NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - FireEye VX Series Appliances v9.0

Certificate Date:  2021.05.27

Validation Report Number:  CCEVS-VR-VID11131-2021

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 2.2e

CC Testing Lab:  Acumen Security


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


Product Description

The TOE is comprised of one of the three models of the FireEye VX Series Appliances as shown below.

 

VX12500

VX12550

VX5500

Management Ports

1x 1GigE BaseT

1x 1GigE BaseT

1x 1GigE BaseT

Submission Interface Ports

2x 10GigE BaseT

1x 1GigE BaseT

4x 10GigE SFP

2x 10GigE BaseT

1x 1GigE BaseT

3x 1GigE BaseT

Storage

4 * 900 GB disk / 1.8 TB virtual disk RAID10

2x 4TB disk / 4TB virtual disk RAID 1

2x 2TB disk / 2TB virtual disk RAID 1

Enclosure

2 Rack Units

2 Rack Units

1 Rack Unit

Processor

Intel Xeon E5-4648 v3 (Haswell)

Intel Xeon Platinum 8168 (Skylake)

Intel Xeon E3-1240 v6 (Kaby Lake)

 

Table 1 VX Series Appliances

The TOE is a hardware and software solution that is comprised of the security appliance models described above. The TOE guidance documentation that is considered to be part of the TOE is the FireEye VX Series Appliances v9.0 Common Criteria Guidance Addendum document and is downloadable from the FireEye website.

The network on which the TOE resides is considered part of the environment. The software is pre-installed and is comprised of only the software versions identified above. In addition, software updates are downloadable from the FireEye website. A login ID and password is required to download the software update.


Evaluated Configuration


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the FireEye VX Series Appliances was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5.  The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5.  The product, when delivered configured as identified in the FireEye VX Series Appliances v9.0 Common Criteria Guidance Addendum, satisfies all of the security functional requirements stated in the FireEye VX Series Appliances Security Target. The project underwent CCEVS Validator review.  The evaluation was completed in May 2021.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.


Environmental Strengths

  • Protected Communications. The TOE protects the integrity and confidentiality of communications as follows:

o   TLS connectivity with the following entities:

§  Audit Server

o   SSH connectivity with the following entities:

§  Management SSH Client

  • Secure Administration. The TOE enables secure local and remote management of its security functions, including:

o   Local console CLI administration

o   Remote CLI administration via SSHv2

o   Administrator authentication using a local database

o   Timed user lockout after multiple failed authentication attempts

o   Password complexity enforcement

o   Role Based Access Control - the TOE supports several types of administrative user roles. Collectively these sub-roles comprise the “Security Administrator”

o   Configurable banners to be displayed at login

o   Timeouts to terminate administrative sessions after a set period of inactivity

o   Protection of secret keys and passwords

  • Trusted Update. The TOE ensures the authenticity and integrity of software updates through digital signatures and requires administrative intervention prior to the software updates being installed.
  • Security Audit. The TOE keeps local and remote audit records of security relevant events. The TOE internally maintains the date and time which can be set manually or using authenticated NTP.
  • Self-Test. The TOE performs a suite of self-tests to ensure the correct operation and enforcement of its security functions.
  • Cryptographic Operations. The TOE provides cryptographic support for the services described in the ST.

Vendor Information


FireEye, Inc.
Steve Lanser
408-321-6300
certifications@fireeye.com

www.fireeye.com
Site Map              Contact Us              Home