Compliant Product - Unisys Stealth Solution Release v4.0 Windows and Linux Endpoint
Certificate Date: 2019.12.11CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID10989-2019
Product Type: Virtual Private Network
Conformance Claim: Protection Profile Compliant
PP Identifier: PP-Module for VPN Client Version 2.1
Protection Profile for Application Software Version 1.3
CC Testing Lab: Leidos Common Criteria Testing Laboratory
The Target of Evaluation (TOE) is the Unisys Stealth Solution Release v4.0 Windows Endpoint and Linux Endpoint. The TOE provides capabilities for protected transmission of private data between Stealth-enabled IPsec Virtual Private Network (VPN) endpoints. The TOE comprises software installed on Windows-based servers, Windows workstations, and Linux servers. The TOE functions as an IPsec VPN client and implements a client-to-client model of operation—the Windows and Linux Endpoints establish IPsec tunnels with each other rather than with a VPN gateway.
The TOE comprises the following software applications:
· Unisys Stealth Solution Release 4.0.026.0 Windows Endpoint
· Unisys Stealth Solution Release 4.0.026.0 Linux Endpoint.
In the evaluated configuration, the Stealth Windows Endpoint is supported on Windows 10 (32-bit and 64-bit) and Windows Server 2016 (64-bit), while the Stealth Linux Endpoint is supported on Red Hat Enterprise Linux (RHEL) 7.4 (64-bit) and 7.5 (64-bit).
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 revision 5, augmented by evaluation activities specified in the Protection Profile for Application Software, Version 1.3, and the Supporting Document—PP-Module for Virtual Private Network (VPN) Clients, Version 2.1. The product, when delivered and configured as identified in the Unisys Stealth Common Criteria Evaluation Guidance Document Release 4.0, 24 October 2019, satisfies all of the security functional requirements stated in the Unisys Stealth Solution Release 4.0 Windows and Linux Endpoints Security Target, v1.0, 3 December 2019. The evaluation was subject to CCEVS Validator review. The evaluation was completed in December 2019. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
The TOE enables an end user to establish a point-to-point VPN tunnel with another Stealth-enabled endpoint, using the underlying platform’s implementation of IKE and IPsec. The Unisys Windows Stealth Endpoint invokes the platform functionality to securely store domain credentials while the Unisys Linux Stealth Endpoint does not store any domain credentials.
User Data Protection
The TOE and the TOE platforms ensure that residual information is protected from potential reuse in accessible objects such as network packets. The Stealth Windows Endpoint does not store any sensitive data in non-volatile memory. The Stealth Linux Endpoint leverages platform-provided functionality to encrypt sensitive data.
The TOE restricts network communication to user-initiated communication for Stealth-tunneled network traffic to Stealth-enabled endpoints and communication to the Stealth Authorization Service.
Identification and Authentication
The TOE provides the ability to use, store, and protect X.509v3 certificates. The TOE supports the use of X.509v3 certificates for IKE peer authentication and integrity verification. In addition, the TOE platform uses X.509v3 certificates.
The TOE provides the following management functions:
· Specify IPsec VPN Clients to use for connections
· Specify client credentials to be used for connections
· Configure the reference identifier of the peer
· Specify IKEv2 Security Association (SA) lifetimes
· Configure packet filter rules
· Configure Certificate Revocation List (CRL) checking
· Configure algorithm suites that can be proposed and accepted during IPsec exchanges.
The TOE does not collect or transmit Personally Identifiable Information (PII) over a network.
Protection of the TSF
The TOE relies upon its underlying platform to perform self-tests that cover the TOE as well as the functions necessary to securely update the TOE. The TOE does not allocate any memory region with both write and execute permissions and is compiled with stack-based buffer overflow protection enabled. The TOE applications use only documented platform Application Programming Interfaces (APIs).
The TOE encrypts all transmitted sensitive data with IPsec between itself and another trusted IT product.
Bernard Karl Dehmelt, Jr