Archived
TD0170: NIT Technical Decision for SNMPv3 Support
Publication Date
2017.04.04
Protection Profiles
CPP_FW_V1.0, CPP_ND_V1.0
Other References
FTP_TRP.1
Issue Description
The Network Interpretations Team (NIT) has issued a technical decision regarding for SNMPv3 support. Resolution
As of now, TOE administration must always utilize secure channel functionality as defined in FPT_TRP.1. The use of SNMPv3 protocol for administration without encapsulation is disallowed and therefore must be disabled. However, monitoring functionality, for example when SNMPv3 policy is configured for read-only mode, is outside the scope of evaluation and therefore is not explicitly disallowed in the evaluated configuration. Support for SNMPv3 is on the Network iTC's Parking Lot list for consideration in later versions of ND cPP and FW cPP, though. For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI15.pdf.
Justification
See issue description. |