beautypg.com

Toe description, Roduct, Escription – Nortel Networks Nortel Network VPN Router and Client Workstation 7.05 User Manual

Page 8: Igure, Lient, Eployment, Onfiguration of the, 2 toe description, 1 product type, 2 product description

background image

Security Target, Version 3.9

March 18, 2008

Nortel VPN Router v7.05 and Client Workstation v7.11

Page 8 of 67

© 2008 Nortel Networks

2 TOE Description

This section provides a general overview of the TOE as an aid to understanding the general capabilities and security
requirements provided by the TOE. The TOE description provides a context for the TOE evaluation by identifying
the product type and describing the evaluated configuration.

2.1 Product Type

The Nortel VPN Router v7.05 and Client Workstation v7.11 is a hardware and software TOE which combines
network data routing, Virtual Private Network (VPN) connection and acceleration, and firewall capabilities in one
device. This product class makes use of public telecommunication infrastructure (most commonly the Internet) in
order to connect physically discontiguous private network segments to one “virtually contiguous” private network.
Privacy and security of corporate data is maintained through the use of encrypted tunneling protocols within the
VPN connection and various other security procedures when it is in transit over the public network.

A VPN connection requires the creation and operation of a secure tunnel between a VPN client on a remote device
(such as personal computer (PC)) and VPN server software on a VPN security gateway, such as a Nortel VPN
Router.

2.2 Product Description

The TOE is a VPN Router/Firewall which provides three main areas of functionality: it efficiently routes network
traffic to its intended destination; it enables secure Internet Protocol (IP) VPN connections across the public data
network; and it protects the private network from attack by parties on the public network. Each of these functions
are discussed in greater detail below.

The TOE’s primary purpose is to allow users of a private (Enterprise) network to have secure access to that network
from a remote location. The TOE provides firewall, routing, encryption and decryption, authentication, and data
integrity services to ensure that data is securely tunneled across IP networks (including the Internet). The Nortel
VPN Router and the Nortel VPN Client are the two components that compose the TOE. Figure 1 below shows a
typical deployment configuration of the TOE:

The World

Enterprise

Corporate

Servers

Corporate

Network

Internet

CLI Workstation

Management

Workstation

VPN Tunnel

Nortel

VPN Client

Workstation

Nortel VPN Router

Figure 1

– VPN Client Deployment Configuration of the TOE

The Nortel VPN Router can also be configured to operate in Branch Office mode. Branch Office mode allows two
separate portions of an Enterprise network to be securely connected to each other via the Internet. In Branch Office

This manual is related to the following products: