Compliant Product - Junos OS 19.1R2 for EX2300, EX2300-C and EX3400
Certificate Date: 2020.04.27CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11025-2020
Product Type: Network Device
Conformance Claim: Protection Profile Compliant
PP Identifier: collaborative Protection Profile for Network Devices Version 2.1
CC Testing Lab: Acumen Security
The Target of Evaluation (TOE) is Juniper Networks, Inc. Junos OS 19.1R2 executing on EX2300, EX2300-C and EX3400 Ethernet Switch.
Juniper Networks EX Series Ethernet Switches provide scalable connectivity for the enterprise market, including branch offices, campus locations, and data centers. The switches run the Juniper Networks Junos operating system (Junos OS), which provides Layer 2 and Layer 3 switching, routing, and security services.
The TOE is the Junos OS 19.1R2 firmware executing on EX2300, EX2300-C and EX3400 Ethernet Switch.
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the TOE was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5. The product, when delivered configured as identified in the Common Criteria Evaluated Configuration Guide for EX00 and EX3400 Devices, Release 19.1R2, satisfies all of the security functional requirements stated in the Security Target. The project underwent CCEVS Validator review. The evaluation was completed in April 2020. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
Security Audit: Junos auditable events are stored in the syslog files on the appliance and can be sent to an external log server (via Netconf over SSH). The TOE generates audit records for security relevant events. Audit records include the date and time, event category, event type, username, and the outcome of the event (success or failure). Local syslog storage limits are configurable and are monitored. In the event of storage limits being reached the oldest logs will be overwritten.
Cryptographic Support: The TOE provides an SSH server to support protected communications for administrators to establish secure sessions and to connect to external syslog servers. The TOE requires that applications exchanging information with it are successfully authenticated prior to any exchange (i.e. applications connecting over SSH). The TOE includes cryptographic modules that provide the underlying cryptographic services, including key management and protection of stored keys, algorithms, random bit generation and crypto-administration. The cryptographic modules provide confidentiality and integrity services for authentication and for protecting communications with connecting applications.
Identification and Authentication: The TOE supports Role Based Access Control. All users must be authenticated to the TOE prior to carrying out any management actions. The TOE supports password-based authentication and public key-based authentication. Based on the assigned role, a user is granted a set of privileges to access the system. Administrative users must provide unique identification and authentication data before any administrative access to the system is granted. Authentication data entered and stored on the TOE is protected. The TOE can be configured to terminate interactive user sessions and to present an access banner with warning messages prior to authentication.
Security Management: The TOE provides a Security Administrator role that is responsible for:
• the configuration and maintenance of cryptographic elements related to the establishment of secure connections to and from the evaluated product
• the regular review of all audit data;
• initiation of trusted update function;
• all administrative tasks (e.g., creating the security policy).
The devices are managed through a Command Line Interface (CLI). The CLI is accessible through local (serial) console connection or remote administrative (SSH) session.
Protection of the TSF: The TOE protects all passwords, pre-shared keys, symmetric keys and private keys from unauthorized disclosure. Passwords are stored using sha256 or sha512. The TOE executes self-tests during initial start-up to ensure correct operation and enforcement of its security functions. An administrator can install software updates to the TOE. The TOE internally maintains the date and time.
TOE Access: Prior to establishing an administration session with the TOE, a banner is displayed to the user. The banner messaging is customizable. The TOE will terminate an interactive session after a period of inactivity. A user can terminate their local CLI session and remote CLI session by entering exit at the prompt.
Trusted Path/Trusted Channel: The TOE supports SSH v2 for secure communication to Syslog server. The TOE supports SSH v2 (remote CLI) for secure remote administration.
Juniper Networks, Inc.