NIAP: Compliant Product
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Infoblox Trinzic Appliances with NIOS v7.1

Certificate Date:  2015.12.21

Validation Report Number:  CCEVS-VR-VID10624-2015

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for Network Devices Version 1.1

CC Testing Lab:

CC Certificate [PDF] Security Target [PDF] Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]

Product Description

The TOE is a network appliance that provides delivery of IP network services and management including: DNS, DHCP, IPAM, FTP, TFTP and HTTP.

The TOE evaluated configuration includes one or more of the appliances:  ND-800, TR-800, TE-810, TE-820, TR-1400, ND-1400, TE-1410, TE-1420, ND-2200, TR-2200, TE-2210, TE-2220, ND-4000, TR-4000, IB-4010, IB-4020, IB-4030, PT-1400, PT-2200, PT-4000, and PT-4000-10GE with NIOS/IBOS Version 7.1

Evaluated Configuration

Security Evaluation Summary

The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the product meets the security requirements contained in the Security Target. The criteria against which the Infoblox Trinzic with NIOS 7.1 was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 4. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1, Revision 4. Computer Sciences Corporation determined that the product is conformant to requirements for Protection Profile for Network Devices, v1.1 and Errata 3 for Security Requirements for Network Devices, version 3.0.  The product satisfies all of the security functional requirements stated in the Security Target. Two validators, on behalf of the CCEVS Validation Body, monitored the evaluation carried out by Computer Sciences Corporation. The evaluation was completed in December, 2015. Results of the evaluation can be found in Assurance Activity Report for Infoblox Trinzic with NIOS 7.1 prepared by Computer Sciences Corporation.

Environmental Strengths

The Infoblox Trinzic Appliances with NIOS 7.1 implement the following security functions:

Security Audit - The TOE generates audit records associated with use of the administrative functions. Audit records may be stored locally or sent to a syslog server. 

Cryptographic Support – The TOE includes CAVP-certified algorithms for a range of cryptographic functions including asymmetric key generation, encryption/decryption, cryptographic signature, cryptographic key hashing, Key-hashed message authentication.  These functions are used to implement TLS and HTTPS protocols to provide a secure channel between the TOE and components and its operational environment; to provide a trusted path for remote administration and also trusted update of the TOE software.

User Data Protection – The TOE provides full residual information protection. The TOE ensures that any previous information content of a resource is made unavailable upon the allocation of the resource to all objects by clearing the residual information before network packets are sent from the TOE.

Identification and Authentication – The TOE requires all users to be identified and authenticated before access is granted to its user interfaces.  The TOE authenticates users with a username and password mechanism against a local user database and can be configured to use a remote active directory server.  The TOE can be configured to enforce a configured minimum length as well other password complexity requirements.

Security Management – The TOE provides a GUI interface and a local console interface for users to manage its functions and data. Access to the management interfaces is restricted based on user roles.

Protection of the TSF – The TOE protects itself to ensure the reliability and integrity of its security functions.  It protects its sensitive data from unauthorized access or modification.  It audits uses of its functions and provides mechanisms that ensure reliable time information is available.  It includes self-test functions in case it may be failing or become corrupt.  If any of the self-test fails the TOE will not be operational.  The TOE also includes digital signature mechanisms for verification of software updates before they are applied.

TOE Access – The TOE can be locked, obscuring its display by the user or after a configured interval of inactivity.  The TOE includes the capability to display an advisory message banner when users unlock the TOE for use.

Trusted Path/Channel – The TOE implements TLS/HTTPS to provide a trusted channel for communication with external IT entities.

Vendor Information

Infoblox Inc.
Bill Lane
Site Map              Contact Us              Home