Validated Product - Carrier Access Broadmore 500, 1700, and 1750 Release 4.1.1

PRODUCT DESCRIPTION

The Broadmore is an Asynchronous Transfer Mode (ATM) service multiplexer enabling broadband and other non-ATM technologies to be transported across an ATM network. It is designed as an ATM network service access node that supports the transport of existing broadband services (voice, video, and data) over ATM networks. The Broadmore accepts signals from non-ATM-ready equipment, converts the signals to standard ATM cells, and multiplexes the cells onto a single ATM User Network Interface (UNI) port. Typically, the Broadmore is deployed at the edge of an ATM network as the ATM node element closest to the customer. Both Permanent Virtual Circuit (PVC) and Switched Virtual Circuit (SVC) service are available based upon user-defined module configuration. The Broadmore is designed as a modular system that can be configured to meet the service access and network interface requirements of the user. This is done by the use of different configuration of data-plane cards (that provide end-user traffic handling but do not involve any management or security services) and management cards that provide the management capabilities in a secure manner. Only the security management features of these devices are included in this evaluation.

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme.

ENVIRONMENTAL STRENGTHS

In an environment with adequate physical access security and competent administration, Carrier Access Broadmore 500, 1700, and 1750 Release 4.1.1 provides the following security features:

• Auditing: Security-relevant actions are logged. An audit trail, including sufficient information to provide individual accountability, is maintained. It is protected against deletion or modification.
• Protection of the TSF TOE security functions protects TSF data during transmission to other trusted IT products, detects modification and verifies the integrity of TSF data exported from the TOE through the use of cryptographic algorithms.
• Protection of Data Data at rest and in transit is encrypted.
• Identification & Authorization I&A must succeed before the unit uses any resource on behalf of the user.
• Failure Recovery (1700 and 1750 only) Redundant components are capable of automatic failover without loss of service.

ADDITIONAL CLAIMS

This product makes use of cryptographic modules certified under the US Government FIPS 140-2 standard, and these modules were not further evaluated during this CCEVS evaluation.