NIAP: Assurance Continuity
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Product Entry  »»  Assurance Continuity  
Assurance Continuity - Aruba, a Hewlett Packard Enterprise Company 8320 8325 and 8400 Switch Series

Date of Maintenance Completion:  2019.04.05

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 2.0 + Errata 20180314

Original Evaluated TOE:  2018.10.30 - Aruba, a Hewlett Packard Enterprise Company 8320 and 8400 Switch Series

CC Certificate [PDF] Validation Report [PDF] Assurance Activity [PDF]

Administrative Guide [PDF]

Please note:  The above files are for the Original Evaluated TOE.  Consequently, they do not refer to this maintained version, although they apply to the maintained version. 

Security Target [PDF] * Assurance Continuity Maintenance Report [PDF] Admin Guide [PDF]

Please note:  This serves as an addendum to the VR for the Original Evaluated TOE. 

* This is the Security Target (ST) associated with this latest Maintenance Release.  To view previous STs for this TOE, click here.

Readers are reminded that the certification of this product (TOE) is the result of maintenance, rather than an actual re-evaluation of the product.  Maintenance only considers the affect of TOE changes on the assurance baseline (i.e. the original evaluated TOE); maintenance is not intended to provide assurance in regard to the resistance of the TOE to new vulnerabilities or attack methods discovered since the date of the initial certificate.  Such assurance can only be gained through re-evaluation. 

Using a security impact analysis of the changes made to the TOE, which was provided by the developer, the CCEVS has determined that the impact of changes on the TOE are considered minor and that independent evaluator analysis was not necessary.  A summary of the results can be found in the Maintenance Report, which is written in relation to the product's original validation report and Security Target.  Readers are therefore reminded to read the Security Target, Validation Report, and the Assurance Maintenance Report to fully understand the meaning of what a maintained certificate represents. 

Product Description

The changes are divided into two categories: new features and new hardware. The TOE has been revised from the evaluated ArubaOS-CX version 10.01 to version 10.02.The subsections below justify that changes to version 10.02 have no security relevance on the certified TOE.

The following table lists and describes each feature and provides supporting rationale regarding security relevance.

 

New Feature Description

Assessment

6in4 Tunnels - Support for tunneling IPv6 traffic in an IPv4 network

Tunneling of network traffic is outside the scope of the NDcPP. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

·         BGP connections over GRE tunnels

·         IPv6 multicast routing

·         Multi-protocol BGP (IPv6 routing)

·         Multicast routing - Loopback for RP and BSR is now supported for both IPv4 and IPv6.

·         Policy Based Routing (PBR) - a flexible feature for creating various routing decisions based on additional information in the packets.

Routing features are outside the scope of the NDcPP evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

Control plane ACLs - Control plane ACLs control access to the control plane

ACLs are outside the scope of the NDcPP evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

Egress queue shaping - limits the amount of traffic transmitted per output queue

Traffic limitations are outside the scope of the NDcPP evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

IPSLA – network monitoring

Network monitoring is outside the scope of the NDcPP evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

·         Mirror to CPU - adds the capability to mirror dataplane packets to the CPU for monitoring directly on the switch using Tshark.

·         Remote mirroring - uses GRE encapsulated mirrored frames to a destination network device

Mirroring is outside the scope of the NDcPP evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

·         NAE encrypted credentials - The Network Analytics Engine (NAE) now supports encrypted credentials for connecting to external services

·         NAE periodic callback actions - This feature introduces a new condition syntax to periodically execute a callback function for a given period of time. Using the Network Analytics Engine (NAE) python API, users can set callbacks to be called in regular intervals

·         NAE time series for external APIs-  Using Network Analytics Engine (NAE) period callback actions, an NAE agent can be created using an external API from another device or services.

The NAE was not included in the evaluated configuration. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

NTP master - allows the switch to act as the NTP master in the network

Evaluating the TOE as an NTP server was not part of the NDcPP evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

Object groups for ACLs - This feature enables the creation of named groups representing sets of IPv4 or IPv6 addresses and L4 port ranges. Object groups allow administrators to simplify their configurations

ACLs are outside the scope of the NDcPP evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

Rx Flow Control - Frames received on a port will pause sending egress packets. When the pause timer expires, the transmission of packets will proceed

Flow control is outside the scope of the NDcPP evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

Security- RADIUS accounting, PKI for syslog, and ServiceOS console password have been added to enhance security on

the switch.

RADIUS and syslog PKI– these were not in the scope of the NDcPP evaluation.

Service OS Password – this is the bootloader password. This is an added security feature but is not needed for the evaluation since the NDcPP assumes physical protection of the network device.

Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST .

Syslog over TLS - enables secure configuring of a syslog server with TLS security

TLS was not in the scope of the NDcPP evaluation. The syslog was protected with SSH in the evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

VLAN ACLs/Policies/Classifiers - ACLs, policies, and classifiers can now be applied to a VLAN interface.

VLANs are outside the scope of the NDcPP evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

VSX Features – Expands spanning tree interoperability

VSX is outside the scope of the NDcPP evaluation. Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

 

New Hardware:

Series Identifier

Hardware Models

Aruba 8325 Switch Series

JL624A - Aruba 8325-48Y8C 48p 25G SFP/+/28 8p 100G QSFP+/28 Front-to-Back 6 Fans and 2 PSU Bundle (JL635A chassis)

JL625A - Aruba 8325-48Y8C 48p 25G SFP/+/28 8p 100G QSFP+/28 Back-to-Front 6 Fans and 2 PSU Bundle (JL635A chassis)

JL626A - Aruba 8325-32C 32-port 100G QSFP+/QSFP28 Front-to-Back 6 Fans and 2 PSU Bundle (JL636A chassis)

JL627A - Aruba 8325-32C 32-port 100G QSFP+/QSFP28 Back-to-Front 6 Fans and 2 PSU Bundle (JL636A chassis)

 

 

The 8325 series uses a Xeon processor with the Broadwell microarchitecture. It runs the same software as the existing platforms and has the same interfaces as those already evaluated. As such, there are no security differences in this platform and the CAVP certificates remain valid.

Bug Fixes:

These defects were primarily functional in nature and none has any bearing on the security requirements in the evaluated ST.

The bug fixes are listed in the switch family related Release Notes.

 

Affected Developer Evidence:

CC Evidence

Evidence Change Summary

Aruba, a Hewlett Packard Enterprise Company 8320 and 8400 Switch Series (NDcPP20E) Security Target, version 1.0, 01/16/2018

Updated to identify the new hardware series and version number

Guidance Documentation:

·         Aruba, a Hewlett Packard Enterprise Company Common Criteria Admin Guide, Version 1.1, October 24, 2019

·         Release Notes to address version

·         Aruba, a Hewlett Packard Enterprise Company Common Criteria Admin Guide, Version 1.3, March 26, 2019

 

 

 

Regression Testing:

Aruba has performed regression testing on 10.02 on both the new and old platforms. All platforms in the ST have been subject to testing, and it was determined that the behavior of the TSF remained consistent with the testing during the original evaluation. This consistency confirms that the new features and bug fixes had no effect on any security-related functionality of the TOE.

 

Vulnerability Analysis:

A search of national sites was conducted for vulnerabilities related to the Aruba TOE.  The public search was updated 2/19/2019. No public vulnerabilities exist in the product.

 

Vendor Information

Logo
Aruba, a Hewlett Packard Enterprise Company
Susan Scotten
916-540-1109
susan.scotten@hpe.com

www.arubanetworks.com
Site Map              Contact Us              Home