NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Dell EMC Networking SmartFabric OS10.5.4

Certificate Date:  2023.09.06

Validation Report Number:  CCEVS-VR-VID11338-2023

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 2.2e

CC Testing Lab:  Lightship Security USA, Inc.


CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide: Common Criteria Guide [PDF]

Administrative Guide: Dell SmartFabric OS10 User Guide, Release 10.5.4 [PDF]


Product Description

The TOE is a network switch. The TOE is deployed within a network to provide layer 2 and layer 3 network management and interconnectivity functionality. The TOE interfaces within the scope of the evaluation are as follows:

·       CLI. Administrative CLI via direct serial connection or SSH.

·       Logs. Syslog via TLS.


Evaluated Configuration

The TOE is Dell EMC Networking SmartFabric OS10.5.4 Version: OS10.5.4.3P1.

The physical boundary of the TOE includes all software and hardware shown in the table below. The TOE is delivered via commercial courier.

 

Type

Model

CPU

Software

CAVP

Physical  

S4112F-ON

S4112T-ON

S4128F-ON

S4128T-ON

S4148F-ON

S4148T-ON

MX5108n

Intel Atom C2338 (Silvermont)

Dell Networking SmartFabric OS 10.5.4

A1949

MX9116n

 

Intel Atom C2538 (Silvermont)

S5212F-ON

N3248TE-ON

Intel Atom?C3338 (Goldmont)

S5224F-ON

S5232F-ON

S5248F-ON

S5296F-ON

Z9264F-ON

Intel Atom C3538? (Goldmont)

Z9432F-ON   S5448F-ON 

Intel Atom?C3758?  (Goldmont)

E3224F-ON

Intel Atom?C3558/C3558R?  (Goldmont)

Z9332F-ON

Intel Pentium D1508 (Broadwell)

 


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Dell EMC Networking SmartFabric OS10.5.4 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 Rev. 5. The product, when configured as identified in the Dell EMC Networking SmartFabric OS10.5.4 Common Criteria Guide, v1.0, satisfies all of the security functional requirements stated in the Dell EMC Networking SmartFabric OS10.5.4 Security Target, Version 2.0. The project underwent CCEVS Validator review. The evaluation was completed in September 2023. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.


Environmental Strengths

The logical boundaries of the Dell EMC Networking SmartFabric OS10.5.4 are realized in the security functions that it implements. Each of these security functions is summarized below.

 

Protected Communications

The TOE protects the integrity and confidentiality of communications using TLS and SSHs and using CAVP validated cryptographic algorithms.

Secure Administration

The TOE enables secure management of its security functions, including:

·       Administrator authentication with passwords

·       Configurable password policies

·       Role Based Access Control

·       Access banners

·       Management of critical security functions and data

·       Protection of cryptographic keys and passwords

Trusted Update

The TOE ensures the authenticity and integrity of software updates through GPG digital signatures and published hash. The TOE also implements “show version” CLI command that displays information about firmware version running on the TOE. An authorized user must authenticate to the secure Dell Support website where the software downloads are available. The downloaded image must be transferred to the appliance using a secure method such as Secure Copy or SFTP.

System Monitoring

The TOE generates logs of security relevant events. The TOE stores logs locally and is capable of sending log events to a remote audit server.

Self-Test

The TOE performs a suite of self-tests to ensure the correct operation and enforcement of its security functions. The TOE performs diagnostic self-tests and cryptographic module self-tests during start-up and generates audit records to record a failure. Self-tests comply with the FIPS 140-2 requirements for self-testing.

Identification and Authentication

The TOE ensures that all users must be authenticated before accessing its functions and data. TOE can be accessed directly via serial RJ45 connection or remotely via SSHv2 connection. When a user account has sequentially failed authentication the configured number of times, the account will be locked for a Security Administrator defined time period. The TOE uses X.509v3 certificates to support authentication for TLS. Certificate revocation checking is performed using a CRL.

Security Audit

The TOE generates audit records of user and administrator actions. The TOE includes the user identity in audit events resulting from actions of identified users. The Security Administrator can configure the TOE to send logs in real-time to a syslog server via TLS.

Cryptographic Operations

The TOE implements a cryptographic module.  The cryptographic module has the ability to generate and destroy cryptographic keys. The cryptographic module uses CAVP validated cryptographic algorithms.


Vendor Information


Dell Technologies, Inc
David Rumley
(512) 237-0561
david.rumley@dell.com

https://www.dell.com/
Site Map              Contact Us              Home