Compliant Product - Palo Alto Networks GlobalProtect App Version 5.1.5
Certificate Date: 2020.08.17CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11085-2020
Product Type: Application Software
Conformance Claim: Protection Profile Compliant
PP Identifier: Functional Package for TLS Version 1.1
Protection Profile for Application Software Version 1.3
CC Testing Lab: Leidos Common Criteria Testing Laboratory
The TOE is the Palo Alto Networks GlobalProtect App that provides users with the ability to access their company network resources via the Palo Alto Networks GlobalProtect Portals and Gateways that have been deployed. The TOE also provides several management functions that includes, for examples, allowing the endpoint user to select their desired gateway, and to collect troubleshooting logs from the TOE. Additional components that interact with the TOE are noted in the TOE Overview.
The GlobalProtect app is a software program that runs on the endpoint (desktop/laptop computer) to protect users by using the same security policies that protect the sensitive resources in corporate networks. The GlobalProtect app secures the traffic using TLS and allows users to connect to corporate networks to access company’s resources from anywhere in the world (e.g. when users are remote). The TOE runs on either Windows 10 or macOS version 10.14.
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme for the Protection Profile for Application Software, Version 1.3 and the Functional Package for Transport Layer Security (TLS), Version 1.1. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 release 5. The product, when delivered configured as identified in the guidance document, satisfies all of the security functional requirements stated in the Palo Alto Networks GlobalProtect App Version 5.1.5 Security Target. The evaluation was completed in August 2020. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
The TOE implements NIST validated cryptographic algorithms that provide key management, random bit generation, encryption/decryption, digital signature and cryptographic hashing and keyed-hash message authentication features in support of cryptographic protocols such as TLS. In order to utilize these features, the TOE must be configured in FIPS-CC mode.
GlobalProtect App includes algorithms that are covered by CAVP certificates that are noted in this document. In addition, the TOE also relies on the underlying platforms Windows 10 and macOS.
User Data Protection
The TOE restricts its access to only using network connectivity when it is needed to communicate to the Palo Alto Networks Gateway or Portal. Other functionality on the host platform such as its camera, Bluetooth, USB, or microphone are not needed. The TOE does not store any sensitive data in non-volatile memory.
Identification and Authentication
The TOE authenticates the X.509 certificate of the Palo Alto Networks GlobalProtect Gateway/Portal as part of establishing a TLS connection.
The TOE provides access to the security management features using an interface on a general-purpose computer. Security management operations are provided to the user of the TOE. A user is able to perform security management by configuring necessary items such as assigning the Palo Alto Networks GlobalProtect Portal and Gateway that the TOE will use for its connections. It also provides the user with the ability to collect troubleshooting logs, configure gateway and portal, check the current version, check for updates, and to enable/disable the transmission of information regarding the system’s hardware/software or configuration. The TOE relies on the OS’ network ports (i.e. ethernet ports) for communication and management capabilities.
In order to install or uninstall the TOE, the user is required to have platform administrator privileges.
The TOE does not transmit PII over a network.
Protection of the TSF
The TOE implements a variety of functions to ensure that it is protected against corruption. These include utilizing platform APIs, memory mapping, and stack-based buffer overflow protection. Palo Alto Networks provides customers with a means of updating their TOE using trusted updates. These trusted updates are securely delivered and installed using protection mechanisms such as TLS, and by using approved digital signature methods. All of these updates are properly signed using RSA 2048 with SHA-256. The trusted update site also provides a checksum of the updates that can be used for additional verification before it is utilized.
The TOE protects communication between itself as the endpoint and other networks using TLS. TLS 1.2 is utilized to encrypt all data that is passed from the TOE to other components (i.e. Palo Alto Networks GlobalProtect Portals and Gateways).
Palo Alto Networks, Inc.