NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - FireEye HX Series Appliances v5.0.1

Certificate Date:  2021.06.02

Validation Report Number:  CCEVS-VR-VID11143-2021

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 2.2e

CC Testing Lab:  Acumen Security


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


Product Description

The TOE is comprised of four models of the FireEye HX Series Appliances as shown below.

 

HX 4402

HX 4502

HX 4502D

Motherboard Ports

2x 1GigE BaseT

2x 1GigE BaseT

2x 1GigE BaseT

Addon Ports

N/A

2x 1GigE BaseT

2x 1GigE BaseT

Storage

4x 1.8 TB disk, 3.6 TB virtual disk RAID 10

4x 4TB disk / 8TB virtual disk RAID 10

4x 4TB disk / 8TB virtual disk RAID 10

Enclosure

1RU rack server

1RU rack server

1RU rack server

Processor

AMD Opteron 6328 (Piledriver)

Intel Xeon E3-1240 v6 (Kaby Lake)

Intel Xeon E3-1240 v6 (Kaby Lake)

TOE Type

Stand-alone physical network device

Stand-alone physical network device

Stand-alone physical network device

 

Table 1 HX Series Appliances

 

 

HX 4502v

Network Ports

2x 1GigE interfaces

CPU Cores

8

Memory

64 GB

Storage

3600 GB

Processor

Intel Xeon E5-4620 v4 (Broadwell)

Hypervisor

VMware vSphere ESXi 6.7

TOE Type

Stand-alone virtual network device

 

Table 2 HX Series Appliances

 

The TOE is a hardware and software solution that is comprised of the security appliance models described above. The TOE guidance documentation that is considered to be part of the TOE is the FireEye HX Series Appliances v5.0.1 Common Criteria Guidance Addendum, V1.2, document which is downloadable from the FireEye website.

The network on which the TOE resides is considered part of the environment. The evaluated software is pre-installed and is identified as software version 5.01. Software updates are downloadable from the FireEye website. A login ID and password are required to download the software update from the FireEye website.


Evaluated Configuration


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the FireEye HX Series Appliances was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5.  The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5.  The product, when delivered configured as identified in the FireEye HX Series Appliances v5.0.1 Common Criteria Guidance Addendum, satisfies all of the security functional requirements stated in the FireEye HX Series Appliances v5.0.1 Common Criteria Security Target. The project underwent CCEVS Validator review.  The evaluation was completed in May 2021.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.


Environmental Strengths

  • Protected Communications. The TOE protects the integrity and confidentiality of communications as follows:

o   TLS connectivity with the following entities:

§  Audit Server

§  Management Web Browser

o   SSH connectivity with the following entities:

§  Management SSH Client

  • Secure Administration. The TOE enables secure local and remote management of its security functions, including:

o   Local console CLI administration

o   Remote CLI administration via SSHv2

o   Remote GUI administration via HTTPS/TLS

o   Administrator authentication using a local database

o   Timed user lockout after multiple failed authentication attempts

o   Password complexity enforcement

o   Role Based Access Control - the TOE supports several types of administrative user roles. Collectively these sub-roles comprise the “Security Administrator”

o   Configurable banners to be displayed at login

o   Timeouts to terminate administrative sessions after a set period of inactivity

o   Protection of secret keys and passwords

  • Trusted Update. The TOE ensures the authenticity and integrity of software updates through digital signatures and requires administrative intervention prior to the software updates being installed.
  • Security Audit. The TOE keeps local and remote audit records of security relevant events. The TOE internally maintains the date and time which can be set manually or using authenticated NTP.
  • Self-Test. The TOE performs a suite of self-tests to ensure the correct operation and enforcement of its security functions.
  • Cryptographic Operations. The TOE provides cryptographic support for the services described in Table 5 of the ST. The related CAVP validation details are provided in Tables 6 and 7 of the ST.

Vendor Information


FireEye, Inc.
Steve Lanser
408-321-6300
certifications@fireeye.com

www.fireeye.com
Site Map              Contact Us              Home