Cisco IPS4345 Manual de usuario descargar pdf (Pagina 53)

Cisco Intrusion Prevention System Security Target

53

Section

Exceptions to

Shall/Shall Not

Statement(s)

Should (Not)

Statements

1

TOE

Compliant?

Rationale

6.1.2 Each Party

Generates an Ephemeral

Key Pair; No Static

Keys are Used, C(2, 0)

None.

None.

Yes

N/A

6.1.2.1 dhEphem, C(2,

0, FFC DH)

None.

None.

Yes

N/A

6.1.2.2 Ephemeral

Unified Model, C(2, 0,

ECC CDH)

N/A, no ECC in use.

None.

N/A

TOE does not use ECC.

6.1.2.3 Rationale for

Choosing a C(2, 0)

Scheme

N/A, no shall

statements

None.

Yes

N/A

6.2 Schemes Using

One Ephemeral Key

Pair, C(1)

N/A, no shall

statements

None.

N/A

N/A, TOE uses C(2,0)

6.2.1 Initiator Has a

Static Key Pair and

Generates an Ephemeral

Key Pair; Responder

Has a Static Key Pair,

C(1, 2)

None.

None.

N/A

N/A, TOE uses C(2,0)

6.2.1.1

dhHybridOneFlow, C(1,

2, FFC DH)

None.

None.

N/A

N/A, TOE uses C(2,0)

6.2.1.2 One-Pass

Unified Model, C(1, 2,

ECC CDH)

N/A, no ECC in use.

None.

N/A

TOE does not use ECC.

TOE would use C(2,0)

6.2.1.3 MQV1, C(1, 2,

FFC MQV)

None.

None.

N/A

N/A, TOE uses C(2,0)

6.2.1.4 One-Pass

MQV, C(1, 2, ECC

MQV)

N/A, no ECC in use.

None.

N/A

TOE does not use ECC.

TOE would use C(2,0)

6.2.1.5 Rationale for

Choosing a C(1, 2)

Scheme

N/A, no shall

statements

None.

N/A

N/A, TOE uses C(2,0)

6.2.2 Initiator

Generates Only an

Ephemeral Key Pair;

Responder Has Only a

Static Key Pair, C(1, 1)

None.

None.

N/A

N/A, TOE uses C(2,0)

6.2.2.1 dhOneFlow,

C(1, 1, FFC DH)

None.

None.

N/A

N/A, TOE uses C(2,0)

6.2.2.2 One-Pass

Diffie-Hellman, C(1, 1,

ECC CDH)

N/A, no ECC in use.

None.

N/A

TOE does not use ECC.

TOE would use C(2,0)

6.2.2.3 Rationale in

Choosing a C(1, 1)

Scheme

N/A, no shall

statements

None.

N/A

N/A, TOE uses C(2,0)

6.3 Scheme Using No

Ephemeral Key Pairs,

None.

None.

N/A

N/A, TOE uses C(2,0)

1 2 ... 48 49 50 51 52 53 54 55 56 57 58 59 60 61

Comentarios a estos manuales

Sin comentarios