN Router and Client Workstation 7.05 User Manual
Page 54
Security Target, Version 3.9
March 18, 2008
Nortel VPN Router v7.05 and Client Workstation v7.11
Page 54 of 67
© 2008 Nortel Networks
TE.PHYSICAL An attacker may physically attack the Hardware appliance in order to compromise its
secure operation.
The environment ensures that the TOE is physically protected so that only TOE users who possess
the appropriate privileges have access (OE.PHYS-SEC).
OE.PHYS-SEC ensures that this threat is removed.
TE.AUDIT_FAILURE An attacker may conduct an undetected attack on the information protected by the
TOE as a result of unreliable time stamps used by the audit mechanism, which may result in
failure to prevent further attacks using the same method.
The environment ensures that reliable timestamps are provided for the time-stamping of audit
events (OE.TIME).
OE.TIME ensures that this threat is removed.
TE.BAD_CERT An attacker may successfully authenticate to the VPN Router using a revoked, expired or
untrusted certificate in order to gain access to information residing on the private network.
The environment ensures that the required certificate infrastructure is provided so that the validity
of certificates can be verified. The Environment also ensures that the chosen infrastructure is
maintained so that certificates have their state accurately provided to the TOE
(OE.CERTIFICATE). The TOE provides functionality that enables only authorized user to
establish VPN sessions with the TOE using IPSec protocol (O.FUNCTIONS).
OE.CERTIFICATE and O.FUNCTIONS ensure that this threat is removed.
A.TRAINED-ADMIN
It is Assumed that administrators will be trained in the secure use of the TOE and
will follow the policies and procedures defined in the TOE documentation for secure
administration of the TOE. Administrators are assumed to be non-hostile.
Those responsible for the TOE ensure that the TOE users are trained to establish and maintain
sound security policies and practices (OE.TRAINED).
OE.TRAINED satisfies this assumption.
A.TIMESTAMPS
It is assumed that the TOE relies on the operating environment of TOE which
provides the accurate clock time to maintain an accurate time stamp for audit events.
Administrators are responsible for the maintenance of a reliable time source to provide
accurate time for use with audit operations.
The environment ensures that reliable timestamps are provided for the time-stamping of audit
events (OE.TIME).
OE.TIME satisfies this assumption.
A.PHYSICAL It is assumed that the TOE may be susceptible to physical attacks by an attacker. It is
assumed that the TOE will be housed within a physically secure environment in order to
mitigate this risk.
The environment ensures that the TOE is physically protected so that only TOE users who possess
the appropriate privileges have access (OE.PHYS-SEC).
OE.PHYS-SEC satisfies this assumption.
A.CERTIFICATE
It is assumed that the environment will provide the necessary infrastructure to
ensure that certificates can be validated when digital certificates are used for authentication.