PRODUCT DESCRIPTION

The TOE consists of a Marconi Multiservice Switch (models: ASX-200BX, ASX-1000, ASX-1200, TNX-210, TNX-1100, ASX-4000, and ASX-4000M) running ForeThought 8.3.1 and Marconi Switch Router (model: BXR-48000) running BXR ForeThought 2.0.1). Each of these models has essentially the same security features, though the BXR-48000 Switch Router offers extended information flow controls. The primary differences between the models include performance and routing functionality: the BXR ForeThought 2.0.1 runtime code has been enhanced from the ForeThought 8.3.1 code base to support high-speed interfaces (e.g., Ethernet, OC-192 ATM and POS) as well as IP routing. Both versions of ForeThought support MPLS label switching.

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Marconi Multiservice Switches and Switch Routers TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.1 and International Interpretations effective on 5 January 2004. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 1.0. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is EAL3 family of assurance requirements. The product, when configured as specified in the Common Criteria Certification (CCC) Evaluated Configuration Guide, ForeThought 8.3.1 and BXR FT 2.0.1, 082-0015-01, satisfies all of the security functional requirements stated in the Marconi Multiservice Switches and Switch Routers (ASX-200BX, ASX-1000, ASX-1200, TNX-210, TNX-1100, ASX-4000, ASX-4000M, and BXR-48000) Security Target, Version 1.0. One validator on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in March 2005. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, (report number CCEVS-VR-05-0101, dated 13 April 2005) prepared by CCEVS.

ENVIRONMENTAL STRENGTHS

The Marconi Multiservice Switches and Switch Routers provide switching/routing solutions for connected networks. In order to successfully maintain control over the routing/switch configuration in a volatile network environment, these appliances must remain physically connected to the networks that they route or switch. The appliances must be appropriately placed in a network infrastructure, protected from physical attacks, and direct logical access must be restricted to authorized users. To ensure that the design of the IT networks is acknowledged and that the risks to the target environment are adequately addressed, the assurance requirements for EAL3, and the minimum strength of function, SOF-Basic, were chosen. Marconi Multiservice Switches and Switch Routers supports the following five security functions:

• Security Audit - The TOE provides an audit feature that provides the ability to audit user actions related to authentication attempts and administrator actions.
• Information Flow Control - In general, network devices exchange valuable information among themselves. To mitigate threats of spoofing, replay attacks, unauthorized access and DoS attacks among others, the TOE provides an Information Flow Control mechanism that supports control of the flow of traffic generated by the network devices. The Information Flow Control Policies are configured on each network devices to allow traffic to only flow between the authorized sources and authorized destinations.
• Identification and Authentication - The TOE requires users to provide unique identification and authentication data before any administrative access to the system is granted. The TOE provides the ability to define levels of authority for users via "profiles", providing administrative flexibility by allowing highly granular assignment of management rights down to the level of individual commands or entire "directories" of commands. Authorized users may also be assigned to different profiles depending on how they access the TOE (via local terminal console, telnet, HTTP, or SNMP). Authorized administrators have complete control over the TOE. Note, however, that for the purposes of this ST, any user that is defined such that they can directly authenticate to the TOE is considered to be an administrator though the specific authorities may vary.
• Security Management - The TOE is managed through a Command Line Interface (CLI) that can be accessed locally using the terminal console, or remotely using telnet or a web browser. The web browser interface is basically an HTML rendering of the CLI command set, so it has identical functionality to the telnet or terminal console CLI. Additionally, many of the TOE's functions can be managed remotely via SNMP GET and SET commands. Through the CLI, authorized administrators can configure and manage all TOE functions, including configuring the switch router devices and manage user accounts.
• Protection of Security Functions - The TOE provides protection mechanisms for its security functions. One of the protection mechanisms is that users must authenticate before any administrative operations can be performed on the system, whether those functions are related to the management of user accounts or the configuration of routers. Another protection mechanism is that the TOE is self-contained and therefore maintains its own execution domain. All TOE security functions are confined to the device.

Vendor Information

Marconi Corporation plc.
Marconi Federal Sales
1-866 MARCONI
federalsales@marconi.com

http://www.marconifederal.com