NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Dell EMC Networking Switches running Dell EMC Networking OS v9.11

Certificate Date:  2017.06.22

Validation Report Number:  CCEVS-VR-VID10790-2017

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 1.0

CC Testing Lab:  CygnaCom Solutions, Inc


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


Product Description

The TOE is the Dell Networking Platforms running Dell Networking OS v9.11 that consist of S-Series, C-Series, and Z-Series switches and includes the following appliances:

  • Dell Networking S-Series S3124
  • Dell Networking S-Series S3124P
  • Dell Networking S-Series S3124F
  • Dell Networking S-Series S3148
  • Dell Networking S-Series S3148P
  • Dell Networking S-Series S3048-ON
  • Dell Networking S-Series S4048-ON
  • Dell Networking S-Series S4048T-ON
  • Dell Networking S-Series S5000
  • Dell Networking S-Series S6010-ON
  • Dell Networking S-Series S6100-ON
  • Dell Networking C-Series C9010 and C1048P port extender
  • Dell Networking Z-Series Z9100-ON

The TOE consists of both hardware and software components. Each software version is identifiable by the unique build number. Each hardware profile provides a defined set of performance characteristics - switching bandwidth, latency, and port density while offering the same level of security features.

Dell Networking S3100 series

The Dell Networking S3100 series is a power-efficient 1/10GbE top-of-rack switches purpose-built for office and campus networks. S3124, S3124P, S3124F switches feature a data rate up to 212Gbps (full duplex) and a forwarding rate up to 158Mpps; S3148 and S3148P support data rate up to 260Gbps and a forwarding rate up to 193Mpps. These switches deliver line-rate switching with Priority-based Flow Control (PFC), Enhance Transmission Selection (ETS), and network virtualization features such as VRF-lite. The port and power configuration for individual models listed below:

  • S3124 offers 24x RJ45 10/100/1000Mb auto-sensing ports, 2x SFP+ ports, 2x GbE combo media ports, and 200W PSU
  • S3124F offers 24x 1000-SX (up to 500m distance) or 1000-LX (up to 10km distance) SFP GbE ports, 2x SFP+ ports, 2x GbE combo media ports, and 200W PSU
  • S3124P offers 24x RJ45 10/100/1000Mb PoE+ (up to 30.8W) auto- sensing ports, 2x SFP+ ports, 2x GbE combo media ports, and 715W PSU
  • S3148 offers 48x RJ45 10/100/1000Mb auto-sensing ports, 2x SFP+ ports, 2x GbE combo media ports, and 200W PSU
  • S3148P: 48x RJ45 10/100/1000Mb PoE+ (up to 30.8W) auto- sensing ports, 2x SFP+ ports, 2x GbE combo media ports, and 1100W PSU

Dell Networking S3048-ON

The Dell Networking S3048-ON is a top-of-rack switch built for high-performance, software-defined data centers. The S3048-ON 1U design provides 48 line-rate 1000BASE-T ports that support 10MB/100MB/1GB and four line-rate 10GbE SFP+ ports. The S3048-ON features non-blocking switching architecture that supports up to 260GBps (full-duplex) data rate and up to 131Mpps forwarding rate and enables VRT-lite sharing of networking infrastructure and provides L3 traffic isolation across tenants, including support for multicast and IPv6 routing.

Dell Networking S4000 Series

The Dell Networking S4000 series is an ultra-low-latency 10/40GbE top-of-rack switches built for data center applications. S4000 switches offer data rate up to 1.44Tbps and a forwarding rate up to1080Mpps. The S4048-ON 1U design provides 8 x 10GbE SFP+ ports or 72 10GbE ports with breakout cables and 6 x 40GbE QSFP+ ports. The S4048T-ON provides 48 x 10GBaseT ports plus 24 10GbE ports with breakout cables and 6 x 40GbE QSFP+ ports. The S4000 series supports network virtualization by implementing both network centric virtualization method (VRF-lite) and hypervisor centric virtualization method (VXLAN).

Dell Networking S5000

The Dell Networking S-Series S5000 is a top-of-rack switch purpose-built for LAN and SAN convergence applications in data center environments. The S5000 1U form factor offers modular design with 4 fixed 40GbE QSFP+ uplink ports and 4 modular bays. The S5000 can supports up to 4 12-port 10GbE SFP+ modules, but no more than one 12-port 2/4/8Gbps Fibre Channel (FC) module. The S5000 features 1.28Tbps (full-duplex) and a forwarding rate up to 960Mpps non-blocking switching fabric delivering line-rate performance and supports DCBx, Internet Small Computer System Interface (iSCSI), RDMA over converged Ethernet (RoCE) protocols.

Dell Networking S6010-ON

The Dell Networking S-Series S6010-ON is a top-of-rack switch purpose-built for applications in high-performance data center and computing environments. The S6010-ON 1U design provides 32 40GbE QSFP+ uplinks. The S6010 features 2.56Tbps (full-duplex) non-blocking, cut-through switching fabric and delivers line-rate switching with QoS, VLT, DCBX and iSCSI TLV support.

Dell Networking S6100-ON

The Dell Networking S-Series S6100-ON is a top-of-rack modular switch purpose-built for applications in high-performance data center and computing environments. The S6100-ON 2U design provides up to 32 100G QSFP+ uplinks and two fixed 10GbE SFP+ ports. The S6100-ON features 2.56Tbps (full-duplex) non-blocking, cut-through switching fabric and delivers line-rate switching with PFC, DCBX, and ETS support.

Dell Networking Z9100-ON

The Dell Networking Z-Series Z9100-ON is a 1U top-of-rack core switch purpose-built for applications in high-performance data centers. The Z9100-ON offers high-density 32 ports of 100GbE and two SFP+. The Z9100-ON features 6.4Tbps (full-duplex) non-blocking, cut-through switching fabric and implements priority-based flow control (PFC), data center bridge exchange (DCBX), and enhanced transmission selection (ETS).

Dell Networking C9010

The Dell Networking C-Series C9010 network director and optional C1048P rapid access node is a network device designed to simplify deployment and management of core switches by collapsing separate network tiers into a single logical switching tier and eliminating complexity of protocols running between access and core/aggregation tiers. The C9010 8U platform supports modular slots for up to 10 line card modules, two route processor modules, three fan modules, and four power supply modules supporting up to 60 line-rate 40GbE QSFP+ ports. Each C1048P node supports up to 48-port 1GbE PoE+ ports.


Evaluated Configuration


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. The TOE was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 3.1 R4.

The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 R4. 

CygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies compliance with Collaborative Protection Profile for Network Devices, 27 February 2015, Version 1.0.

A team of validators, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed 26 June 2017.


Environmental Strengths

The TOE is classified as a Network Device.

The TOE’s Dell EMC Networking OS v9.11 exclusively relies on the Dell OpenSSL Cryptographic Library Version 2.4 operating in FIPS mode to implement all cryptographic security functionality.  Dell OpenSSL Cryptographic Library Version 2.4 validated according to FIPS 140-2 as a level 1 software cryptographic module

The TOE is designed to provide the following functionality:

  • Security Audit
    • Audit record generation for security-relevant events
    • Interoperability with a remote audit server 
  • Cryptographic Support
    • Validated cryptographic algorithms
    • Destruction of cryptographic keys

X509 Certificate authentication integrated with TLS protocol

  • Identification and Authentication
    • User access policies
    • Password and certificate based authentication
  • Security Management
    • Local and remote administration 
  • Protection of the TOE Security Function (TSF)
    • Self-testing on power-up
    • Trusted update
  • TOE Access
    • Role-based access control
    • Session timeout and lockout 
  • Trusted Path/Channels
    • Secure channel for remote administrators
    • Secure channel for authorized IT entities

Vendor Information

Logo
Dell USA L.P.
Jeff Yin
1800-999-3355
Jeff.Yin@dell.com

www.dell.com
Site Map              Contact Us              Home