Configuring Common Criteria Users

This part of the Secure Configuration Guide provides configuration and operational information to help you perform the tasks associated with effectively configuring a network of Juniper Networks routers in a Common Criteria environment. The Common Criteria environment is implemented as a series of rules for software configuration. There are three aspects to Common Criteria configuration:

• Configuring authorized users
• Logging events of interest
• Firewall filtering of managers

This chapter describes all of the steps necessary to configure users in a secure JUNOS Common Criteria environment. Policies and Firewall filters for Common Criteria operation are detailed in subsequent chapters of this guide. User types perform certain types of router configuration and operational tasks.

Two versions of JUNOS software had been evaluated: JUNOS 8.1R1 and JUNOS 8.1R3. For details of the scope of the JUNOS 8.1R1 evaluation, see the Security Target for Juniper Networks M/T/J Series Family of Services Routers Running JUNOS 8.1R1. For details of the scope of the JUNOS 8.1R3 re-assessment, see the Security Target for Juniper Networks J2300, J4350, J6350, M7i and M10i Services Routers Running JUNOS 8.1R3.

Note: Because this part of the Secure Configuration Guide only covers Common Criteria configuration and operation, refer to other JUNOS and J-series hardware and software manuals for non-Secure-JUNOS configuration tasks. While Common Criteria configuration statements and commands are noted in other JUNOS and J-series hardware and software configuration guides, all details relating to Common Criteria operation are presented in this part of the Secure Configuration Guide.

The configuration guidelines and features described in this part apply to the JUNOS software. For more detailed information about JUNOS-FIPS configuration and operation, see Introduction to JUNOS-FIPS.

This section is not intended as a troubleshooting guide. However, you can use it with a broader troubleshooting strategy to identify Common Criteria network problems.

This chapter discusses the following topics:

• Introduction to Common Criteria
• Upgrading an M- or T-series Router to Common Criteria
• Upgrading a J-series Router to Common Criteria
• Disabling the Console Port
• Protecting Management Connections
• Choosing and Using Passwords
• Identifying and Authorizing Managers

Copyright © 2008, Juniper Networks, Inc. All Rights Reserved. Trademark Notice.