Compliant Product - Infinera Corporation Transcend Network Management System Client 18.10.3
Certificate Date: 2022.12.08CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11318-2022
Product Type: Application Software
Conformance Claim: Protection Profile Compliant
PP Identifier: Functional Package for TLS Version 1.1
Protection Profile for Application Software Version 1.4
CC Testing Lab: Gossamer Security Solutions
The Transcend Network Management System (TNMS) is designed to provide end-to-end network and service management across multiple technologies and equipment vendors. For purposes of this evaluation, the TNMS Client is a software application that offers a secure web-based user interface to its users and in turn securely communicates management instructions to a configured TNMS Server.
The evaluated configuration is the Infinera Transcend Network Management System (TNMS) Client 18.10.3. The TOE runs on an operating system that includes Microsoft Windows 10 (64 bit) on a 64 bit Intel Xeon processor, Amazon Corretto (OpenJDK) JDK/JRE 11.0.6, and Oracle Java JRE 8u201.
Security Evaluation Summary
The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 5, April 2017. The product, when delivered and configured as identified in the Infinera Transcend Network Management System Client 18.10.3 Administrative Guidance for Common Criteria, Version 1.2, December 6, 2022 document, satisfies all of the security functional requirements stated in the Infinera Corporation Transcend Network Management System Client 18.10.3 Security Target, Version 1.5, December 6, 2022. The project underwent CCEVS Validator review. The evaluation was completed in December 2022. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11318-2022) prepared by CCEVS.
The logical boundaries of the Transcend Network Management System Client are realized in the security functions that it implements. Each of these security functions is summarized below.
The TOE uses Automated Cryptographic Validation Test System (ACVTS)-validated cryptographic algorithm implementations, provided by its Bouncy Castle cryptographic module installed with the TOE, to support asymmetric key generation, encryption/decryption, signature generation and verification and establishment of trusted channels to protect data in transit. The TOE implements a TLS client to securely communicate with a TNMS Server. The TOE also relies on the underlying Java Runtime Environment to generate entropy that is used as input data for the TOE’s deterministic random bit generator (DRBG).
User data protection:
The TOE does not access any hardware resources or sensitive information repositories and no sensitive data is stored in non-volatile memory. Inbound and outbound network communications are restricted to those that are user-initiated.
Identification and authentication:
The TOE implements X509 certificate validation to validate the revocation status of certificates using CRL. The TOE uses X509 certificates to support TLS authentication.
The TOE provides a graphical user interface to operate the TOE.
The TOE requires no management beyond configuration of the URI of the TNMS server to which it connects and the root CA certificate to which the TNMS server’s peer certificate should chain.
When configured with default credentials or no credentials, the TOE restricts its functionality and only allows the ability to set new credentials. By default, the TOE is configured with file permissions to protect itself and its data from unauthorized access.
The TOE does not transmit personally identifiable information (PII) over any network interfaces.
Protection of the TSF:
The TOE protects itself against exploitation by implementing address space layout randomization (ASLR) and by not allocating any memory region for both write and execute permission. The TOE uses standard platform APIs and includes a number of third party libraries used to perform its functions.
The TOE includes mechanisms to check for updates and to query the current version of the application software. TOE software is digitally signed and distributed using the platform-supported package manager. The TOE does not update its own binary code in any way and when removed, all traces of the TOE application software are deleted.
The TOE protects communications between itself and remote administrators using TLS and between itself and the TNMS Server using TLS.