1 3e Technologies International 3e-636 Series Network Security Device Security Target Revision J March 12, 2015 Version 1.0 Page 1
2 2015 3e Technologies International, Inc. All rights reserved. 3e Technologies International 636 Series Network Security Device Security Target This document, as well as the software described in it, is furnished under license and may be used or copied only in accordance with the terms of such license. The content of this document is furnished for informational use only, is subject to change without notice, and should not be construed as a commitment by 3eTI. 3eTI assumes no responsibility or liability for any errors or inaccuracies that may appear in this document. Except as permitted by license, no part of this document may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, recording, or otherwise, without prior written permission of 3eTI.All registered names, product names and trademarks of other companies used in this guide are for descriptive purposes only and are the acknowledged property of the respective company. Document ID Number: Revision J Contact: 3e Technologies International, Inc Key West Avenue 5th Floor Rockville, MD USA Telephone: +1 (301) Fax: +1 (301) Website: Page 2
3 Table of Contents 1 Security Target Introduction Security Target References Document References TOE References TOE Overview Type of TOE TOE Usage Hardware, Firmware, and Software Required by the TOE TOE Security Functionality TOE Description Acronyms Terminology TOE Description Physical Scope of the TOE Logical Scope of the TOE Conformance Claims Common Criteria Conformance Protection Profile Claim Conformance Rationale Security Problem Definition Threats to Security Organization Security Policies Secure Usage Assumptions Security Objectives Security Objectives for the TOE Security Objectives for the Operational Environment Extended Security Requirements Definition Network Device Protection Profile Extended Security Requirements Definition Security Requirements TOE Security Functional Requirements Security Audit (FAU) Requirements Cryptographic Support (FCS) Requirements User Data Protection (FDP) Requirements Identification and Authentication (FIA) Requirements Security Management (FMT) Requirements Page i
4 6.1.6 Protection of TSF (FPT) Requirements TOE Access (FTA) Requirements Trusted Path/Channels (FTP) Requirements TOE Security Assurance Requirements Development (ADV) Guidance documents (AGD) Life-cycle Support (ALC) Tests (ATE) Vulnerability Assessment (AVA) TOE Summary Specification Audit Functions Cryptographic Support Functions User Data Protection Functions User Identification and Authentication Security Management Functions Protection of the TSF Functions TOE Access (FTA) Trusted Path/Channels Functions Page ii
5 List of Tables and Figures Table 1-1: US Government and Standards Document References... 4 Table 1-2: 3eTI Document References... 4 Table 1-3: Acronyms... 7 Table 1-4: Terms... 8 Figure 1-1: 3e-636L3/3e-636L2TOE Operational Configuration... 9 Table 3-1: Threats to Security Table 3-2: Organizational Security Policies Table 3-3: Secure Usage Assumptions Table 4-1: Security Objectives Table 4-2: Security Objectives for the Operational Environment Table 6-1: 636 Security Functional Requirements Table 6-2: Auditable Events Table 6-3: TOE Security Assurance Requirements Table 7-1: 636L3 FIPS-140 Tested Algorithms Table 7-2: NIST SP800-56A Implementation Table 7-3: NIST SP800-56B Implementation Table 7-4: TOE CSPs Use and Management Table 7-5: Management of TSF Data Page iii
6 1 Security Target Introduction This section presents security target (ST) identification information and an overview of the ST. The structure and content of this ST comply with the requirements specified in the Common Criteria (CC), Part 1, Annex A. 1.1 Security Target References ST Title: 3eTI 3e-636 Series Network Security Device Security Target ST Version: Version 1.0, Revision J Vendor: 3e Technology International, Inc. ST Publication Date: March 12, 2015 Keywords: filter, 802.1X Encryption, VLAN, VPN, IPSec, access control, data packet inspection, traffic Document References The following documents were used to develop the Security Target. Table 1-1: US Government and Standards Document References Reference Document [CC_PART1] Common Criteria for Information Technology Security Evaluation-Part 1: Introduction and general model, July 2009, version 3.1R3, CCMB [CC_PART2] Common Criteria for Information Technology Security Evaluation-Part 2: Security functional components, July 2009, version 3.1R3, CCMB [CC_PART3] Common Criteria for Information Technology Security Evaluation-Part 2: Security assurance components, July 2009, version 3.1R3, CCMB [CEM] Common Methodology for Information Technology Security Evaluation, Evaluation methodology, July 2009, version 3.1R3, CCMB [NDPP V1.1] US Government, Protection Profile for Network Devices, June 08, 2012 [PKE PP] US Government Family of Protection Profiles: Public Key-Enabled Applications for Basic Robustness Environments, May , Version 2.8 [FIPS PUB 140-2] National Institute of Standards and Technology, FIPS PUB Security Requirements for Cryptographic Modules, December [FIPS PUB ] Digital Signature Standard (DSS), June 2009 [NIST SP A] NIST Special Publication A, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography [NIST SP ] NIST Special Publication , Recommendation for Key Management [NIST SP ] NIST Special Publication , Recommendation for EAP Methods Used in Wireless Network Access Authentication, September [IEEE 802.1X] IEEE 802.1X-2004, Standard for Local and metropolitan area networks, Port- Based Network Access Control, 2004 RFC 4301 Security Architecture for the Internet Protocol RFC 4303 IP Encapsulating Security Payload (ESP) RFC 4106 The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP) Reference Table 1-2: 3eTI Document References Document
7 Reference Document 636 UG 3e Technologies International Inc., 636-series User s Guide 1.2 TOE References TOE Identification: 3eTI 3e-636 Series Network Security Devices The TOE consists of the following 636 Series product: 3e-636L3 Network Security Device; Hardware Version 1.0, Firmware Version 5.1 build 73 3e-636L2 High Speed Encryption Network Security Device, Hardware Version 1.0, Firmware Version 5.1 build TOE Overview Type of TOE The Target of Evaluation [TOE] is a Network Device as defined by the protection profile: A network device is a device composed of hardware and software that is connected to the network and has an infrastructure role in the overall enterprise TOE Usage 3eTI s 636 Network Security Devices offer the multiple capabilities necessary for protecting embedded devices and safety-critical industrial control systems (ICS) against attacks from internal and external attacks. The 3e-636 Series Network Security Devices share the identical hardware platform. Both devices provide the same functionalities of access control, traffic filter and data packet inspection for network data traffic between the private networks. GUI Management interfaces over TLS/HTTPS share many similarities with minor differences in the encryption configuration options Hardware, Firmware, and Software Required by the TOE The TOE consists on the hardware, firmware and software residing on the Network Security Device as listed in Section 1.2 above. The evaluated configuration of the TOE requires the following Operational Environment support which is not included in the TOE s physical boundary. Administrator Workstations: Trusted administrators access the TOE through the TLS/HTTPS protocol. Audit Servers: The TOE relies upon the audit server for storage of audit records. The TOE itself stores limited amount of the audit records in its internal persistence storage. Those audit records are accessible and exportable through the Web GUI interface. NTP Servers (Optional): The TOE relies upon an NTP server to provide reliable time. If the time is configured locally, the TOE will use its own reliable hardware clock to maintain time as well. Page 5
8 1.3.4 TOE Security Functionality The following security functionality is within scope of this NDPP evaluation.. Security Audit o Generate audit logs for security-relevant events o Supports secure communications to remote syslog servers Cryptography o Validated cryptographic algorithms o Data zeroization User Data Protection o Residual information clearing Identification and Authentication o Password and user access policies Security Management o Local and remote administration Protection of the security functionality o Self-test on power-up o Trusted update TOE Access o Role-based access control o Session timeout and lockout Trusted Path/Channels o Trusted path for remote administrators Evaluation Clarification: The TOE provides additional security features, such as IPSec to provide transport layer security as VPN Client, which may be briefly described in this ST to help the reader understand what the product does. However, as this evaluation is strict compliance to the Network Device Protection Profile these additional features are considered out of scope. Page 6
9 1.4 TOE Description Acronyms The following acronyms and abbreviations are used in this Security Target: Acronym AES AS CA CAVP CBC CC CCM CCTL CEM CM CMVP COTS CPD CPU CPV CRL CSP DN DSA DSS EAL ECCCDH ECDSA ECB EE PROM FIPS GUI HLD HMAC HTTPS IEEE IETF IP IT LAN LDAP MAC Mbps NIAP NIC NIST OCSP Table 1-3: Acronyms Definition Advanced Encryption Standard Authentication Server Certificate Authority Cryptographic Algorithm Validation Program Cipher Block Chaining (AES mode) Common Criteria for Information Technology Security Evaluation Counter with Cipher Block Chaining-Message Authentication Code (AES mode) Common Criteria Testing Laboratory Common Evaluation Methodology for Information Technology Security Configuration Management Cryptographic Module Validation Program Commercial Off-The-Shelf Certificate Path Development Central Processing Unit Certificate Path Validation Certificate Revocation List Critical Security Parameter Distinguished Name Digital Signature Algorithm Digital Signature Standard Evaluation Assurance Level Elliptic Curve Cryptography Cofactor Diffie-Hellman Elliptic Curve Digital Signature Algorithm Electronic Codebook (AES Mode) Electrically Erasable Programmable Read-Only Memory Federal Information Processing Standard Graphic User Interface High Level Design Hashed Message Authentication Code Secure Hypertext Transfer Protocol Institute of Electrical and Electronics Engineers Internet Engineering Task Force Internet Protocol Information Technology Local Area Network Lightweight Directory Access Protocol Media Access Control Megabits per second National Information Assurance Partnership Network Interface Card National Institute of Standards and Technology Online Certificate Status Protocol Page 7
10 Acronym Definition OS Operating System PKI Public Key Infrastructure PP Protection Profile PSK Pre-shared key PSP Public Security Parameter RADIUS Remote Authentication Dial-In User Service RFC Request for Comments RSA Rivest, Shamir, and Adleman SAR Security Assurance Requirement SDRAM Synchronous Dynamic Random Access Memory SFP Security Function Policy SFR Security Functional Requirement SHA-1 US Secure Hash Algorithm 1 SNMP Simple Network Management Protocol SOF Strength of Function SP Security Parameter ST Security Target TCP Transmission Control Protocol TK Temporal Key TLS Transport Layer Security TOE Target of Evaluation TOI Time of Interest (used in certificate processing) TSF TOE Security Function TSP TOE Security Policy UDP User Datagram Protocol VLAN Virtual Local Area Network WAN Wide Area Network Terminology The following terminology is used in the Security Target: Table 1-4: Terms Term Definition 802.1X The IEEE 802.1X standard provides a framework for many authentication types at the link layer. IPsec Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. Cryptographic Module The set of hardware, software, firmware, or some combination thereof that implements cryptographic logic or processes, including cryptographic algorithms, and is contained within the cryptographic boundary of the module. Page 8
11 1.4.3 TOE Description The Target of Evaluation (TOE) is network devices that provide high speed information assurance that combines a number of different capabilities to create a tailored cyber defense. Acting as an IPsec client, the 3e-636L3 authenticates the IPsec Gateway during IKEv2 negotiation. It provides further data integrity and confidentiality using the ESP mode of the IPsec. AES with 128/256 bits key is used for network data encryption while SHS, CCM or GCM is used for data integrity. The 3e-636L2 provides high speed IEEE802.3 MAC layer encryption. All 3e-636-HSE devices can communicate securely on the same VLAN using the symmetric encryption key. Data integrity is offered through HMAC-SHS or CCM mode of encryption. Figure 1-1 depicts a normal operational scenario with the TOE. The 3e-636L3 uses IPSec tunnel while 3e-636L2 operates with symmetric encryption on the VLAN. The TOE relies upon an NTP Server and an Audit Server in its Operational Environment. The TOE may also be configured to communicate with DHCP and SNMP Management Servers in the Operational Environment, but does not depend upon them to support its security functionality. Figure 1-1: 3e-636L3/3e-636L2TOE Operational Configuration Evaluation Clarification: The TOE components use IPSec to provide transport layer security as VPN Client. While the TOE meets (vendor assertion) the FCS_IPSEC_EXT.1 SFR, the NDPP states The intent of the above requirement is to use a cryptographic protocol to protect external communications with authorized IT entities that the TOE interacts with to perform its functions. This is not, however, to be used to specify VPN Gateway functionality; a separate VPN Protection Profile should be used in these instances. Therefore, the VPN IPSec feature is not evaluated. Page 9
12 Similarly, the TOE uses encrypted VLAN payload to offer data link layer security, the VLAN feature is not evaluated under the NDPP either Physical Scope of the TOE The TOE physical boundary defines all hardware and firmware that is required to support the TOE s logical boundary and the TOE s security functions. The TOE hardware platform uses FreeScale MPC8378E CPU and the TOE s firmware contains embedded Linux Kernel customized by 3eTI based on kernel version 2.6. In short, the TOE s physical boundary is the physical device/appliance for both models. Figure 1-1 in Section depicts the evaluated TOE configurations and the Operational Environment. The table below describes the ports and interfaces implemented by the TOE Port/Interfaces Management/Control I/O Data Input Data Output Status Output Same on 3e-636L3 and 3e- 636L2 Local Management Ethernet port (1) X Yes Plain text Ethernet port (1) Cipher text Ethernet port (1) X X X Yes X X X Yes Auxiliary Ethernet port (1) Power N/A N/A N/A Disabled on both devices Yes LED X Yes Reset Pin X Yes The Operational Environment components relied upon by the TOE and not included in the physical boundary are described in Section Logical Scope of the TOE The Logical Scope of the TOE includes Audit, Cryptographic Services, User Data Protection, Identification and Authentication, Management, Protection of the TSF, TOE Access security functionality and Trusted Path/Channels. Page 10
13 Audit The TOE generates auditable events for actions on the TOE with the capability of selective audit record generation. The records of these events can be viewed within the TOE Management Interface or they can be exported to audit systems in the Operational Environment. The TOE generates records for its own actions, containing information about the user/process associated with the event, the success or failure of the event, and the time that the event occurred. Additionally, all administrator actions relating to the management of TSF data and configuration data are logged by the TOE s audit generation functionality Cryptographic Services The TOE uses a random number generator and secures communication channels with the following cryptographic algorithms: AES, RSA, ECDSA, SHA, HMAC. The TOE is designed to zeroize Critical Security Parameters (CSPs) to mitigate the possibility of disclosure or modification User Data Protection The TSF ensures that network packets sent from the TOE do not include data left over from processing the previous network information Identification and Authentication The TOE provides Identification and Authentication security functionality to ensure that all users are properly identified and authenticated before accessing TOE functionality The TOE enforces a local password-based authentication mechanism to perform administrative user authentication. Passwords are obscured when being displayed during any attempted login Management The Web Management Application of the TOE provides the capabilities for configuration and administration. The Web Management Application can be accessed via the dedicated local Ethernet port configured for out-of-band management. There is no local access such as a serial console port. Therefore, the local and remote management is considered the same for this evaluation. An authorized administrator has the ability to modify, edit, and delete security parameters such as audit data, configuration data, and user authentication data. The Web Management Application also offers an authorized administrator the capability to manage how security functions behave. For example an administrator can enable/disable certain audit functions query and set encryption/decryption algorithms used for network packets Protection of the TSF Internal testing of the TOE hardware, software, and software updates against tampering ensures that all security functions are running and available before the TOE accepting any communications. The TSF prevents reading of pre-shared keys, symmetric keys, and private keys, and passwords. The TOE uses electronic signature verification before any firmware/software updates are installed. Page 11
14 TOE Access The TOE provides the following TOE Access functionality: TSF-initiated session termination when a connection (remote or local) is idle for a configurable time period Administrative termination of own session TOE Access Banners Trusted Path/Channels The TOE protects interactive communication with administrators using TLS/HTTPS, both integrity and disclosure protection is ensured. The TOE protects communication with network entities, such as a log server, using TLS connection and optionally using a dedicated physical port to prevent unintended disclosure or modification of logs and management information Logical Dependencies on the Operational Environment The TOE relies upon the Operational Environment for the following security functionality: Audit storage Reliable time stamps from a Network Time Protocol (NTP) server Page 12
15 2 Conformance Claims 2.1 Common Criteria Conformance This ST claims conformance to Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 3, July International Standard ISO/IEC The requirements in this Security Target are Part 2 extended, and Part 3 conformant. 2.2 Protection Profile Claim This ST claims Strict Compliance to the US Government Protection Profile for Network Devices, Version 1.1, 8 June 2012 with Errata Conformance Rationale This security target claims strict conformance to only one Protection Profile [PP] NDPP. The security problem definition of this ST is consistent with the statement of the security problem definition in the PP, as the ST claims exact conformance to the PP and no other threats, organizational security policies, or assumptions are added. The security objectives of this ST are consistent with the statement of the security objectives in the PP as the ST claims exact conformance to the PP and no other security objectives are added. The security requirements of this ST are consistent with the statement of the security requirements in the PP as the ST claims exact conformance to the PP. Page 13
16 3 Security Problem Definition The Security Problem Definition defines: a) Communications with the TOE b) Malicious Updates c) Undetected System Activity d) Accessing the TOE e) User Data Disclosure f) TSF Failure This document identifies threats are identified as T.threat with threat specifying a unique name. Policies are identified as P.policy with policy specifying a unique name. Assumptions are identified as A.assumption with assumption specifying a unique name. 3.1 Threats to Security Table 3-1 below lists the threats to security. Table 3-1: Threats to Security # Threat Name Threat Definition 1 T.UNAUTHORIZED_ACCESS A user may gain unauthorized access to the TOE data and TOE executable code. A malicious user, process, or external IT entity may masquerade as an authorized entity in order to gain unauthorized access to data or TOE resources. A malicious user, process, or external IT entity may misrepresent itself as the TOE to obtain identification and authentication data. 2 T.UNAUTHORIZED_UPDATE A malicious party attempts to supply the end user with an update to the product that may compromise the security features of the TOE. 3 T.ADMIN_ERROR An administrator may unintentionally install or configure the TOE incorrectly, resulting in ineffective security mechanisms. 4 T.UNDETECTED_ACTIONS Malicious remote users or external IT entities may take actions that adversely affect the security of the TOE. These actions may remain undetected and thus their effects cannot be effectively mitigated. 5 T.USER_DATA_REUSE User data may be inadvertently sent to a destination not intended by the original sender. 6 T.TSF_FAILURE Security mechanisms of the TOE may fail, leading to a compromise of the TSF. Page 14
17 3.2 Organization Security Policies An organizational security policy is a set of rules, practices, and procedures imposed by an organization to address its security needs. Table 3-2 below lists the Organizational Security Policies enforced by the TOE. Table 3-2: Organizational Security Policies # Policy Name Policy Definition 7 P.ACCESS_BANNER The TOE shall display an initial banner describing restrictions of use, legal agreements, or any other appropriate information to which users consent by accessing the TOE. 3.3 Secure Usage Assumptions Table 3-3 below lists the secure usage assumptions. Table 3-3: Secure Usage Assumptions # Assumption Name Assumption Definition 1 A.NO_GENERAL_PURPOSE It is assumed that there are no general-purpose computing capabilities (e.g., compilers or user applications) available on the TOE, other than those services necessary for the operation, administration and support of the TOE. 2 A.PHYSICAL Physical security, commensurate with the value of the TOE and the data it contains, is assumed to be provided by the environment. 3 A.TRUSTED_ADMIN TOE Administrators are trusted to follow and apply all administrator guidance in a trusted manner. Page 15
18 4 Security Objectives This section defines TOE security objectives and objectives for the Operational Environment. 4.1 Security Objectives for the TOE Table 4-1 below lists the Security Objectives for the TOE. Table 4-1: Security Objectives # TOE Security Objective TOE Security Objective Definition 1 O.PROTECTED_COMMUNICATIONS The TOE will provide protected communication channels for administrators, other parts of a distributed TOE, and authorized IT entities. 2 O.DISPLAY_BANNER The TOE will display an advisory warning regarding use of the TOE. 3 O.SESSION_LOCK The TOE shall provide mechanisms that mitigate the risk of unattended sessions being hijacked. 4 O.RESIDUAL_INFORMATION_CLEARING The TOE will ensure that any data contained in a protected resource is not available when the resource is reallocated. 5 O.TOE_ADMINISTRATION The TOE will provide mechanisms to ensure that only administrators are able to log in and configure the TOE, and provide protections for logged-in administrators. 6 O.TSF_SELF_TEST The TOE will provide the capability to test some subset of its security functionality to ensure it is operating properly. 7 O.VERIFIABLE_UPDATES The TOE will provide the capability to help ensure that any updates to the TOE can be verified by the administrator to be unaltered and (optionally) from a trusted source. 8 O.SYSTEM_MONITORING The TOE will provide the capability to generate audit data and send those data to an external IT entity. 4.2 Security Objectives for the Operational Environment Table 4-2 below lists the Security Objectives for the Operational Environment. Table 4-2: Security Objectives for the Operational Environment # TOE Security Objective TOE Security Objective Definition 1 OE.NO_GENERAL_PURPOSE There are no general-purpose computing capabilities (e.g., compilers or user applications) available on the TOE, other than those services necessary for the operation, administration and support of the TOE. 2 OE.PHYSICAL Physical security, commensurate with the value of the TOE and the data it contains, is provided by the environment. 3 OE.TRUSTED_ADMIN TOE Administrators are trusted to follow and apply all administrator guidance in a trusted manner. Page 16
19 5 Extended Security Requirements Definition All of the extended requirements in this ST have been drawn from the NDPP. The NDPP defines the following extended SFRs and since they are not redefined in this ST, the NDPP should be consulted for more information in regard to those CC extensions. 5.1 Network Device Protection Profile Extended Security Requirements Definition FAU_STG_EXT.1 Extended: External Audit Trail Storage FCS_CKM_EXT.4 Extended: Cryptographic Key Zeroization FCS_RBG_EXT.1 Extended: Cryptographic Operation (Random Bit Generation) FCS_TLS_EXT.1 Extended: TLS FCS_HTTPS_EXT.1 Extended: HTTPS FIA_PMG_EXT.1 Extended: Password Management FIA_UAU_EXT.2 Extended: Password-based Authentication Mechanism FIA_UIA_EXT.1 Extended: User Identification and Authentication FPT_APW_EXT.1 Extended: Protection of Administrator Passwords FPT_SKP_EXT.1 Extended: Protection of TSF Data (for reading of all symmetric keys) FPT_TST_EXT.1 Extended: TSF Testing FPT_TUD_EXT.1 Extended: Trusted Update FTA_SSL_EXT.1 Extended: TSF-initiated Session Locking NOTE: The PP authors were not consistent in following their own conventions. Several of the Extended SFR naming conventions had the Extended: missing from its title. The ST author fixed this error to be consistent within this ST. The fixes are shown in red and are only shown in this section. The FCS_TLS_EXT.1 used the word Explicitly instead of Extended. This has been fixed to be consistent within this ST. The FCS_HTTPS_EXT.1 used the word Explicitly instead of Extended. This has been fixed to be consistent within this ST. Page 17
20 6 Security Requirements The following conventions have been applied in this document: Security Functional Requirements: Part 2 of the CC defines the approved set of operations that may be applied to functional requirements: iteration, assignment, selection, and refinement. Extended Security Functional Requirements: Extended requirements were written by the PP author when Part 2 of the CC did not offer suitable requirements to meet the authors needs. Extended requirements will be indicated with the _EXT inserted within the component name (e.g., FAU_STG_EXT.1) Iteration: allows a component to be used more than once with varying operations. In the ST, iteration is indicated by a reference in parenthesis placed at the end of the component. For example FCS_COP.1 (1) and FCS_COP.1 (2) indicate that the ST includes two iterations of the FCS_COP.1 requirement, (1) and (2). ST Author Assignment: allows the specification of an identified parameter. Assignments made by the ST author are indicated using italic+bold text and are surrounded by brackets (e.g., [assignment]). ST Author Selection: allows the specification of one or more elements from a list. Selections made by the ST author are indicated using bold text and are surrounded by brackets (e.g., [selection]). ST Author Refinement: The refinement operation is used to add detail to a requirement, and thus further restricts a requirement. Refinement of security requirements made by the ST author is denoted by the word Refinement in bold text after the element number and the additional text in the requirement in bold text. PP Author Selections, Assignments, & Refinements: PP author selections and assignments are shown in normal text. Refinements made by the PP authors will not be identified as refinements in this ST. The Refinement identifier is reserved for identifying any refinements made by the ST author. 6.1 TOE Security Functional Requirements The following table describes the SFRs that are satisfied by 3eTI s 636 series Network Device. Table 6-1: 636 Security Functional Requirements Functional Class Functional Components # Security Audit (FAU) FAU_GEN.1 Audit Data Generation 1 FAU_GEN.2 User Identity Association 2 FAU_STG_EXT.1 Extended: External Audit Trail Storage 3 Cryptographic Support Cryptographic Key Generation (for 4 (FCS) FCS_CKM.1 asymmetric keys) FCS_CKM_EXT.4 Extended: Cryptographic Key Zeroization 5 Cryptographic Operation (for data 6 FCS_COP.1 (1) encryption/decryption) FCS_COP.1 (2) Cryptographic Operation (for cryptographic signature) 7 Page 18
National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report 3eTI 3e-636 Series Network Security Devices Report Number: CCEVS-VR-VID10580 Dated: March 25,
Protection Profile for Network Devices Information Assurance Directorate 08 June 2012 Version 1.1 Table of Contents 1 INTRODUCTION... 1 1.1 Compliant Targets of Evaluation... 1 2 SECURITY PROBLEM DESCRIPTION...
3eTI Technologies International 3e-525/523 Series Wireless Network Access Points Security Target Version 1.0 Revision I October 8 th, 2015 Page 1 2015 3e Technologies International, Inc. All rights reserved.
Protection Profile for Wireless Local Area Network (WLAN) Access Systems Information Assurance Directorate 01 December 2011 Version 1.0 Table of Contents 1 Introduction to the PP... 1 1.1 PP Overview of
Security Requirements for Network Devices Information Assurance Directorate 10 December 2010 Version 1.0 Table of Contents 1 INTRODUCTION... 1 1.1 Compliant Targets of Evaluation... 1 2 SECURITY PROBLEM
Cisco Email Security Appliance Security Target Version 1.0 October 2014 Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA 2014 Cisco Systems, Inc. All rights
Cisco Unified Communications Manager Security Target Version 1.0 10 August 2015 EDCS - 1502591 Page 1 of 53 Table of Contents 1 SECURITY TARGET INTRODUCTION... 8 1.1 ST and TOE Reference... 8 1.2 TOE Overview...
Mobile Billing System Security Target Common Criteria: EAL1 Version 1.2 25 MAY 11 Document management Document identification Document ID Document title Product version IDV_EAL1_ASE IDOTTV Mobile Billing
Protection Profile for USB Flash Drives Mitigating the Risk of a Manipulated, Misplaced, or Stolen USB Flash Drive Information Assurance Directorate 01 December 2011 Version 1.0 Table of Contents 1 Introduction
Microsoft Windows Common Criteria Evaluation Microsoft Windows 8 Microsoft Windows RT Microsoft Windows Server 2012 IPsec VPN Client Security Target Document Information Version Number 1.0 Updated On January
Protection Profile for Server Virtualization 29 October 2014 Version 1.0 i 0 Preface 0.1 Objectives of Document This document presents the Common Criteria (CC) Protection Profile (PP) to express the fundamental
Accellion Secure File Transfer Cryptographic Module Security Policy Document Version 1.0 Accellion, Inc. December 24, 2009 Copyright Accellion, Inc. 2009. May be reproduced only in its original entirety
31 December 2014 Version 2.0 REVISION HISTORY Version Date Description 1.0 21 October 2013 Initial Release 1.1 7 February 2014 Typographical changes and clarifications to front-matter 2.0 31 December 2014
Protection Profile for Full Disk Encryption Mitigating the Risk of a Lost or Stolen Hard Disk Information Assurance Directorate 01 December 2011 Version 1.0 Table of Contents 1 Introduction to the PP...
Pulse Secure Network Connect Cryptographic Module Version 2.0 Non-Proprietary Security Policy Document Version 1.1 Pulse Secure, LLC. January 9, 2015 2015 by Pulse Secure, LLC. All rights reserved. May
McAfee Web Gateway Version 126.96.36.199 EAL 2 + ALC_FLR.2 Release Date: 5 October 2012 Version: 1.0 Prepared By: Primasec Ltd. Prepared For: McAfee Inc. 3965 Freedom Circle Santa Clara, CA 95054 Document Introduction
Mapping Between Collaborative Protection Profile for Network Devices, Version 1.0, 27-Feb-2015 and NIST SP 800-53 Revision 4 Introduction Several of the NIST SP 800-53/CNSS 1253 controls are either fully
Protection Profile for Mobile Device Management 7 March 2014 Version 1.1 1 Revision History Version Date Description 1.0 21 October 2013 Initial Release 1.1 7 March 2014 Typographical changes and clarifications
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Security Requirements for Voice Over IP Application Protection Profile for Mobility Voice
Secure Network Communications FIPS 140 2 Non Proprietary Security Policy 21 June 2010 Table of Contents Introduction Module Specification Ports and Interfaces Approved Algorithms Test Environment Roles
Extended Package for Mobile Device Management Agents 31 December 2014 Version 2.0 REVISION HISTORY Version Date Description 1.0 21 October 2013 Initial Release 1.1 7 February 2014 Typographical changes
Marimba Client and Server Management from BMC Software Release 6.0.3 Version 2.3.0 4 June, 2007 Prepared by: BMC Software, Inc. 2101 City West Blvd. Houston, Texas 77042 TABLE OF CONTENTS 1. Introduction...
Protection Profile for Voice Over IP (VoIP) Applications 21 October 2013 Version 1.2 Table of Contents 1 INTRODUCTION... 1 1.1 Overview of the TOE... 1 1.2 Usage of the TOE... 1 2 SECURITY PROBLEM DESCRIPTION...
Cisco 800, 1900, 2900, 3900 Series Integrated Service Routers (ISR) Security Target Revision 1.0 August 2011 1 Table of Contents 1 SECURITY TARGET INTRODUCTION... 6 1.1 ST and TOE Reference... 6 1.2 Acronyms
National Information Assurance Partnership TM Common Criteria Evaluation and Validation Scheme Validation Report Protection Profile for Software Full Disk Encryption, Version 1.1 Report Number: CCEVS-VR-PP-0003
Imperva SecureSphere Security Target Version 0.4 12 November 2015 Prepared for: Imperva Inc. 3400 Bridge Parkway, Suite 200 Redwood Shores, CA 94065 United States Prepared by: Leidos Inc. (formerly Science
AAR Test Summary FireEye CM, FX, EX, and NX Series Appliances FireEye CM, FX, EX, and NX Series Appliances Series Security Target, version 1.0 Protection Profile for Network Devices (NDPP), version 1.1,
Cisco Aggregation Services Router (ASR) 900 Series Security Target Version 1.0 26 March 2015 Table of Contents 1 SECURITY TARGET INTRODUCTION...8 1.1 ST AND TOE REFERENCE... 8 1.2 TOE OVERVIEW... 8 1.2.1
Introduction NIST SP 800-53 Revision 4 Mapping: Protection Profile for Application Software Version 1.0 2014-10-15 Several of the NIST SP 800-53/CNSS 1253 s are either fully or partially addressed by compliant
Security Target: Symantec Endpoint Protection Version 11.0 ST Version 1.6 June 2, 2008 Document Version 1.6 Symantec Corporation Page 1 of 68 Prepared For: Prepared By: Symantec Corporation 20330 Stevens
FIPS 140-2 Security Policy LogRhythm 6.0.4 Log Manager LogRhythm 3195 Sterling Circle, Suite 100 Boulder CO, 80301 USA September 17, 2012 Document Version 1.0 Module Version 6.0.4 Page 1 of 23 Copyright
Protection Profile for Software Full Disk Encryption Mitigating the Risk of a Lost or Stolen Hard Disk Information Assurance Directorate 14 February 2013 Version 1.0 Table of Contents 1 Introduction to
Protection Profile for Portable Storage Media (PSMPP) Common Criteria Protection Profile BSI-CC-PP-0081-2012 Version 1.0 German Federal Office for Information Security PO Box 20 03 63 D-53133 Bonn Tel.:
U.S. Government Protection Profile for Database Management Systems Information Assurance Directorate Version 1.3 December 24, 2010 Protection Profile Title: 1 U.S. Government Protection Profile for Database
U.S. Government Protection Profile for Application-level Firewall In Basic Robustness Environments Information Assurance Directorate Version 1.1 July 25, 2007 Forward This Protection Profile US Government
Secure File Transfer Appliance Security Policy Document Version 1.9 Accellion, Inc. November 11, 2010 Copyright Accellion, Inc. 2010. May be reproduced only in its original entirety [without revision].
Security Target Symantec TM Network Access Control Version 12.1.2 Document Version 0.12 February 14, 2013 Document Version 0.12 Symantec Page 1 of 39 Prepared For: Prepared By: Symantec Corporation 350
for smart cards and similar devices Document purpose: provide requirements to developers and guidance to evaluators to fulfill the Security Architecture requirements of CC V3 ADV_ARC family. Version 2.0
Security Target McAfee Enterprise Mobility Management 9.7 Document Version 0.9 July 5, 2012 Document Version 0.9 McAfee Page 1 of 39 Prepared For: Prepared By: McAfee, Inc. 2821 Mission College Blvd. Santa
FIPS 140-2 Security Policy LogRhythm 6.0.4 or 6.3.4 Windows System Monitor Agent LogRhythm, Inc. 4780 Pearl East Circle Boulder, CO 80301 May 1, 2015 Document Version 2.0 Module Versions 6.0.4 or 6.3.4
GuardianEdge Data Protection Framework 9.0.1 with GuardianEdge Hard Disk Encryption 9.0.1 and GuardianEdge Removable Storage Encryption 3.0.1 Security Target Version 2.01 Common Criteria EAL4 augmented
Microsoft Windows Common Criteria Evaluation Microsoft Windows 8 Microsoft Windows Server 2012 Full Disk Encryption Security Target Document Information Version Number 1.0 Updated On April 3, 2014 Microsoft
SQL Server 2008 Team Author: Roger French Version: 1.04 Date: 2011-09-26 Abstract This document is the (ST) for the Common Criteria certification of the database engine of Microsoft SQL Server 2008 R2.
Security Target McAfee Enterprise Mobility Management 12.0 Document Version 1.16 September 17, 2014 Prepared For: Prepared By: McAfee, Inc. 2821 Mission College Blvd. Santa Clara, CA 95054 Primasec Ltd
DataPower S40 ML Security Gateway and DataPower I50 Integration Appliance Version 3.6 Security Target Version 0.75 10/09/2008 Prepared for: IBM SOA Appliance Group One Rogers St Cambridge, MA 02142 Prepared
SECURITY CHARACTERISTIC MOBILE DEVICE MANAGEMENT Version 1.3 Crown Copyright 2015 All Rights Reserved 49358431 Page 1 of 12 About this document This document describes the features, testing and deployment
FIPS 140 2 Non Proprietary Security Policy Kingston Technology Company, Inc. DataTraveler DT4000 G2 Series USB Flash Drive Document Version 1.8 December 3, 2014 Document Version 1.8 Kingston Technology
v8.2.0 and McAfee Firewall Enterprise Control Center v5.2.0 10 January 2012 Version 1.1 Prepared By: Primasec Ltd For McAfee Inc 2340 Energy Park Drive St. Paul, MN 55108 USA Contents 1 Introduction...
SecureDoc Disk Encryption Cryptographic Engine FIPS 140-2 Non-Proprietary Security Policy Abstract: This document specifies Security Policy enforced by SecureDoc Cryptographic Engine compliant with the
Certification Report HP Network Automation Ultimate Edition 10.10 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
Microsoft Forefront UAG 2010 Common Criteria Evaluation Security Target Microsoft Forefront Unified Access Gateway Team Author: Microsoft Corp. Version: 1.0 Last Saved: 2011-03-10 File Name: MS_UAG_ST_1.0.docx
Certification Report EAL 4 Evaluation of SecureDoc Disk Encryption Version 4.3C Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification
JMCS Northern Light Video Conferencing System Security Target Common Criteria: EAL2 Version 1.2 22 FEB 12 Document management Document identification Document ID Document title Product version NLVC_ST_EAL2
Certification Report EAL 4+ Evaluation of WatchGuard and Fireware XTM Operating System v11.5.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
MX-200R-GS/MX-216R-GS Mobility Exchange WLAN Controllers Security Policy Trapeze Networks August 14, 2009 Copyright Trapeze Networks 2007. May be reproduced only in its original entirety [without revision].
Cisco Catalyst Switches (3560- and 3750-) Security Target Revision 1.0 6 June 2012 1 Table of Contents 1 SECURITY TARGET INTRODUCTION... 6 1.1 ST and TOE Reference... 6 1.2 Acronyms and Abbreviations...
EMC Documentum EMC Documentum Content Server TM V5.3 and EMC Documentum Administrator TM V5.3 Security Target V2.0 December 8, 2005 ST prepared by Suite 5200, 4925 Jones Branch Drive McLean, VA 22102-3305
Check Point Endpoint Security Full Disk Encryption Security Target ST Version 2.4 June 22, 2009 Prepared for: 5 Ha Solelim St. Tel Aviv, Israel 67897 Prepared by: Metatron Ltd. 66 Yosef St., Modiin, Israel
Cisco Unified Wireless Network and Wireless Intrusion Detection System: Security Target This document provides the basis for an evaluation of a specific Target of Evaluation (TOE), the Cisco Aironet 1130,
Senforce Endpoint Security Suite Version 3.1.175 Security Target Version 1.0 06/19/07 Prepared for: Senforce Technologies, Inc. 147 W Election Rd Ste 110 Draper UT 84020 Prepared By: Science Applications
Certification Report EAL 4+ Evaluation of ncipher nshield Family of Hardware Security Modules Firmware Version 2.33.60 Issued by: Communications Security Establishment Canada Certification Body Canadian