NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Aruba Mobility Conductor with ArubaOS 8.10

Certificate Date:  2023.06.23

Validation Report Number:  CCEVS-VR-VID11345-2023

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 2.2e

CC Testing Lab:  Lightship Security USA, Inc.

CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]


Administrative Guide: ArubaOS 8.5.0.x Command-Line Interface [PDF]

Administrative Guide: ArubaOS Getting Started Guide [PDF]

Administrative Guide: ArubaOS User Guide [PDF]

Administrative Guide: ArubaOS- [PDF]

Product Description

The Target of Evaluation (TOE) is the  Aruba Mobility Conductor with ArubaOS 8.10.  The Aruba Mobility Conductor simplifies the management of multiple Aruba controllers running ArubaOS 8 or later. Key features include a centralized dashboard to easily see and manage controllers deployed in multiple sites, a hierarchical configuration tool to pre-stage network deployments, and the ability to perform live firmware and feature upgrades during active user sessions. The addition of licensing pools simplifies the transfer of licenses between different controllers to quickly address expanded deployment needs.

Evaluated Configuration

The TOE is a network device that provides centralized management of multiple Aruba Mobility Controllers. The physical boundary of the TOE includes the appliance models shown in the table below executing ArubaOS 8.10 software.

TOE Hardware Models




Notes on Differences


Intel Xeon E5-2609v4 (Broadwell)

ArubaOS 8.10

Difference in the number of managed nodes/ supported devices, clients, and controllers due to the licenses applied.


Intel Xeon E5-2620v4 (Broadwell)


Intel Xeon E5-2650v4 (Broadwell)

Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance.  The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 5, April 2017.  The product, when configured as identified in the ArubaOS 8.10 Supplemental Guidance (Common Criteria Configuration Guidance for Aruba Mobility Conductor with ArubaOS 8.10-FIPS), Version 2.6, June 2023, satisfies all of the security functional requirements stated in the Aruba Mobility Conductor with ArubaOS 8.10 Security Target, Version 1.2, June 2023. The project underwent CCEVS Validator review. The evaluation was completed in June 2023.   Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11345-2023) prepared by CCEVS.

Environmental Strengths

The TOE provides the following security functions:

a)     Security Audit: The TOE generates logs of security relevant events. The TOE stores logs locally and is capable of sending log events to a remote syslog server. Log events are sent in real-time via IPsec.

b)     Cryptographic Support: The TOE implements a cryptographic module. In the evaluated configuration, the TOE is in FIPS mode to support the cryptographic functionality. The TOE implements cryptographic protocols such as SSH, TLS, HTTPS, and IPsec.

c)     Identification and Authentication: The TOE requires users who connect to the TOEs administrator interfaces (direct serial connection, remote CLI, and GUI) to authenticate prior to being granted access to any TOE functionality. The TOE supports the use of authentication servers via IPsec.

d)     Secure Management: The TOE enables secure management of its security functions, including:

i)       Local and remote administration

ii)     Access banners

iii)    Session inactivity and termination

iv)    TOE updates

v)     Management of critical security functions and data

vi)    Protection of cryptographic keys and passwords

e)     Protection of TSF:  The TOE prevents reading of private keys and plaintext passwords by any user.  The TOE synchronizes with an external time source.  This date and time are used as a timestamp that is part of each audit record generated by the TOE.  The TOE ensures the authenticity and integrity of software updates through digital signatures.  The TOE performs a suite of self-tests to ensure the correct operation and enforcement of its security functions.

f)      TOE Access:  The TOE can terminate inactive sessions after configurable period.  The TOE can also display specified banner on the local and remote CLI interfaces prior to allowing any administrative access to the TOE.  The TOE allows users to manually terminate an established management session with the TOE.

g)     Trusted Path/Channels: The TOE protects the integrity and confidentiality of communications via the following TOE interfaces: CLI via SSH; Administrative web GUI via HTTPS/TLS; authentication with a remote server via IPsec; external syslog server via IPsec; NTP server via IPsec; and management of Aruba Mobility Controllers via IPsec.  

Vendor Information

Aruba, a Hewlett Packard Enterprise Company
Kevin Micciche
Site Map              Contact Us              Home