Compliant Product - One Identity Safeguard for Privileged Sessions 6.9
Certificate Date: 2022.03.04CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11214-2022
Product Type: Network Device
Conformance Claim: Protection Profile Compliant
PP Identifier: collaborative Protection Profile for Network Devices Version 2.2e
CC Testing Lab: Leidos Common Criteria Testing Laboratory
The Target of Evaluation (TOE) is One Identity Safeguard for Privileged Sessions 6.9. The TOE is a network device offering CAVP certified cryptographic functions, security auditing, secure administration, trusted updates, self-tests, and secure connections with other IT entities using SSH and TLS.
Safeguard for Privileged Sessions is a network appliance that is able to enforce access control, authorization, and accounting methods on application-layer protocols that are commonly associated with management activities. In the evaluated configuration, the TOE is responsible for secure proxying of SSH connections that carry application-layer protocols; the access control functionality for application-layer protocols is out of scope. Specifically, the TOE is responsible for ensuring the security of its own use and for the proper implementation of the secure communications protocols used for communication to, from, and through it.
Security Evaluation Summary
SPS generates security relevant audit records, stores them locally, and can be configured to forward them to a syslog server over TLS. The locally stored audit records are protected from unauthorized access.
The TOE generates security relevant audit records, stores them locally, and can be configured to forward them to a syslog server over TLS. The locally stored audit records are protected from unauthorized access.
The TOE uses OpenSSL with NIST-validated algorithm implementations in support of its cryptographic functions. The TOE uses these algorithms to implement TLS, HTTPS, and SSH in accordance with defined standards.
Identification and Authentication
The TOE provides identification and authentication and password management functions for its administrative interface. It also supports X.509 certificate services in support of authentication for cryptographic channels, including certificate revocation checking using CRL.
The TOE provides security management functions and defines roles that can be associated with users in order to manage the TOE locally or remotely. The management functions are provided through a Web UI, REST API, and local Console.
Protection of the TSF
The TOE implements features designed to protect itself to ensure the reliability and integrity of its security features to include protecting sensitive data and providing its own timing mechanism to ensure that reliable time information is available (e.g., for log accountability).
The TOE includes functions to perform self-tests so that it can detect when it is failing and transition to a secure, maintenance state. It also includes a mechanism to verify TOE updates to prevent malicious or other unexpected changes in the TOE.
The TOE displays a Security Administrator-specified advisory notice and consent warning message prior to establishing an administrative user session. The TOE terminates local and remote administrator interactive sessions after a Security Administrator-specified time period of inactivity. The TOE allows administrator-initiated termination of the administrator’s own interactive session.
One Identity LLC