NIAP: Compliant Product

»»

Compliant Product

Compliant Product - FortiWLM Wireless Manager 8.5

Certificate Date: 2021.11.22

Validation Report Number: CCEVS-VR-VID11179-2021

Product Type: Network Device

Conformance Claim: Protection Profile Compliant

PP Identifier: collaborative Protection Profile for Network Devices Version 2.2e

CC Testing Lab: Acumen Security

CC Certificate [PDF]

Security Target [PDF]

Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Product Description

Fortinet’s FortiWLM Wireless Manager 8.5 offers full management of Fortinet controllers and access points along with an extensive set of troubleshooting and reporting tools, all in a single pane of glass. The Wireless Manager offers the ability to see the status of your entire wireless network in one place, while also getting visibility into Spectrum, Wireless Intrusion, and other key wireless health statistics.

Table 1 TOE Models

Model	CPU	Target Deployment
FWM-100D	Intel Celeron J1900 (Bay Trail)	Small enterprise
FWM-1000D	Intel Core i7-4790S (Haswell)	Large enterprise

Evaluated Configuration

Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Fortinet FortiWLM Wireless Manager 8.5 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5. The product, when configured as identified in the Fortinet FortiWLM Wireless Manager 8.5 FIPS 140-2 and Common Criteria Technote, satisfies all of the security functional requirements stated in the Fortinet FortiWLM Wireless Manager 8.5 Security Target, v2.9. The project underwent CCEVS Validator review. The evaluation was completed in November 2021.Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.

Environmental Strengths

The TOE provides the following security functions:

a) Security Audit. The TOE generates logs of security relevant events. The TOE stores logs locally and is capable of sending log events to a remote audit server.

b) Cryptographic Support. The TOE implements cryptographic libraries and protocols in support of its functions. Relevant Cryptographic Algorithm Validation Program (CAVP) certificates are shown in Table 2.

c) Identification and Authentication. The TOE implements authentication mechanisms, authentication failure handling, password management and X.509 certificate validation services.

d) Security Management. The TOE restricts the ability to manage its functions to Security Administrators.

e) Protection of the TSF. The TOE protects cryptographic keys and administrator passwords, performs a suite of self-tests and ensures the authenticity and integrity of software updates through digital signatures.

f) TOE Access. The TOE implements session locking, session termination and displays access banners.

g) Trusted path/channels. The TOE protects the integrity and confidentiality of communications as noted in the Security Target.

Table 2: CAVP Certificates

SFR	Capability	Key Size / Curve / Mod	Cryptographic Library	Certificate
FCS_CKM.1	RSA KeyGen (186-4)	2048	Fortinet FortiWLM SSL Cryptographic Library Fortinet FortiWLM SSL Cryptographic Library	C1653
	ECDSA KeyGen (186-4)	P-256		C1653
	FFC KeyGen	(DH Group 14)		n/a
FCS_CKM.2	RSA (RFC 3447)	n/a		n/a
	KAS-ECC Component	P-256		C1653
	FFC Schemes	(DH Group 14)		n/a
FCS_COP.1 /DataEncryption	AES-CBC	128, 256		C1653
FCS_COP.1 /SigGen and SigVer	RSA SigGen (186-4) RSA SigVer (186-4)	2048
FCS_COP.1 /Hash	SHA-1 SHA-256 SHA-384 SHA-512	160, 256, 384, 512
FCS_COP.1 /KeyedHash	HMAC-SHA-1, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512	160, 256, 384, 512
FCS_RBG_EXT.1	CTR_DRBG (AES)	-	Fortinet FortiWLM RBG Cryptographic Library	C1652

Vendor Information

Fortinet, Inc.
Alan Kaye
+1-408-235-7700
+1-408-235-7737
akaye@fortinet.com

www.fortinet.com

Site Map Contact Us Home