Cisco Cat4K NDPP ST
11 March 2014
EDCS-1228241
23
Serial port, and
Compact Flash Slot
In addition to the communication interfaces above, the TOE includes a number of LEDs
and power connectors. The LEDs are output elements only, and while the power
connectors provide physical input they are not considered TOE interfaces.
1.6.1 USB Console Port
The USB Interface is a physical port on the Supervisor card. The interface allows a
management console to be connected to the TOE as a USB device whereas an
Administrator can authenticate to the TOE and issue commands to the TOEs CLI.
Physical access to the port is protected by operational environment of the switch.
1.6.2 Network Ports
The physical network interfaces to the switch are Ethernet interfaces receiving and
transmitting Internet Protocol datagrams as specified in RFC 0894 [Ethernet], RFC 0791
[IPv4], and RFC 2460 [IPv6]. Over this physical interface network traffic packets are
transferred into and out of the TOE. The physical network interface (ports) can be
located on the supervisor card and/or the line cards.
The network interface is the physical Ethernet interface to the TOE from the internal and
external networks. Within the scope of the evaluation, this interface is used for the
following purposes:
For network traffic entering and leaving the TOE. This could be ‘through traffic’
for example a telnet packet from a user destined from an internal network to an
external network, or ‘to the box traffic’ for example an external ping to the TOE’s
IP address.
To allow a remote Administrator to access the TOE’s CLI over the network using
SSHv2.
To allow the audit log records to be transmitted to the syslog server via IPsec
connection tunnel.
To allow, if configured, time synchronization with the NTP server via secure
transmission (SSHv2, IPsec).
To allow, if configured, the TOE access to the AAA server to authenticate TOE
administrators.
1.6.3 Serial Port
From a directly connected terminal an Administrator can authenticate to the TOE and
issue commands to the TOEs CLI. This interface can also be configured to display
syslog messages to the console.