NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - FortiWLM Wireless Manager 8.5

Certificate Date:  2021.11.22

Validation Report Number:  CCEVS-VR-VID11179-2021

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 2.2e

CC Testing Lab:  Acumen Security


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


Product Description

Fortinet’s FortiWLM Wireless Manager 8.5 offers full management of Fortinet controllers and access points along with an extensive set of troubleshooting and reporting tools, all in a single pane of glass. The Wireless Manager offers the ability to see the status of your entire wireless network in one place, while also getting visibility into Spectrum, Wireless Intrusion, and other key wireless health statistics.

Table 1 TOE Models

Model

CPU

Target Deployment

FWM-100D

Intel Celeron J1900 (Bay Trail)

Small enterprise

FWM-1000D

Intel Core i7-4790S (Haswell)

Large enterprise


Evaluated Configuration


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Fortinet FortiWLM Wireless Manager 8.5 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The product, when configured as identified in the Fortinet FortiWLM Wireless Manager 8.5 FIPS 140-2 and Common Criteria Technote, satisfies all of the security functional requirements stated in the Fortinet FortiWLM Wireless Manager 8.5 Security Target, v2.9. The project underwent CCEVS Validator review. The evaluation was completed in November 2021.Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.


Environmental Strengths

The TOE provides the following security functions:

a)          Security Audit. The TOE generates logs of security relevant events. The TOE stores logs locally and is capable of sending log events to a remote audit server.

b)          Cryptographic Support. The TOE implements cryptographic libraries and protocols in support of its functions. Relevant Cryptographic Algorithm Validation Program (CAVP) certificates are shown in Table 2.

c)          Identification and Authentication. The TOE implements authentication mechanisms, authentication failure handling, password management and X.509 certificate validation services.

d)          Security Management. The TOE restricts the ability to manage its functions to Security Administrators.

e)          Protection of the TSF. The TOE protects cryptographic keys and administrator passwords, performs a suite of self-tests and ensures the authenticity and integrity of software updates through digital signatures.

f)            TOE Access. The TOE implements session locking, session termination and displays access banners.

g)          Trusted path/channels. The TOE protects the integrity and confidentiality of communications as noted in the Security Target.

Table 2: CAVP Certificates

SFR

Capability

Key Size / Curve / Mod

Cryptographic Library

Certificate

FCS_CKM.1

RSA KeyGen (186-4)

2048

 

 

 

Fortinet FortiWLM SSL Cryptographic Library

 

 

 

 

 

 

Fortinet FortiWLM SSL Cryptographic Library

 

C1653

ECDSA KeyGen (186-4)

P-256

FFC KeyGen

(DH Group 14)

n/a

FCS_CKM.2

RSA
(RFC 3447)

n/a

n/a

 

KAS-ECC Component

P-256

C1653

FFC Schemes

(DH Group 14)

n/a

FCS_COP.1
/DataEncryption

AES-CBC

128, 256

 

 

 

 

 

C1653

FCS_COP.1
/SigGen and SigVer

RSA SigGen (186-4)

RSA SigVer
(186-4)

2048

FCS_COP.1
/Hash

SHA-1
SHA-256
SHA-384
SHA-512

160, 256, 384, 512

FCS_COP.1
/KeyedHash

HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512

160, 256, 384, 512

FCS_RBG_EXT.1

CTR_DRBG (AES)

-

Fortinet FortiWLM RBG Cryptographic Library

C1652


Vendor Information


Fortinet, Inc.
Alan Kaye
+1-408-235-7700
+1-408-235-7737
akaye@fortinet.com

www.fortinet.com
Site Map              Contact Us              Home