NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Extreme Networks Summit Series Switches EXOS v22.3

Certificate Date:  2017.12.20

Validation Report Number:  CCEVS-VR-VID10827-2017

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 2.0

CC Testing Lab:  CygnaCom Solutions, Inc

Maintenance Release:
CC Certificate [PDF] Security Target [PDF] * Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


* This is the Security Target (ST) associated with the latest Maintenance Release.  To view previous STs for this TOE, click here.

Product Description

The TOE is the Extreme Networks Summit Series Switches EXOS v22.3.1.4-patch1CC-2 that consists of the Summit x870, Summit x690, Summit x620, Summit x440-G2, Summit x450-G2, Summit x460-G2, and Summit x670-G2 series switches. It provides high density layer 2/3 switching with low latency cut-through switching and IPv4 and IPv6 unicast and multicast routing to enable enterprise aggregation and core backbone deployments.

The TOE consists of both hardware and software components. Each software version is identifiable by the unique build number. Each hardware profile provides a defined set of performance characteristics - switching bandwidth, latency, and port density while offering consistent level of security features.


Evaluated Configuration


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. The TOE was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 3.1 R5.

The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 R5. 

CygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies compliance with collaborative Protection Profile for Network Devices v2.0.

A team of validators, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed December 2017.


Environmental Strengths

The TOE is classified as a Network Device.

The EXOS utilizes firmware cryptographic module based on OpenSSL. This cryptographic module exclusively implements all cryptographic functionality and operates in the FIPS mode. The cryptographic module does not include protocol key establishment functionality, NIST SP800-56B conformance is vendor affirmed. However, EXOS is separately certified for SSH and TLS KDF. The cryptographic library is capable of supporting additional, outside of the scope, cryptographic primitives but such functionality is disabled in the evaluated configuration.

The TOE’s EXOS v22.3.1.4-patch1CC-2 exclusively relies on the firmware cryptographic module based on OpenSSL operating in FIPS mode to implement all cryptographic security functionality.  The cryptographic module’s functionality is validated through NIST Cryptographic Algorithm Validation Program (CAVP).

The TOE is designed to provide the following functionality:

  • Security Audit

o   Audit record generation for security-relevant events

o   Interoperability with a remote audit server

  • Cryptographic Support
    • Validated cryptographic algorithms
    • Destruction of cryptographic keys
  • Identification and Authentication

o   User access policies

o   Password and certificate based authentication

  • Security Management

o   Local and remote administration

  • Protection of the TOE Security Function (TSF)

o   Self-testing on power-up

o   Trusted update

  • TOE Access

o   Role-based access control

o   Session timeout and lockout

  • Trusted Path/Channels
    • Secure channel for remote administrators
    • Secure channel for authorized IT entities 

Vendor Information

Logo
Extreme Networks, Inc.
Craig Ficik
+1 888-257-3000
cficik@extremenetworks.com

www.extremenetworks.com
Site Map              Contact Us              Home