Cisco Cat4K NDPP ST
11 March 2014
EDCS-1228241
8
Acronyms /
Abbreviations
Definition
UDP
User Datagram Protocol
VACL
Virtual Access Control List
VLAN
Virtual Local Area Network
VSS
Virtual Switching System
1.3
TOE Overview
The TOE is the Cisco Catalyst 4500 Series Switches (4503-E, 4506-E, 4507R+E,
4510R+E, 4500X and 4500X-F) running IOS XE 3.5.2E (herein after referred to as
Catalyst Switches). The TOE is a purpose-built, switching and routing platform with OSI
Layer2 and Layer3 traffic filtering capabilities.
Cisco IOS is a Cisco-developed highly configurable proprietary operating system that
provides for efficient and effective routing and switching. Although IOS performs many
networking functions, this Security Target only addresses the functions that provide for
the security of the TOE itself as described in Section 1.7 TOE logical scope below.
1.3.1 TOE Evaluated Configuration
The TOE consists of any one of a number of hardware configurations, each running the
same version of IOS XE software. The Catalyst 4500 Series Switches chassis provides
power, cooling, and backplane for the Supervisor Engine, line cards, and service modules
(SM)
1
. The Supervisor Engines run the IOS XE software. The evaluated configurations
consist of the following components (e.g. at least one of the listed chassis, at least one
supervisor card running IOS-XE 3.5.2E software and at least one line card):
Table 3 Evaluated Configuration
TOE
One or more WS-C4503-E, WS-C4506-E, WS-E, WS-E,
WS-C4500X-32SFP+, WS-C4500X-F-32SFP+, WS-C4500X-16SFP+, WS-
C4500X-F-16SFP+, WS-C4500X-24X-ES, 4500X-24X-IPB, or WS-
C4500X-40X-ES Switch Chassis (Two chassis configured support High
Availability)
One or more supervisors cards (WS-X45-SUP7-E, WS-X45-Sup7L-E) or
dual supervisor cards (WS-X45-SUP7-E, WS-X45-Sup7L-E) per chassis
(Two Supervisor cards in one chassis provides failover), each supervisor
card running IOS XE 3.5.2E (FIPS validated) software
With one or more of the following line cards:
WS-X4748-RJ45V+E
WS-X4712-SFP+E
1
No specific service modules, such as the Firewall Blade, Wireless Service and Network Analysis being
claimed in the evaluated configuration as they require additional license