CC Certificate 

Security Target 

Validation Report 

Assurance Activity 

Administrative Guide 

The Arista 7280 series switches are fixed form factor switches. The 7280 series switches range in size between 1 and 2 RU. Models vary in total throughput, port count, port speeds, route table scales etc.

Each switch model runs Arista’s Linux-based network operating system called Extensible Operating System (EOS). The same EOS binary image runs on all TOE hardware models. All EOS code is compiled to the same i686 assembly, making it such that no processor runs anything different from any other processor. All processors implement the i686 assembly language. All SFRs in this Security Target are implemented by EOS. Hence, they behave identically on every switch model. The table below provides the list of appliances across different series:

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Arista Networks 7280 Series Switches Running EOS 4.28 was evaluated are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5.  The evaluation methodology used by the Evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5. The product, when delivered configured as identified in the Common Criteria Guidance Supplement - Arista Networks 7280 Switches Running EOS 4.28, satisfies all of the Security Functional Requirements (SFRs) stated in the Arista Networks 7280 Series Switches Running EOS 4.28 Security Target version 0.5. The project underwent CCEVS Validator review.  The evaluation was completed in July 2023.  Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.

The logical boundary of the TOE includes the security functions implemented exclusively by the TOE.

Security Audit

·       The TOE will audit all events and information defined in Table 7 of the Security Target.

·      The TOE will also include the identity of the user that caused the event (if applicable), date and time of the event, type of event, and the outcome of the event.

·       The TOE protects storage of audit information from unauthorized deletion.

·       The TOE prevents unauthorized modifications to the stored audit records.

·       The TOE can transmit audit data to an external IT entity using the SSHv2 protocol.

Cryptographic Support

The TOE implements CAVP validated cryptographic algorithms for asymmetric key generation, encryption/decryption, digital signature, integrity protection/verification and random bit generation. These algorithms are used to provide security for the SSH and TLS connections of the Trusted Path and Trusted Channel. The TOE implements the Arista EOS Crypto Module v2.0 which uses the underlying OpenSSL FIPS Object Module 2.0.16 library for all cryptographic functions.

Identification and Authentication

·       The TSF supports passwords consisting of alphanumeric and special characters. The TSF also allows administrators to set a minimum password length and support passwords of 15 characters or greater.

·       The TSF requires all administrative-users to authenticate before allowing the user to perform any actions other than:

o   Viewing the warning banner.

Security Management

·    The TOE allows human users with the Security Administrator role to administer the TOE over a remote console (SSH Trusted Path) and local CLI (Local Console).

·    The eAPI JSON-RPC trusted IT entity client allows machine users with the Security Administrator role to administer the TOE over a remote TLS Trusted Channel. 

These interfaces do not allow the Security Administrator to execute arbitrary commands or executables on the TOE.

Protection of the TSF

·       The TSF prevents the reading of secret keys, private keys, and passwords.

·       The TOE runs a suite of self-tests, during the initial start-up (upon power on), and when programs which utilize the cryptographic libraries are initialized, to demonstrate the correct operation of the TSF.

·       The TOE provides a means to verify firmware/software updates to the TOE using a published hash prior to installing those updates.

·       The TOE provides reliable time stamps for itself.

TOE Access

·       The TOE, for local interactive sessions, terminates the session after Security Administrator-specified period of session inactivity.

·       The TOE terminates a remote interactive session after Security Administrator-configurable period of session inactivity.

·       The TOE allows Administrator-initiated termination of the Administrator’s own interactive session.

·     Before establishing an administrative user session, the TOE is capable of displaying Security Administrator-specified advisory notice and consent warning message regarding unauthorized use of the TOE.

Trusted Path/Channels

·    The TOE uses SSH or TLS to provide a trusted communication channel between itself and all authorized IT entities that is logically distinct from other communication channels and provides assured identification of its end points and protection of the channel data from disclosure and modification.

·       The TOE permits the TSF, or the authorized IT entities to initiate communication via the trusted channel.

·       The TOE permits remote administrators to initiate communication via the trusted path.

The TOE requires the use of the trusted path for initial administrator authentication and all remote administration actions.

Vendor Information