NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - SonicWall Secure Mobile Access (SMA) v12.4

Certificate Date:  2021.09.28

Validation Report Number:  CCEVS-VR-VID11218-2021

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 2.2e

CC Testing Lab:  CygnaCom Solutions, Inc

CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Administrative Guide [PDF]

Product Description

The SonicWall Secure Mobile Access (SMA) v12.4 appliance functions as a remote access gateway operating as an intermediary device between end users on client devices and network resources residing on internal network.  The appliance provides multiple access methods for end users or client devices to remotely access internal network resources from untrusted external networks. The SMA administrator configures policies comprised of security rules operating on users and targeting resources that must be satisfied in order to establish remote access.

The TOE is offered as SMA 6210 and SMA 7210 hardware appliances and SMA 8200v virtual appliance that are part of SMA1000 product line. The SMA 6210 and SMA 7210 are identical except for CPU, RAM, and SFP+ ports. The SMA 8200v is a virtual appliance designed to operate in virtualization environment.

Evaluated Configuration

Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. The TOE was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 3.1 R5.

The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 R5.

CygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies compliance with U.S. Government Standard Collaborative Protection Profile for Network Devices, 23 March 2021, Version 2.2e.

A team of validators, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed in September 2021.Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.

Environmental Strengths

The TOE is the SonicWall Secure Mobile Access (SMA) v12.4.1 which in the evaluated configuration consists of SMA 6210, SMA 7210 appliances and the SMA 8200v virtual appliance. SonicWall SMA is a unified secure access gateway that enables organizations to provide anytime, anywhere and any device access to corporate resources.

All SMA hardware appliances are shipped ready for immediate access through a Command Line Interface (CLI) and after basic network configuration through a web-based Appliance Management Console (AMC). Virtual appliance requires installation into hypervisor environment and supports configuration through AMC. To ensure secure use the product, it must be appropriately configured prior to being put into production environment as specified in the user guidance

The TOE is designed to provide the following functionalities:

  • Security Audit
    • Audit record generation for security-relevant events
    • Interoperability with a remote audit server
  • Cryptographic Support
    • Validated cryptographic algorithms
    • Destruction of cryptographic keys
    • Entropy generation
  • Identification and Authentication
    • Authentication failure policies
    • Password management policies
    • Password and certificate-based authentication
  • Security Management
    • Local and remote administration
  • Protection of the TOE Security Function (TSF)
    • Self-testing on power-up
    • Trusted update
  • TOE Access
    • Session timeout and lockout
    • Access banner
  • Trusted Path/Channels
    • Secure channel for remote administrators
    • Secure channel for communicating with authorized IT entities

Vendor Information

SonicWall, Inc.
Lawrence Wagner
Site Map              Contact Us              Home