The Target of Evaluation (TOE) is the implementation of the Firewall functionality of Cisco IOS running on Cisco Systems routers. Routers are used to construct IP networks by interconnecting multiple smaller networks or network segments. The Cisco IOS Firewall functionality controls the flow of internet protocol (IP) traffic between network interfaces.
Cisco routers are dedicated hardware devices with purpose written software, which performs many networking functions. The TOE addresses the following:
- The Firewall function (access control lists and stateful inspection)
- Functions relevant to the secure configuration and operation of the Firewall function, such as the authentication and configuration of TOE administrator, configuration of packet filter rules and the searching and sorting of audit data.
- The remote administration of the Cisco IOS router via SSH connections to the routers command line interface.
The Cisco IOS Firewall enhances existing Cisco IOS security capabilities with many features including stateful packet filtering, defense against network attacks, per user authentication and authorization, and real-time alerts.