Security Target
Version 1.1
2022-03-08
33
6
TOE Summary Specification
This chapter describes the following security functions:
•
Security Audit
•
User Data Protection
•
Identification and authentication
•
Security management
•
Protection of the TSF
•
TOE Access
6.1
Security Audit (FAU_GEN.1)
The TOE logs security events such as start-up and shutdown of the audit functions; power cycle events,
self‐test failures
; peripheral device acceptance and rejections; and administrator actions (login, logout,
blacklist/whitelist configuration, password changes, and Reset to Factory Default events). Start-up and
shutdown of the audit functions occurs with startup and shutdown of the product. The audit function
cannot be started or stopped separately from the product. After a successful Administrator Logon, the
logs can be viewed in the text editor by entering the command [LIST].
The event logs are divided into two types: critical and non-critical. The Log Data Area displays the critical
and non-critical Log data. Each logged event is recorded with Date, Time, a code that indicates the type
of event and the outcome (success or failure) of the event. The critical audit events recorded and
identified in the code include:
•
administrator logon events (login failed, last login ok),
•
administrator actions (password changes, Reset to Factory Default),
•
KVM locked due to Administr
ator’s failed attempts to login,
•
peripheral device rejections,
•
all failed self-tests except button jam.
Non-critical audit events include:
•
power-cycle events,
•
administrator logon ok and logout,
•
configuration of the whitelist/blacklist,
•
peripheral device acceptance,
•
button jam test failure, and
•
all passing self-tests.
During normal operation, the TOE provides administrator access to all audit records. IOGEAR's assistance
is required to read audit records from an inoperable switch.
