Security Target, Version 3.9 March 18, 2008Nortel VPN Router v7.05 and Client Workstation v7.11 Page 43 of 67© 2008 Nortel NetworksTOE SecurityFunction SFR ID DescriptionFMT_MSA.3(b) Static Attribute InitializationFMT_MSA.3(c) Static Attribute InitializationFMT_SMF.1 Specification of Management FunctionsFMT_SMR.1 Security RolesProtection of the TSF FPT_AMT.1 Abstract Machine TestingFPT_RPL.1 Replay DetectionFPT_TST.1 TSF TestingTrusted Path/Channels FTP_TRP.1 Trusted Path6.1.1 Security AuditThe TOE generates five types of audit data:Accounting Logs The Accounting Log records the following data about user sessions:Last nameFirst nameUser IDTunnel typeSession start dateSession end dateNumber of packets transferredNumber of bytes transferredSecurity Log The Security Log records data about both successful and failed system and user securityevents. The audited events include:Authentication and authorization eventsTunnel or administration requestsEncryption and decryption, authentication, or compressionHours of accessNumber of session violationsCommunications with serversLDAPRADIUSConfiguration Log The Configuration Log records data about configuration changes, including the addition,modification, or deletion of:Group or user profilesLocal Area Network (LAN or Wide Area Network (WAN) interfacesFiltersSystem access hoursShutdown or startup policiesFile maintenance or backup policies