6. Network Services and Protocols
The table below lists the network services/protocols available on the TOE as a client (initiated outbound) and/or server (listening for
inbound connections), all of which run as system-level processes. The table indicates whether each service or protocol is allowed to be
used in the certified configuration.
For more detail about each service, including whether the service is limited by firewall mode (routed or transparent), or by context
(single, multiple, system), refer to the Command Reference guides listed in Table 2.
Table 9 Protocols and Services
Allowed use in the certified configuration
Authentication Header (part
of IPsec)
No restrictions. ESP must be used in all IPsec
connections. Use of AH in addition to ESP is optional.
Protocol is not considered part of the evaluation.
Dynamic Host
Configuration Protocol
No restrictions. Protocol is not considered part of the
evaluation.
No restrictions. Protocol is not considered part of the
evaluation.
Encapsulating Security
Payload (part of IPsec)
Configure ESP as described in Section 4.6.2 of this
document.
Use SCP or HTTPS instead.
Hypertext Transfer Protocol
Used implicitly for OCSP. For other HTTP functions,
such as “copy”, recommend using HTTPS instead, or
tunneling through IPsec. Protocol is not considered
part of the evaluation.
Hypertext Transfer Protocol
Secure
No restrictions. Protocol is not considered part of the
evaluation.
Internet Control Message
Protocol
No restrictions. Protocol is not considered part of the
evaluation.
To Next Page
Loading...
Need help?
General
