NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Cisco Prime Infrastructure 3.2

Certificate Date:  2018.04.30

Validation Report Number:  CCEVS-VR-VID10860-2018

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 1.0

CC Testing Lab:  CGI IT Security Labs

CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Product Description

The Cisco Prime Infrastructure TOE is a purpose-built network device that supports management of an organization’s entire network infrastructure from one graphical interface. Cisco Prime Infrastructure provides a single integrated solution for comprehensive lifecycle management of the organization’s infrastructure including network equipment, servers and virtual machines. Cisco Prime Infrastructure uses the industry-standard SNMP protocol to communicate with devices.

Evaluated Configuration

Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Cisco Prime Infrastructure is judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 4.  The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 4.  The product, when delivered configured as identified in the Cisco Prime Infrastructure Common Criteria Configuration Guide document, satisfies all of the security functional requirements stated in the Cisco Prime Infrastructure Security Target, Version 1.3. The project underwent CCEVS Validator review.  The evaluation was completed in April 2018.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.

Environmental Strengths

The security features of the TOE are described below in detail. Also, the TOE meets all the assurance activities from NDcPP v1.0.

Security Audit

Auditing allows Security Administrators to discover intentional and unintentional issues with the TOE’s configuration and/or operation.  Auditing of administrative activities provides information that may be used to hasten corrective action should the system be configured incorrectly.  Security audit data can also provide an indication of failure of critical portions of the TOE (e.g. a communication channel failure or anomalous activity (e.g. establishment of an administrative session at a suspicious time, repeated failures to establish sessions or authenticate to the TOE) of a suspicious nature.

The TOE provides extensive capabilities to generate audit data targeted at detecting such activity.  The TOE generates an audit record for each auditable event.  Each security relevant audit event has the date, timestamp, event description, and subject identity.  The administrator configures auditable events, performs back-up operations, and manages audit data storage.  The TOE provides the administrator with a circular audit trail or a configurable audit trail threshold to track the storage capacity of the audit trail.  Audit logs are transmitted to an external audit server over an encrypted channel.

Cryptographic Support

The TOE implements cryptography and algorithms that has been CAVP tested.  This includes key generation and random bit generation, key establishment methods, key destruction, and the various types of cryptographic operations to provide AES encryption/decryption, signature verification, hash generation, and keyed hash generation.

Identification and Authentication

The TOE performs two types of authentication to provide a trusted means for Security Administrators and remote endpoints to interact with itself: X.509v3 certificate-based authentication for remote devices and password-based authentication for Security Administrators.  Device-level authentication allows the TOE to establish a secure communication channel with a remote endpoints.  

Security Administrators have the ability to compose strong passwords (15 characters or greater), which are stored in a hashed form. 

Security Management

The TOE provides secure remote administrative interface and a local interface to perform security management functions.  This includes ability to configure cryptographic functionality; an access banner containing an advisory notice and consent warning message; a session inactivity time before session termination as well as an ability to update its software.

The TOE provides a Security Administrator role and only the Security Administrator can perform security management functions.

Protection of the TSF

The TOE protects critical security data including keys and passwords against tampering by untrusted subjects.  The TOE also provides reliable timestamps to support accurate audit records.

The TOE provides self-tests to ensure it is operating correctly, including the ability to detect software integrity failures.  Additionally, the TOE provides a trusted software update and verification function to assure software updates are from Cisco Systems, Inc.  

TOE Access

The TOE monitors both local and remote admin sessions for inactivity and terminates when a threshold time period is reached.  Once a session has been terminated the TOE requires the user to re-authenticate. 

The TOE also displays a Security Administrator specified advisory notice and consent warning message prior to initiating identification and authentication for each administrative user.

Trusted path/Channels

The TOE provides encryption (protection from disclosure and detection of modification) for communication paths between itself and remote endpoints.

In addition, the TOE provides two-way authentication of each endpoint in a cryptographically secure manner, meaning that even if there was a malicious attacker between the two endpoints, any attempt to represent themselves to either endpoint of the communications path as the other communicating party would be detected.

Vendor Information

Cisco Systems, Inc.
Rick West
Site Map              Contact Us              Home