NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Cisco Jabber 12.6 for Windows 10

Certificate Date:  2019.09.16

Validation Report Number:  CCEVS-VR-VID11011-2019

Product Type:    Application Software
   VoIP

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Extended Package for Voice and Video over IP (VVoIP) Version 1.0
  Protection Profile for Application Software Version 1.2

CC Testing Lab:  Acumen Security


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


Product Description

The TOE is a software-only client application that executes on a Windows 10 platform.


Evaluated Configuration

The evaluated configuration is a single instance of Cisco Jabber operating in FIPS and CC mode.  Refer to the Cisco Jabber Common Criteria Configuration Guide for instructions on placing Cisco Jabber in FIPS and CC mode.

Cisco Unified Communications Manager (CUCM) is the ESC (also referred to as the SIP Server) which serves as the call control component for voice and video.  There are configuration settings the CUCM ‘pushes’ to the Cisco Jabber TOE, a form of management permitted in [VVoIP].

Cisco CUCM is required to be configured in the On-Premise deployment mode for softphones.  Refer to the Cisco Jabber Common Criteria Configuration Guide for specific information regarding configuring CUCM in the On-Premise deployment mode for softphones.


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Cisco Jabber 12.6 for Windows 10 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 4.  The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 4. The product, when delivered configured as identified in the Cisco Jabber 12.6 for Windows 10 Common Criteria Configuration Guide, version 0.3, satisfies all of the security functional requirements stated in the Cisco Jabber 12.6 for Windows 10 Security Target, version 1.3. The project underwent CCEVS Validator review. The evaluation was completed in July 2019.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.


Environmental Strengths

Communication

The Cisco Jabber TOE transmits voice media using a constant bitrate (CBR) vocoder.

Cryptographic Support

The Cisco Jabber TOE provides cryptography in support of SIP connections via Secure Real-Time Transport Protocol (SRTP) established using the Session Description Protocol (SDP) and the Security Descriptions for Media Streams (SDES) for SDP.  The TOE also protects communications between itself and the CUCM SIP Server by using a Transport Layer Security (TLS)-protected signaling channel.

The TOE incorporates a CiscoSSL cryptographic module library (v6.2) and the algorithm implementation has been validated for CAVP conformance. See Table 17 in section 7 of the ST for certificate references.

User Data Protection

The TOE ensures that user data is not transmitted when a call is placed on hold, when the call is placed on mute, or when the TOE is not registered with the SIP server.  Additionally, the TOE restricts access to hardware resources and network communications to only those required.

Identification and Authentication

The TOE performs X.509 certificate authentication of remote components the TOE interacts with for SDES/SRTP and TLS connections.  The Cisco Jabber TOE relies upon the TOE Platform to validate certificates.  

Security Management

The TOE provides the capability to perform the following functions:  1) Configuration of the termination period for idle calls; and 2) Specification of audio codec (vocoder).

Protection of the TSF

The TOE leverages services and APIs provided by the platform in order to support anti-exploitation features and installation of authorized software updates.

Trusted Channels

The TOE’s implementation of SDES-SRTP allows secure voice and video communication between itself and a remote VVoIP application, and secure signaling communication between itself and a remote CUCM SIP Server using TLS.  


Vendor Information


Cisco Systems, Inc.
Marty Loy
(410) 309-4862
mloyjr@cisco.com

www.cisco.com
Site Map              Contact Us              Home