{"product_id":10488,"v_id":10488,"product_name":"Cisco Catalyst Switches (3560X and  3750X) running IOS 15.0(1)SE2","certification_status":"Not Certified","certification_date":"2012-06-19T00:06:00Z","tech_type":"Network Switch","vendor_id":{"name":"Cisco Systems, Inc.","website":"https://www.cisco.com"},"vendor_poc":null,"vendor_phone":"+1 410 309 4862","vendor_email":"certteam@cisco.com","assigned_lab":{"cctl_name":"Leidos Common Criteria Testing Laboratory"},"product_description":"<p>The Target of Evaluation (TOE) is Cisco Catalyst Switches (3560-X and 3750-X) running IOS 15.0(1)SE2.&nbsp; The following models were evaluated for the 3560-X configuration:</p>\r\n<p>&nbsp;</p>\r\n<table border=\"1\" cellspacing=\"0\" cellpadding=\"0\">\r\n<thead> \r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p><strong>Feature Set</strong></p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p><strong>Models</strong></p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p><strong>Total 10/100/1000</strong></p>\r\n<p><strong>Ethernet Ports</strong></p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p><strong>Default AC Power Supply</strong></p>\r\n<p><strong>&nbsp;</strong></p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p><strong>Available PoE Power</strong></p>\r\n</td>\r\n</tr>\r\n</thead> \r\n<tbody>\r\n<tr>\r\n<td rowspan=\"5\" width=\"118\" valign=\"top\">\r\n<p>LAN Base</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3560-X-24T-L/Standalone</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>350W</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>-</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3560-X-48T-L/Standalone</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>&nbsp;</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>&nbsp;</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3560-X-24P-L/Standalone</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24 PoE+</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>715W</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>435W</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3560-X-48P-L/Standalone</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48 PoE+</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>&nbsp;</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>&nbsp;</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3560-X-48PF-L/Standalone</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48 PoE+</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>1100W</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>800W</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td rowspan=\"5\" width=\"118\" valign=\"top\">\r\n<p>IP Base</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3560-X-24T-S/Standalone</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>350W</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>-</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3560-X-48T-S/Standalone</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>&nbsp;</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>&nbsp;</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3560-X-24P-S/Standalone</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24 PoE+</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>715W</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>435W</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3560-X-48P-S/Standalone</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48 PoE+</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>&nbsp;</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>&nbsp;</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3560-X-48PF-S/Standalone</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48 PoE+</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>1100W</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>800W</p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n<p class=\"Body\">&nbsp;</p>\r\n<p class=\"Body\">The following models were evaluated for the 3750-X configuration:</p>\r\n<table border=\"1\" cellspacing=\"0\" cellpadding=\"0\">\r\n<thead> \r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p><strong>Feature    Set</strong></p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p><strong>Models</strong></p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p><strong>Total    10/100/1000</strong></p>\r\n<p><strong>Ethernet    Ports</strong></p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p><strong>Default    AC Power Supply</strong></p>\r\n<p><strong>&nbsp;</strong></p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p><strong>Available    PoE Power</strong></p>\r\n</td>\r\n</tr>\r\n</thead> \r\n<tbody>\r\n<tr>\r\n<td rowspan=\"5\" width=\"118\" valign=\"top\">\r\n<p>LAN Base</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-24T-L</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24</p>\r\n</td>\r\n<td rowspan=\"2\" width=\"118\">\r\n<p>350W</p>\r\n</td>\r\n<td rowspan=\"2\" width=\"118\">\r\n<p>-</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-48T-L</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-24P-L</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24 PoE+</p>\r\n</td>\r\n<td rowspan=\"2\" width=\"118\">\r\n<p>715W</p>\r\n</td>\r\n<td rowspan=\"2\" width=\"118\">\r\n<p>435W</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-48P-L</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48 PoE+</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-48PF-L</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48 PoE+</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>1100W</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>800W</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td rowspan=\"7\" width=\"118\" valign=\"top\">\r\n<p>IP Base</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-24T-S</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24</p>\r\n</td>\r\n<td rowspan=\"2\" width=\"118\">\r\n<p>350W</p>\r\n</td>\r\n<td rowspan=\"2\" width=\"118\">\r\n<p>-</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-48T-S</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-24P-S</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24 PoE+</p>\r\n</td>\r\n<td rowspan=\"2\" width=\"118\">\r\n<p>715W</p>\r\n</td>\r\n<td rowspan=\"2\" width=\"118\">\r\n<p>435W</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-48P-S</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48 PoE+</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-48PF-S</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48 PoE+</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>1100W</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>800W</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-12S-S</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>12 GE SFP</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>350W+</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>-</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-24S-S</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24 GE SFP</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>350W</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>-</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td rowspan=\"7\" width=\"118\" valign=\"top\">\r\n<p>IP Services</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-12S-E</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>12 GE SFP</p>\r\n</td>\r\n<td rowspan=\"4\" width=\"118\" valign=\"top\">\r\n<p>350W</p>\r\n</td>\r\n<td rowspan=\"4\" width=\"118\" valign=\"top\">\r\n<p>-</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-24S-E</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24 GE SFP</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-24T-E</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-48T-E</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-24P-E</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>24</p>\r\n</td>\r\n<td rowspan=\"2\" width=\"118\">\r\n<p>715W</p>\r\n</td>\r\n<td rowspan=\"2\" width=\"118\">\r\n<p>435W</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-48P-E</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td width=\"118\" valign=\"top\">\r\n<p>WS-C3750X-48PF-E</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>48</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>1100W</p>\r\n</td>\r\n<td width=\"118\" valign=\"top\">\r\n<p>800W</p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n<p class=\"Body\">&nbsp;</p>\r\n<p>The Catalyst Switches are available in three feature sets:</p>\r\n<ul>\r\n<li>LAN      Base: Enhanced Intelligent Services</li>\r\n<li>IP      Base: Baseline Enterprise Services</li>\r\n<li>IP Services:      Enterprise Services</li>\r\n</ul>\r\n<p>&nbsp;</p>\r\n<p>The LAN Base feature set offers enhanced intelligent services that include comprehensive Layer 2 features, with up-to 255 VLANs. The IP Base feature set provides baseline enterprise services in addition to all LAN Base features, with 1K VLANs. IP Base also includes the support for routed access, StackPower (available only on the Catalyst 3750-X).&nbsp; The IP Services feature set provides full enterprise services that include advanced Layer 3 features such as Border Gateway Protocol (BGP), Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), and Protocol Independent Multicast (PIM).</p>\r\n<p>The IP Services feature set is only available as an upgrade option at the time of ordering or through a license at a later time; there is no dedicated IP Services switch model.&nbsp; The Cisco Catalyst 3750-X Series Switches with LAN Base feature set can only stack with other Cisco Catalyst 3750-X Series LAN Base switches. A mixed stack of LAN Base switch with IP Base or IP Services features set is not supported.&nbsp; Customers can transparently upgrade the software feature set in the Cisco Catalyst 3750-X and 3560-X Series Switches through Cisco IOS&reg; Software activation. Software activation authorizes and enables the Cisco IOS Software feature sets. A special file contained in the switch, called a license file, is examined by Cisco IOS Software when the switch is powered on. Based on the license&rsquo;s type, Cisco IOS Software activates the appropriate feature set. License types can be changed, or upgraded, to activate a different feature set. For detailed information about Software Activation, visit http://www.cisco.com/go/sa.</p>","evaluation_configuration":null,"security_evaluation_summary":"<!--[if gte mso 9]><xml> <w:WordDocument> <w:View>Normal</w:View> <w:Zoom>0</w:Zoom> <w:TrackMoves /> <w:TrackFormatting /> <w:DoNotShowRevisions /> <w:DoNotPrintRevisions /> <w:DoNotShowMarkup /> <w:DoNotShowComments /> <w:DoNotShowInsertionsAndDeletions /> <w:DoNotShowPropertyChanges /> <w:PunctuationKerning /> <w:ValidateAgainstSchemas /> <w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid> <w:IgnoreMixedContent>false</w:IgnoreMixedContent> <w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText> <w:DoNotPromoteQF /> <w:LidThemeOther>EN-US</w:LidThemeOther> <w:LidThemeAsian>X-NONE</w:LidThemeAsian> <w:LidThemeComplexScript>X-NONE</w:LidThemeComplexScript> <w:Compatibility> <w:BreakWrappedTables /> <w:SnapToGridInCell /> <w:WrapTextWithPunct /> <w:UseAsianBreakRules /> <w:DontGrowAutofit /> <w:SplitPgBreakAndParaMark /> <w:DontVertAlignCellWithSp /> <w:DontBreakConstrainedForcedTables /> <w:DontVertAlignInTxbx /> <w:Word11KerningPairs /> <w:CachedColBalance /> </w:Compatibility> <m:mathPr> <m:mathFont m:val=\"Cambria Math\" /> <m:brkBin m:val=\"before\" /> <m:brkBinSub m:val=\"&#45;-\" /> <m:smallFrac m:val=\"off\" /> <m:dispDef /> <m:lMargin m:val=\"0\" /> <m:rMargin m:val=\"0\" /> <m:defJc m:val=\"centerGroup\" /> <m:wrapIndent m:val=\"1440\" /> <m:intLim m:val=\"subSup\" /> <m:naryLim m:val=\"undOvr\" /> </m:mathPr></w:WordDocument> </xml><![endif]--><!--[if gte mso 9]><xml> <w:LatentStyles DefLockedState=\"false\" DefUnhideWhenUsed=\"true\"   DefSemiHidden=\"true\" DefQFormat=\"false\" DefPriority=\"99\"   LatentStyleCount=\"267\"> <w:LsdException Locked=\"false\" Priority=\"0\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Normal\" /> <w:LsdException Locked=\"false\" Priority=\"9\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"heading 1\" /> <w:LsdException Locked=\"false\" Priority=\"9\" QFormat=\"true\" Name=\"heading 2\" /> <w:LsdException Locked=\"false\" Priority=\"9\" QFormat=\"true\" Name=\"heading 3\" /> <w:LsdException Locked=\"false\" Priority=\"9\" QFormat=\"true\" Name=\"heading 4\" /> <w:LsdException Locked=\"false\" Priority=\"9\" QFormat=\"true\" Name=\"heading 5\" /> <w:LsdException Locked=\"false\" Priority=\"9\" QFormat=\"true\" Name=\"heading 6\" /> <w:LsdException Locked=\"false\" Priority=\"9\" QFormat=\"true\" Name=\"heading 7\" /> <w:LsdException Locked=\"false\" Priority=\"9\" QFormat=\"true\" Name=\"heading 8\" /> <w:LsdException Locked=\"false\" Priority=\"9\" QFormat=\"true\" Name=\"heading 9\" /> <w:LsdException Locked=\"false\" Priority=\"39\" Name=\"toc 1\" /> <w:LsdException Locked=\"false\" Priority=\"39\" Name=\"toc 2\" /> <w:LsdException Locked=\"false\" Priority=\"39\" Name=\"toc 3\" /> <w:LsdException Locked=\"false\" Priority=\"39\" Name=\"toc 4\" /> <w:LsdException Locked=\"false\" Priority=\"39\" Name=\"toc 5\" /> <w:LsdException Locked=\"false\" Priority=\"39\" Name=\"toc 6\" /> <w:LsdException Locked=\"false\" Priority=\"39\" Name=\"toc 7\" /> <w:LsdException Locked=\"false\" Priority=\"39\" Name=\"toc 8\" /> <w:LsdException Locked=\"false\" Priority=\"39\" Name=\"toc 9\" /> <w:LsdException Locked=\"false\" Priority=\"35\" QFormat=\"true\" Name=\"caption\" /> <w:LsdException Locked=\"false\" Priority=\"10\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Title\" /> <w:LsdException Locked=\"false\" Priority=\"1\" Name=\"Default Paragraph Font\" /> <w:LsdException Locked=\"false\" Priority=\"11\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Subtitle\" /> <w:LsdException Locked=\"false\" Priority=\"22\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Strong\" /> <w:LsdException Locked=\"false\" Priority=\"20\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Emphasis\" /> <w:LsdException Locked=\"false\" Priority=\"59\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Table Grid\" /> <w:LsdException Locked=\"false\" UnhideWhenUsed=\"false\" Name=\"Placeholder Text\" /> <w:LsdException Locked=\"false\" Priority=\"1\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"No Spacing\" /> <w:LsdException Locked=\"false\" Priority=\"60\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Shading\" /> <w:LsdException Locked=\"false\" Priority=\"61\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light List\" /> <w:LsdException Locked=\"false\" Priority=\"62\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Grid\" /> <w:LsdException Locked=\"false\" Priority=\"63\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 1\" /> <w:LsdException Locked=\"false\" Priority=\"64\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 2\" /> <w:LsdException Locked=\"false\" Priority=\"65\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 1\" /> <w:LsdException Locked=\"false\" Priority=\"66\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 2\" /> <w:LsdException Locked=\"false\" Priority=\"67\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 1\" /> <w:LsdException Locked=\"false\" Priority=\"68\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 2\" /> <w:LsdException Locked=\"false\" Priority=\"69\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 3\" /> <w:LsdException Locked=\"false\" Priority=\"70\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Dark List\" /> <w:LsdException Locked=\"false\" Priority=\"71\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Shading\" /> <w:LsdException Locked=\"false\" Priority=\"72\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful List\" /> <w:LsdException Locked=\"false\" Priority=\"73\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Grid\" /> <w:LsdException Locked=\"false\" Priority=\"60\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Shading Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"61\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light List Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"62\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Grid Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"63\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 1 Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"64\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 2 Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"65\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 1 Accent 1\" /> <w:LsdException Locked=\"false\" UnhideWhenUsed=\"false\" Name=\"Revision\" /> <w:LsdException Locked=\"false\" Priority=\"34\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"List Paragraph\" /> <w:LsdException Locked=\"false\" Priority=\"29\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Quote\" /> <w:LsdException Locked=\"false\" Priority=\"30\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Intense Quote\" /> <w:LsdException Locked=\"false\" Priority=\"66\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 2 Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"67\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 1 Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"68\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 2 Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"69\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 3 Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"70\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Dark List Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"71\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Shading Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"72\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful List Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"73\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Grid Accent 1\" /> <w:LsdException Locked=\"false\" Priority=\"60\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Shading Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"61\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light List Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"62\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Grid Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"63\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 1 Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"64\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 2 Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"65\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 1 Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"66\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 2 Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"67\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 1 Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"68\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 2 Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"69\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 3 Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"70\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Dark List Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"71\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Shading Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"72\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful List Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"73\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Grid Accent 2\" /> <w:LsdException Locked=\"false\" Priority=\"60\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Shading Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"61\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light List Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"62\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Grid Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"63\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 1 Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"64\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 2 Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"65\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 1 Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"66\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 2 Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"67\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 1 Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"68\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 2 Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"69\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 3 Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"70\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Dark List Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"71\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Shading Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"72\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful List Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"73\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Grid Accent 3\" /> <w:LsdException Locked=\"false\" Priority=\"60\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Shading Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"61\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light List Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"62\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Grid Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"63\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 1 Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"64\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 2 Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"65\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 1 Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"66\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 2 Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"67\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 1 Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"68\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 2 Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"69\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 3 Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"70\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Dark List Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"71\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Shading Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"72\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful List Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"73\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Grid Accent 4\" /> <w:LsdException Locked=\"false\" Priority=\"60\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Shading Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"61\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light List Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"62\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Grid Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"63\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 1 Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"64\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 2 Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"65\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 1 Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"66\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 2 Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"67\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 1 Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"68\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 2 Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"69\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 3 Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"70\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Dark List Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"71\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Shading Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"72\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful List Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"73\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Grid Accent 5\" /> <w:LsdException Locked=\"false\" Priority=\"60\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Shading Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"61\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light List Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"62\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Light Grid Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"63\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 1 Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"64\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Shading 2 Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"65\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 1 Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"66\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium List 2 Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"67\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 1 Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"68\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 2 Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"69\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Medium Grid 3 Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"70\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Dark List Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"71\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Shading Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"72\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful List Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"73\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" Name=\"Colorful Grid Accent 6\" /> <w:LsdException Locked=\"false\" Priority=\"19\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Subtle Emphasis\" /> <w:LsdException Locked=\"false\" Priority=\"21\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Intense Emphasis\" /> <w:LsdException Locked=\"false\" Priority=\"31\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Subtle Reference\" /> <w:LsdException Locked=\"false\" Priority=\"32\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Intense Reference\" /> <w:LsdException Locked=\"false\" Priority=\"33\" SemiHidden=\"false\"    UnhideWhenUsed=\"false\" QFormat=\"true\" Name=\"Book Title\" /> <w:LsdException Locked=\"false\" Priority=\"37\" Name=\"Bibliography\" /> <w:LsdException Locked=\"false\" Priority=\"39\" QFormat=\"true\" Name=\"TOC Heading\" /> </w:LatentStyles> </xml><![endif]--><!--[if !mso]>\r\n<object  classid=\"clsid:38481807-CA0E-42D2-BF39-B33AF135CC4D\" id=ieooui>\r\n</object>\r\n<style>\r\nst1\\:*{behavior:url(#ieooui) }\r\n</style>\r\n<![endif]--><!--[if gte mso 10]>\r\n<style>\r\n /* Style Definitions */\r\n table.MsoNormalTable\r\n\t{mso-style-name:\"Table Normal\";\r\n\tmso-tstyle-rowband-size:0;\r\n\tmso-tstyle-colband-size:0;\r\n\tmso-style-noshow:yes;\r\n\tmso-style-priority:99;\r\n\tmso-style-qformat:yes;\r\n\tmso-style-parent:\"\";\r\n\tmso-padding-alt:0in 5.4pt 0in 5.4pt;\r\n\tmso-para-margin-top:0in;\r\n\tmso-para-margin-right:0in;\r\n\tmso-para-margin-bottom:10.0pt;\r\n\tmso-para-margin-left:0in;\r\n\tline-height:115%;\r\n\tmso-pagination:widow-orphan;\r\n\tfont-size:11.0pt;\r\n\tfont-family:\"Calibri\",\"sans-serif\";\r\n\tmso-ascii-font-family:Calibri;\r\n\tmso-ascii-theme-font:minor-latin;\r\n\tmso-hansi-font-family:Calibri;\r\n\tmso-hansi-theme-font:minor-latin;}\r\n</style>\r\n<![endif]-->\r\n<p class=\"MsoNormal\" style=\"text-align: justify;\">The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which Cisco Catalyst Switches (3560-X and 3750-X) TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 3.<span>&nbsp; </span>The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 3.<span>&nbsp; </span>Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is EAL 2 augmented with ALC_FLR.2 and ALC_DVS.1.<span>&nbsp; </span>The product, when delivered configured as identified in <em>Cisco Catalyst Switches (3560-X and 3750-X)<span>&nbsp; </span>Common Criteria Operational User Guidance and Preparative Procedures </em>document, satisfies all of the security functional requirements stated in the Cisco Catalyst Switches (3560-X and 3750-X) Security Target (Version 1.0). The project underwent one Validation Oversight Panel (VOR) panel review.<span>&nbsp; </span>The evaluation was completed in June 2011.<span>&nbsp; </span>Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, (report number CCEVS-VR-10488-2012, dated June 2012) prepared by CCEVS.</p>\r\n<p>&nbsp;</p>","environmental_strengths":"<p>The logical boundaries of Cisco Catalyst Switches (3560-X and 3750-X) TOE are realized in the security functions that it implements. These security functions are realized at the network interfaces that service clients and via the administrator commands. Each of these security functions is summarized below.</p>\r\n<p>&nbsp;</p>\r\n<p><strong>Security audit - </strong>The TOE generates a comprehensive set of audit logs that identify specific TOE operations. For each event, the TOE records the date and time of each event, the type of event, the subject identity, and the outcome of the event. Auditable events include; modifications to the group of users that are part of the authorized administrator roles (assigned the appropriate privilege level), all use of the user identification mechanism, any use of the authentication mechanism, any change in the configuration of the TOE, any matching of packets to access control entries in ACLs when traversing the TOE; and any failure of a packet to match an access control list (ACL) rule allowing traversal of the TOE.&nbsp; The TOE will write audit records to the local logging buffer by default and can be configured to send audit data via syslog to a remote audit server, or display to the local console.&nbsp; The TOE does not have an interface to modify audit records, though there is an interface available for the authorized administrator to delete audit data stored locally on the TOE.</p>\r\n<p>&nbsp;</p>\r\n<p><strong>Cryptographic support - </strong>The TOE provides cryptography support for secure communications and protection of information when configure in FIPS mode.&nbsp; The crypto module is FIPS 140-2 SL2 validated.&nbsp; The cryptographic services provided by the TOE include: symmetric encryption and decryption using AES; digital signature using RSA; cryptographic hashing using SHA1; and keyed-hash message authentication using HMAC-SHA1. In the evaluated configuration, the TOE must be in FIPS mode.&nbsp; The TOE also implements SSHv2 secure protocol for secure remote administration.</p>\r\n<p>&nbsp;</p>\r\n<p><strong>Traffic Filtering and Switching (VLAN Processing and ACLs) - </strong>VLANs control whether Ethernet frames are passed through the switch interfaces based on the VLAN tag information in the frame header.&nbsp; IP ACLs or ICMP ACLs control whether routed IP packets are forwarded or blocked at Layer 3 TOE interfaces (interfaces that have been configured with IP addresses). VACLs (using access mapping) control whether non-routed frames (by inspection of MAC addresses in the frame header) and packets (by inspection of IP addresses in the packet header) are forwarded or blocked at Layer 2 ports assigned to VLANs. The TOE examines each frame and packet to determine whether to forward or drop it, on the basis of criteria specified within the VLANs access lists and access maps applied to the interfaces through which the traffic would enter and leave the TOE. For those interfaces configured with Layer-3 addressing the ACLs can be configured to filter IP traffic using: the source address of the traffic; the destination address of the traffic; and the upper-layer protocol identifier. Layer-2 interfaces can be made part of Private VLANs (PVLANs), to allow traffic to pass in a pre-defined manner among a primary, and secondary (&lsquo;isolated&rsquo; or &lsquo;community&rsquo;) VLANs within the same PVLAN.</p>\r\n<p>&nbsp;</p>\r\n<p>VACL access mapping is used to match IP ACLs or MAC ACLs to the action to be taken by the TOE as the traffic crosses the interface, causing the packet to be forwarded or dropped. The traffic is matched only against access lists of the same protocol type; IP packets can be matched against IP access lists, and any Ethernet frame can be matched against MAC access lists.&nbsp; Both IP and MAC addresses can be specified within the VLAN access map.</p>\r\n<p>&nbsp;</p>\r\n<p>Use of Access Control Lists (ACLs) also allows restriction of remote administration connectivity to specific interfaces of the TOE so that sessions will only be accepted from approved management station addresses identified as specified by the administrator.</p>\r\n<p>&nbsp;</p>\r\n<p>The TOE supports routing protocols including BGP, EIGRP, PIM, and OSPF to maintain routing tables, or routing tables can configured and maintained manually.&nbsp; Since routing tables are used to determine which egress ACL is applied, the authority to modify the routing tables is restricted to authenticated administrators, and authenticated neighbor routers.&nbsp; The only aspects of routing protocols that are security relevant in this TOE is the TOE&rsquo;s ability to authentication neighbor routers using shared passwords.&nbsp; Other security features and configuration options of routing protocols are beyond the scope of this Security Target and are described in administrative guidance.&nbsp; The TOE supports VACLs (VLAN ACLs), which can filter traffic traversing VLANs on the TOE based on IP addressing and MAC addressing.</p>\r\n<p>&nbsp;</p>\r\n<p>The TOE also ensures that packets transmitted from the TOE do not contain residual information from previous packets.&nbsp; Packets that are not the required length use zeros for padding so that residual data from previous traffic is never transmitted from the TOE.</p>\r\n<p>&nbsp;</p>\r\n<p><strong>Identification and authentication - </strong>The TOE performs authentication, using Cisco IOS platform authentication mechanisms, to authenticate access to user EXEC and privileged EXEC command modes.&nbsp; All users wanting to use TOE services are identified and authenticated prior to being allowed access to any of the services. Once a user attempts to access the management functionality of the TOE (via EXEC mode), the TOE prompts the user for a user name and password. Only after the administrative user presents the correct identification and authentication credentials will access to the TOE functionality be granted.</p>\r\n<p>&nbsp;</p>\r\n<p>The TOE supports use of a remote AAA server (RADIUS and TACACS+) as the enforcement point for identifying and authenticating users, including login and password dialog, challenge and response, and messaging support. Encryption of the packet body is provided through the use of RADIUS (note RADIUS only encrypts the password within the packet body), while TACACS+ encrypts the entire packet body except the header).&nbsp; Note the remote authentication server is not included within the scope of the TOE evaluated configuration, it is considered to be provided by the operational environment.&nbsp;&nbsp;</p>\r\n<p>&nbsp;</p>\r\n<p>The TOE can be configured to display an advisory banner when administrators log in and also to terminate administrator sessions after a configured period of inactivity.</p>\r\n<p>&nbsp;</p>\r\n<p>The TOE also supports authentication of other routers using router authentication supported by BGP, EIGRP, PIM, and OSPF.&nbsp; Each of these protocols supports authentication by transmission of MD5-hashed password strings, which each neighbor router uses to authenticate others.</p>\r\n<p>&nbsp;</p>\r\n<p class=\"Body\"><strong>Security management - </strong>The TOE provides secure administrative services for management of general TOE configuration and the security functionality provided by the TOE. All TOE administration occurs either through a secure session via SSHv2, a terminal server directly connected to the Catalysis Switch (RJ45), or a local console connection (serial port). The TOE provides the ability to perform the following actions:</p>\r\n<ul>\r\n<li>allows authorized administrators to add new administrators, </li>\r\n<li>start-up and shutdown the device, </li>\r\n<li>create, modify, or delete configuration items,</li>\r\n<li>create, modify, or delete information flow policies,</li>\r\n<li>create, modify, or delete routing tables,</li>\r\n<li>modify and set session inactivity thresholds, </li>\r\n<li>modify and set the time and date, </li>\r\n<li>and create, delete, empty, and review the audit trail &nbsp;</li>\r\n</ul>\r\n<p class=\"Body\">All of these management functions are restricted to the authorized administrator of the TOE. The TOE switch platform maintains administrative privilege level and non-administrative access. Non-administrative access is granted to authenticated neighbor routers for the ability to receive updated routing tables per the information flow rules.&nbsp; There is no other access or functions associated with non-administrative access. The administrative privilege levels include:</p>\r\n<ul>\r\n<li>Administrators are assigned to privilege levels 0 and 1.&nbsp; Privilege levels 0 and 1 are defined by default and are customizable.&nbsp; These levels have a very limited scope and access to CLI commands that include basic functions such as login, show running system information, turn on/off privileged commands, logout.</li>\r\n<li>Semi-privileged administrators equate to any privilege level that has a subset of the privileges assigned to level 15; levels 2-14.&nbsp; These levels are undefined by default and are customizable.&nbsp; The custom level privileges are explained in the example below.</li>\r\n<li>Privileged administrators are equivalent to full administrative access to the CLI, which is the default access for IOS privilege level 15</li>\r\n</ul>\r\n<p>&nbsp;</p>\r\n<p><strong>Protection of the TSF - </strong>The TOE protects against interference and tampering by untrusted subjects by implementing identification, authentication and access controls to limit configuration to authorized administrators. Additionally Cisco IOS is not a general purpose operating system and access to Cisco IOS memory space is restricted to only Cisco IOS functions. The TOE provides secure transmission when TSF data is transmitted between separate parts of the TOE (encrypted sessions for remote administration (via SSHv2)).&nbsp; Use of separate VLANs are used to ensure routing protocol communications between the TOE and neighbor routers including routing table updates and neighbor router authentication will be logically isolated from traffic on other VLANs.</p>\r\n<p>&nbsp;</p>\r\n<p>The TOE is also able to detect replay of information and/or operations.&nbsp; The detection applied to network packets that are terminated at the TOE, such as trusted communications between the administrators to TOE, IT entity (e.g., authentication server) to TOE.&nbsp; If replay is detected, the packets are discarded.&nbsp;</p>\r\n<p>&nbsp;</p>\r\n<p>In addition, the TOE internally maintains the date and time. This date and time is used as the time stamp that is applied to TOE generated audit records.&nbsp; Alternatively, an NTP server can be used to synchronize the date-timestamp.</p>\r\n<p>&nbsp;</p>\r\n<p><strong>TOE access - </strong>The TOE can terminate inactive sessions after an authorized administrator configurable time-period.&nbsp; Once a session has been terminated the TOE requires the user to re-authenticate to establish a new session.&nbsp; The TOE can also display a Security Administrator specified banner on the CLI management interface prior to allowing any administrative access to the TOE.</p>","features":[]}