NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - FireSphere 14600_FIPS and FireSphere 7960_FIPS

Certificate Date:  2016.04.15

Validation Report Number:  CCEVS-VR-VID10663-2016

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for Network Devices Version 1.1

CC Testing Lab:  UL Verification Services Inc. (Formerly InfoGard)


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


Product Description

The TOE is classified as a Network Device and is designed to sit within or at the edge of a private network in order to analyze and filter data passing to or from the private network.

The TOE contains the following unevaluated functionality:

·         All Intrusion Prevention System (IPS) functions (anomaly and signature based detection)

·         Behavioral sandboxing (signature-less detection)

·         Auto-Quarantine

·         CISO Command Center

·         Threat Intelligence Cloud

The TOE consists of the following:

Hardware:

·         FireSphere 7960_FIPS and FireSphere 14600_FIPS

Firmware:

·         Firesphere 14600_ FIPS Server Software: Version 8.2.0.10

·         Firesphere 7960_FIPS Server Software: Version 8.2.0.10


Evaluated Configuration


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. The TOE was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 3.1 Revision 3. The evaluation methodology used by the Evaluation Team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 Revision 3.

InfoGard has determined that the TOE meets the security criteria in the Security Target, which claims compliance with the Protection Profile for Network Device Protection Profile, Version 1.1, June 8, 2012, and the Security Requirements for Network Devices Errata #3, November 3, 2014. A team of Validators, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed in March 2016.


Environmental Strengths

The evaluation of the TOE, provides assurance that the Security Functional Requirements (SFR) of the Network Devices Protection Profile, Version 1.1, has been met. A summary of the SFRs are as follows:

Audit

·       The TOE will audit all events and information defined in Table 7: “Auditable Events” in Section 6.1.1.1 of the Security Target.

·       The TOE will also include the identity of the user that caused the event (if applicable), date and time of the event, type of event, and the outcome of the event.

·       The TOE protects storage of audit information from unauthorized deletion.

·       The TOE prevents unauthorized modifications to the stored audit records.

·       The TOE can transmit audit data to an external IT entity using TLS protocol.

Cryptographic Operations

·       The TOE implements CAVP validated cryptographic algorithms for random bit generation, encryption/decryption, authentication, and integrity protection/verification. These algorithms are used to provide security for the TLS protocol.

·       The TSF zeroizes all plaintext secret and private cryptographic keys and CSPs once they are no longer required.

User Data Protection

·       The TOE ensures that data will not be reused when processing network packets by clearing all bytes after processing (upon deallocation), through the process of zeroization.

Identification and Authentication

·       The TSF supports passwords consisting of alphanumeric and special characters (“!”, “@”, “#”, “$”, “%”, “^”, “&”, “*”, “(“, “)”). The TSF also allows administrators to set a minimum password length and support passwords with 15 to 32 characters.

·       The TSF requires all administrative-users to authenticate before allowing the user to perform any actions other than:

o   Viewing the warning banner.

o   ARP (layer 2 Ethernet protocol)

o   Domain Name Resolution (i.e. DNS)

Security Management

·       The TSF implements a TLS/HTTPS remote administrative interface and RS-232 local administrative interface to manage TOE security functions.

·       The TSF restricts the ability to modify TOE behavior and functions to authorized administrators.

·       The TSF maintains the role of authorized Administrator.

·       The TSF supports updating of the TOE using digital signature verification of updates.

Protection of the TSF

·       The TSF protects TSF data from disclosure when the data is transmitted between different parts of the TOE.

·       The TSF prevents the reading of secret and private keys.

·       The TOE provides reliable time stamps for itself.

·       The TOE runs a suite of self-tests during the initial start-up (upon power on) to demonstrate the correction operation of the TSF.

·       The TOE provides a means to verify firmware updates to the TOE using a digital signature mechanism prior to installing those updates.

TOE Access

·       The TOE, for local interactive sessions, terminates the session after an Authorized Administrator-specified period of session inactivity.

·       The TOE terminates a remote interactive session after an Authorized Administrator-configurable period of session inactivity.

·       The TOE allows Administrator-initiated termination of the Administrator’s own interactive session.

·       Before establishing an administrative user session, the TOE is capable of displaying an Authorized Administrator-specified advisory notice and consent warning message regarding unauthorized use of the TOE.

Trusted Path/Channels

·       The TOE uses TLS to provide a trusted communication channel between itself and all authorized IT entities that is logically distinct from other communication channels and provides assured identification of its end points and protection of the channel data from disclosure and detection of modification of the channel data.

·       The TOE permits the TSF, or the authorized IT entities to initiate communication via the trusted channel.

·       The TOE permits remote administrators to initiate communication via the trusted path.

·       The TOE requires the use of the trusted path for remote administrator authentication and all remote administration actions.


Vendor Information

Logo
iboss Cybersecurity
Christopher Park
858-568-7051 ext. 7806
858-225-6158
chris.park@iboss.com

www.iboss.com
Site Map              Contact Us              Home