Validated Product - Network Appliance Data ONTAP Versions 7.0.3 and 7.0.4Certificate Date: 03 April 2007 Validation Report Number: CCEVS-VR-07-0015 Product Type: Operating System Conformance Claim: EAL2 PP Identifiers: None CC Testing Lab: COACT Inc. CAFE Laboratory
PRODUCT DESCRIPTIONData ONTAP is a proprietary microkernel operating system developed by Network Appliance. The microkernel is included in the distribution of several of Network Appliance’s storage solution products including NearStore, Virtual Filer, and Filer. The TOE is the subset of the software installed on those appliances composed of the System Administration and Write Anywhere File Layout modules. The remainder of the OS and the supporting hardware platforms were treated as part of the IT Environment for this evaluated TOE. The TOE provides data management functions that include providing secure data storage and multi-protocol access. Secure storage is provided by the TOE by implementing strict access control rules to data managed by Data ONTAP. Multi-protocol access support is provided by the TOE by supporting both NFS and CIFS clients and providing transparent access to data including cross-protocol support. SECURITY EVALUATION SUMMARYThe evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the Network Appliance Data ONTAP 7.0.3/7.0.4 TOE meets the security requirements contained in the Security Target. The criteria against which the Network Appliance Data ONTAP 7.0.3/7.0.4 TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.2. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.2. The COACT, Inc. CAFE Lab determined that the evaluation assurance level (EAL) for the Network Appliance Data ONTAP 7.0.3/7.0.4 TOE is EAL 2. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target. A Validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by the COACT, Inc. CAFE Lab. The evaluation was completed in December 2006. Results of the evaluation and associated validation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report. ENVIRONMENTAL STRENGTHSThe Network Appliance Data ONTAP 7.0.3/7.0.4 TOE provides security audit, discretionary access policy, identification and authentication, and security information management features as they relate to enterprise security information management. Discretionary Access Control - The DAC includes enforcing access rules to data based on client type, client security attributes, file type, file security attributes and operation. Administration- The Administrative functionality provided by the TOE includes supporting operator functions including enforcing identification and authentication, user roles and providing the necessary user interface commands that enable an operator to support the TOE’s security functionality. |
![[X]](/assets/images/button_close.gif){kind=small}
![[PDF]](http://www.niap-ccevs.org:80/assets/images/icon_pdf.gif){kind=icon}
