NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Junos OS 17.4R2 for vSRX

Certificate Date:  2019.01.15

Validation Report Number:  CCEVS-VR-VID10887-2019

Product Type:    Firewall
   Virtual Private Network
   IDS/IPS
   Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Stateful Traffic Filter Firewalls Version 2.0 + Errata 20180314
  collaborative Protection Profile for Network Devices Version 2.0 + Errata 20180314
  Extended Package for Intrusion Prevention Systems Version 2.11
  Extended Package for VPN Gateways Version 2.1

CC Testing Lab:  Acumen Security


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


Product Description

The Target of Evaluation (TOE) is Juniper Networks, Inc. Junos OS 17.4R2 for vSRX Virtual Firewall. The vSRX Virtual Firewall delivers a complete virtual firewall solution, including advanced security, robust networking, and automated virtual machine life cycle management capabilities for service providers and enterprises. 

The vSRX Virtual Firewall supports the definition of, and enforces, information flow policies among network nodes, also providing for stateful inspection of every packet that traverses the network and central management to manage the network security policy. All information flow from one network node to another passes through an instance of the TOE. Information flow is controlled based on network node addresses, protocol, type of access requested, and services requested. In support of the information flow security functions, the TOE ensures that security-relevant activity is audited, that their own functions are protected from potential attacks, and provides the security tools to manage all the security functions. The TOE provides multi-site virtual private network (VPN) gateway functionality, and implements Intrusion Prevention System functionality, capable of monitoring information flows to detect potential attacks based on pre-defined attack signature and anomaly characteristics in the traffic.

The deployment of the Junos OS 17.4R2 for vSRX TOE includes the KVM hypervisor (Ubuntu 16.04 OpenVSwitch (OVS) 2.7.0), which runs as a virtual machine (VM) on a standard x86 server.  For the purposes of testing the TOE the following platform was used:

  • Hypervisor: VMWare ESXi 6.0 installed on an x86 server whose processor chipset supports RDRAND

The server hardware used in the testing of the TOE was an HP ProLiant DL380p Gen9 Processor Intel Xeon CPU E5-2660 v2.  


Evaluated Configuration


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Junos OS 17.4R2 for vSRX is evaluated as described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 4.  The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 4.  Acumen Security determined that the evaluation is collaborative Protection Profile for Network Devices Version 2.0 + Errata 20180314; collaborative Protection Profile for Stateful Traffic Filter, Firewalls Version 2.0 + Errata 20180314; collaborative Protection Profile for Network Devices/collaborative Protection Profile for Stateful Traffic Filter Firewalls Extended Package (EP) for Intrusion Prevention Systems (IPS), version 2.11; and Network Device Collaborative Protection Profile (NDcPP)/Stateful Traffic Filter Firewall Collaborative Protection Profile (FWcPP) Extended Package VPN Gateway, version 2.1.  The product, when delivered configured as identified in the Operational User Guidance and Preparative Procedures, satisfies all of the security functional requirements stated in the Security Target. The project underwent CCEVS Validator review.  The evaluation was completed in January 2019.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.


Environmental Strengths

The logical boundary of the TOE includes those security functions implemented exclusively by the TOE.

Trusted Update         

The administrator can initiate update of the TOE software (this includes both Junos VM (Hypervisor+ Junos OS for SRX) and the Wind River Linux Host OS).  The integrity of any software updates is verified prior to installation of the updated software.

 

Audit  

TOE auditable events are stored in the syslog files in the VM filesystem, and can be sent to an external log server (via Netconf over SSH). Auditable events include start-up and shutdown of the audit functions, authentication events, service requests, IPS events, as well as the events listed in Table 2 and Table 3. Audit records include the date and time, event category, event type, username, and the outcome of the event (success or failure). Local (VM) syslog storage limits are configurable and are monitored. In the event of storage limits being reached the oldest logs will be overwritten.

Management

The TOE provides a Security Administrator role that is responsible for:

  • the configuration and maintenance of cryptographic elements related to the establishment of secure connection to and from the evaluated product;
  • the regular review of all audit data;
  • initiation of trusted update function;
  • administration of VPN, IPS, and Firewall functionality;
  • all administrative tasks (e.g., creating the security policy).

The devices are managed through a Command Line Interface (CLI). The CLI is accessible through local (serial) console connection or remote administrative (SSH) session.

The Security Administrator role includes the capability to manage the Junos VM within the KVM virtualized environment.  Access to manage the Junos VM and Linux host can only be gained through the JCP.

Packet Filtering/Stateful Traffic Filtering    

The TOE provides stateful network traffic filtering based on examination of network packets and the application of information flow rules.

Intrusion Prevention

The TOE can be configured to analyze IP-based network traffic forwarded to the TOE’s interfaces, and detect violations of administratively-defined IPS policies. The TOE can initiate a proactive response to terminate/interrupt an active potential threat, and to initiate a response in real time that would cause interruption of the suspicious traffic flow.

User Data Protection/Information Flow Control    

The TOE is designed to forward network packets (i.e., information flows) from source network entities to destination network entities based on available routing information using Virtual Routers. This information is either provided directly by TOE users or indirectly from other network entities (outside the TOE) configured by the TOE users. The TOE has the capability to regulate the information flow across its interfaces; traffic filters can be set in accordance with the presumed identity of the source, the identity of the destination, the transport layer protocol, the source service identifier, and the destination service identifier (TCP or UDP port number).

 


Vendor Information

Logo
Juniper Networks Inc
Tracy Thu Pham
408-745-2000
408-745-2100
tracyp@juniper.net

www.juniper.net
Site Map              Contact Us              Home