NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Pulse Policy Secure v5.3

Certificate Date:  2017.09.20

Validation Report Number:  CCEVS-VR-VID10785-2017

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 1.0

CC Testing Lab:  UL Verification Services Inc. (Formerly InfoGard)

CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Product Description

The TOE is an infrastructure network device that provides secure remote management, auditing, and updating capabilities. The TOE provides secure remote management using a HTTPS/TLS web interface. The TOE generates audit logs and transmits the audit logs to a remote syslog server over a mutually authenticated TLS channel.

The TOE consists of the following hardware:

·         PSA300, PSA3000, PSA5000, PSA7000c, PSA7000f, MAG2600, MAG4610, MAG-SM160, and MAG-SM360

Running the following software:

·         Pulse Policy Secure 5.3R4.10


The TOE’s operational environment must provide the following services to support the secure operation of the TOE:

·         DNS Server

·         Local Console

·         Syslog Server

·         Web Browser

·         CRL Server

·         [MAG-SM160 and MAG-SM360 only] Chassis, one of:

o    MAG6610

o    MAG6611

Evaluated Configuration

Functional testing of the TOE was performed on the PSA3000 platform with Pulse Policy Secure 5.3R4.10 installed and configured as per the CC Preparative and Administrative Guidance documentation provided as part of the TOE. The evaluated TOE consist of the following platforms running Pulse Policy Secure 5.3R4.10 software:

·         PSA300, PSA3000, PSA5000, PSA7000c, PSA7000f, MAG2600, MAG4610, MAG-SM160, and MAG-SM360


The Operational Environment included the following components to support the secure operation of the TOE:

·         Local Console

·         Syslog Server

·         Web Browser

·         CRL Server

·         DNS Server

Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. Pulse Policy Secure was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 3.1 Revision 4. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 Revision 4. The TOE, when installed and configured per the instructions provided in the preparative and administrative guidance, satisfies all of the security functional requirements stated in the Pulse Policy Secure Security Target. The evaluation underwent CCEVS Validator review. The evaluation was completed in September of 2017.

Environmental Strengths


The TOE generates audit records for security relevant events. The TOE maintains a local audit log as well as sending the audit records to a remote Syslog server. Audit records sent to the remote server are protected by a TLS connection. Each audit record includes identity (username, IP address, or process), date and time of the event, type of event, and the outcome of the event. The TOE prevents modification to the local audit log.

Cryptographic Operations

The TOE implements CAVP validated cryptographic algorithms for random bit generation, encryption/decryption, authentication, and integrity protection/verification. These algorithms are used to provide security for the TLS and HTTPs connections as well as verifying firmware updates. 

Identification and Authentication

The TOE authenticates administrative users using a username/password or username/X.509 certificate combination. The TOE does not allow access to any administrative functions prior to successful authentication. The TOE supports passwords consisting of alphanumeric and special characters and enforces minimum password lengths. The TSF supports and certificates using RSA or ECDSA signature algorithms. The TOE allows only users to view the login warning banner and send/receive ICMP packets prior to authentication.

Security Management

The TOE allows users with the Security Administrator role to administer the TOE over a remote web UI or a local CLI. These interfaces do not allow the Security Administrator to execute arbitrary commands or executables on the TOE. The TOE can also receive configuration updates from a Pulse One management server. 

Protection of the TSF

The TOE implements a number of self-protection mechanisms. It does not provide an interface for the reading of secret or private keys. The TOE ensures timestamps, timeouts, and certificate checks are accurate by maintaining a real-time clock as well as requiring the Security Administrator to update the clock once a month to minimize drift. Upon startup, the TOE runs a suite of self-tests to verify that it is operating correctly. The TOE also verifies the integrity and authenticity of firmware updates by verifying a digital signature of the update prior to installing it.

TOE Access

The TOE can be configured to display a warning and consent banner when an administrator attempts to establish an interactive session over the local CLI or remote web UI. The TOE also enforces a configurable inactivity timeout for remote and local administrative sessions. 

Trusted Path/Channels

The TOE uses TLS to provide a trusted communication channel between itself and remote Syslog and Pulse One servers. The trusted channel with the Syslog server utilizes X.509 certificates to perform mutual authentication. The trusted channel with the Pulse One server utilizes HAWK authentication to perform mutual authentication. The TOE initiates the TLS trusted channel with both types of remote servers. The TOE uses HTTPs/TLS to provide a trusted path between itself and remote administrative users. The TOE does not implement any additional methods of remote administration. The remote administrative users are responsible for initiating the trusted path when they wish to communicate with the TOE.

Vendor Information

Pulse Secure, LLC
Pulse Secure, LLC
Site Map              Contact Us              Home