Validated Product - NetScreen Appliances includes models 5XP, 5XT, 25, 50, 100, 204, 208, 500, and 5200 each with ScreenOS 4.0.Or7.0

PRODUCT DESCRIPTION

The NetScreen Appliances Target of Evaluation (TOE) consists of one or more of the following components:

• NetScreen 5XP (Part number: NS-5XP-00*, NS-5XP-10*, where * = 1, 3, 5, 7, or 9
  • Firmware version: 4.0.0 r7.0
  • Hardware version: 3010
• NetScreen 5XT (Part number: NS-5XT-00*, NS-5XT-10*, where * = 1, 3, 5, 7, or 9)
  • Firmware version: 4.0.0 r7.0
  • Hardware version: 3010
• NetScreen 25 (Part number: NS-025-00*, where * = 1, 3, 5, or 7)
  • Firmware version: 4.0.0 r7.0
  • Hardware version: 4010
• NetScreen 50 (Part number: NS-050-00*, where * = 1, 3, 5, or 7)
  • Firmware version: 4.0.0 r7.0
  • Hardware version: 4010
• NetScreen 100 (Part number: NS-100-001)
  • Firmware version: 4.0.0 r7.0
  • Hardware version: 3110
• NetScreen 204 (Part number: NS-204-00*, where * = 1, 3, 5, or 7)
  • Firmware version: 4.0.0 r7.0
  • Hardware version: 0110
• NetScreen 208 (Part number: NS-208-00*, where * = 1, 3, 5, or 7)
  • Firmware version: 4.0.0 r7.0
  • Hardware version: 0110
• NetScreen 500 (Part number: NS-500-SK1, NS-500ES-GB1-**, NS-500ES-GB2-**, NS-500SP-GB1-**, NS-500SP-GB2-**, NS-500ES-FE1-**, NS-500ES-FE2-**, where ** = AC or DC)
  • Firmware version: 4.0.0 r7.0
  • Hardware version: 4110
• NetScreen 5200 (Part number: NS-5200-P00*-S00, NS-5200-P01*-S00, NS-5200-P01*-S01, NS-5200-P01*-S02, where * = A or D)
  • Firmware version: 4.0.0 r7.0
  • Hardware version: 3010

Henceforth, the above components are referred to as the NetScreen appliances.

NetScreen appliances are designed and manufactured by NetScreen Technologies, Incorporated, 350 Oakmead Parkway, Sunnyvale, CA 94085, U.S.A, hereafter called NetScreen.

NetScreen products are integrated security network appliances that operate as the central security hub in a network configuration. The NetScreen appliances control traffic flow through the network. The NetScreen appliances integrate stateful packet inspection firewall, virtual private networking, and traffic management features.

Each identified model consists of hardware and firmware, and each runs ScreenOS 4.0.0r7.0 in firmware, a proprietary operating system. The differences have

The TOE generates audit records corresponding to traffic flow, administrator actions, and identification and authentication. The TOE provides interfaces that allow the administrator to review the audit records, including the ability to search and sort upon the audit records. Additionally, the TOE provides the ability to protect the audit records and limit the loss of records due to storage exhaustion.

The TOE enforces an Information Flow policy upon all packets attempting to traverse the NetScreen appliance. The policy is configurable by the administrator and is based on the presumed source IP address, destination IP address, protocol, source and destination interface, and service. The TOE has a packet buffer for temporary storage of packet information. All of the temporary storage is accounted for in that the size of the temporary storage relative to every packet is known ensuring that the TOE does not reuse any previous packet information.

Administrators are the only users of the TOE and are forced to identify and authenticate themselves by the TOE before they are allowed to invoke any administrator commands. Note that the TOE includes the console port, however, the actual console used is not part of the TOE but is part of the environment. The Security Target includes an assumption that a VT-100 terminal or any device that can emulate a VT-100 terminal is required for use as a locally connected console.

Security Management is provided through the Administrator Interface. This interface allows an administrator (when properly identified and authenticated) to configure the NetScreen device. Therefore, the security management functions are not available to non-administrative users.

The security functions of the TOE are protected by the administrative interface being a separate interface that is not connected to the network and, therefore, not susceptible to many of the general threats on the network such as sniffing packets or attempts to log into a public administrative interface. The administrative commands are limited to the console port in the evaluation configuration, and the console port does not pass network traffic. Additionally, the TOE includes a system clock that can only be set and modified by the administrator, providing reliable timestamps for audit information.

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the NetScreen appliances meet the security requirements contained in the Security Target. The criteria against which the NetScreen appliances was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1 and National and International Interpretations effective on May 22, 2002. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Science Application International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the NetScreen appliances TOE is EAL 2. The TOE, configured as specified in the installation guide, satisfies all of the security functional requirements stated in the Security Target. Three Validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in November 2002. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-02-0027) for NetScreen Appliances prepared by CCEVS.

ENVIRONMENTAL STRENGTHS

The NetScreen Appliances are commercial network products that provide identification and authentication, information flow control, and audit. NetScreen appliances provide a level of protection that is appropriate for IT environments that require that information flows be controlled and restricted among network nodes where the NetScreen appliances components can be appropriately protected from physical attacks.