NIAP: Assurance Continuity
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Product Entry  »»  Assurance Continuity  
Assurance Continuity - Aruba, a Hewlett Packard Enterprise Company 6200, 6300, 6400, 8320, 8325, 8360, and 8400 Switch Series

Date of Maintenance Completion:  2022.03.22

Product Type:    Network Device

Conformance Claim:  Protection Profile Compliant

PP Identifier:    collaborative Protection Profile for Network Devices Version 2.2e

Original Evaluated TOE:  2021.07.06 - Aruba, a Hewlett Packard Enterprise Company, 6200, 6300, 6400, 8320, 8325, 8360 and 8400 Switch Series

CC Certificate [PDF] Validation Report [PDF] Assurance Activity [PDF]

Administrative Guide [PDF]

Please note:  The above files are for the Original Evaluated TOE.  Consequently, they do not refer to this maintained version, although they apply to the maintained version. 

Security Target [PDF] * Assurance Continuity Maintenance Report [PDF] Administrative Guide [PDF]

Please note:  This serves as an addendum to the VR for the Original Evaluated TOE. 

* This is the Security Target (ST) associated with this latest Maintenance Release.  To view previous STs for this TOE, click here.

Readers are reminded that the certification of this product (TOE) is the result of maintenance, rather than an actual re-evaluation of the product.  Maintenance only considers the affect of TOE changes on the assurance baseline (i.e. the original evaluated TOE); maintenance is not intended to provide assurance in regard to the resistance of the TOE to new vulnerabilities or attack methods discovered since the date of the initial certificate.  Such assurance can only be gained through re-evaluation. 

Using a security impact analysis of the changes made to the TOE, which was provided by the developer, the CCEVS has determined that the impact of changes on the TOE are considered minor and that independent evaluator analysis was not necessary.  A summary of the results can be found in the Maintenance Report, which is written in relation to the product's original validation report and Security Target.  Readers are therefore reminded to read the Security Target, Validation Report, and the Assurance Maintenance Report to fully understand the meaning of what a maintained certificate represents. 

Product Description

Each of the changes to “Aruba, a Hewlett Packard Enterprise Company 6200, 6300, 6400, 8320, 8325, 8360, and 8400 Switch Series” fell into the following categorization:

Major Changes

None.

Minor Changes

The TOE was revised from the evaluated ArubaOS-CX version 10.06 to version 10.09.

1      Hardware changes – there were no hardware changes,

2      New non-security features, and

3      Bug Fixes.

Twenty-eight new features were introduced for functions that were outside the scope of the evaluation.

New Features

Assessment

CDP

The CDP protocol is outside the scope of the NDcPP22e evaluation.

DHCP Server

 

The TOE as a DHCP server is not part of the NDcPP22e evaluation.

SNMP

SNMP functions are outside the scope of the NDcPP22e evaluation.

New Commands

These commands only show non-NDcPP22e data.  All required commands were evaluated and documented.

Access Related Updates

 

All of these functions are outside the scope of the NDcPP22e evaluation.

Analytics

 

Analytics are outside the scope of the NDcPP22e evaluation.

QoS - Guaranteed Minimum Bandwidth

Quality of service metrics are outside the scope of the NDcPP22e evaluation.

Mirroring

Mirroring is outside the scope of the NDcPP22e evaluation.

NetEdit updates

 

NetEdit is an admin tool not included in the evaluation.

Radius

Radius servers were not included in the evaluation.

Telemetry

Analysis of telemetry data was not included in the evaluation.

VSF

Stacking was not included in the evaluation.

DNS

The TOE was not evaluated for DHCP functions.

Telnet

This is an added management function and was not considered in the NDcPP22e evaluation.

VLAN

VLAN client access is outside the scope of the NDcPP22e evaluation.

Device Fingerprinting

This is an added function and was not considered in the NDcPP22e evaluation.

Light Layer 3 Switch

 

This is an added function and was not considered in the NDcPP22e evaluation.

OSPF

The functions of the routing OSPF protocol was not considered in the NDcPP22e evaluation.

MAC Tables

The NDcPP22e SFRs do not address MACs.

Roles

These are added management functions not required in the evaluation.

Multi Domain Authentication

This is an added function and was not considered in the NDcPP22e evaluation.

Private VLANs

This is added functionality and not in the scope of an NDcPP22e evaluation.

Transceivers

This is an added function and was not considered in the NDcPP22e evaluation.

802.1X authentication

The 802.1X protocol was not in the NDcPP22e evaluation

ACLs

The ACL timer has no impact on the NDcPP22e requirements.

IP services

None of these IP Services are related to the NDcPP22e requirements.

Multicast

Multicast does not impact any requirements in the NDcPP22e evaluation. 

Routing

The NDcPP22e requirements do not address routing details so this is not applicable to the evaluation.

Miscellaneous

1.      Ensure configuration integrity.

2.      Limit concurrent users for web access.

3.      Added a CLI command (logging threshold) to enable/disable or change the logging threshold limit.

4.      Added a CLI command (show authentication locked-out users) to show locked out users.

5.      Provided a mechanism to limit admin access to audit log files.

6.      A switch now triggers an event log when the security logging exceeds a set threshold.

7.      Added the ability to access various logs through the CLI.

o   Idle timeout

o   Limit the number of remote access sessions

o   Audit services: Start audit services, record for authentication events for users, enable/disable of services

1.      This is an added feature that allows an admin to show a hash of the config if wanted. This was not needed to meet the NDcPP22e requirements.

2.      Not evaluated as part of the NDcPP22e evaluation.

3.      Not necessary to meet the NDcPP22e evaluation.

4.      Not necessary to meet the NDcPP22e evaluation.

5.      A new ‘security-group’ was added that is not used by default. Not evaluated as part of the NDcPP22e evaluation.

6.      This is added feature not necessary to meet the NDcPP22e evaluation

7.      This is added feature not necessary to meet the NDcPP22e evaluation

a.      Idle timeout – this log was always sent to syslog.

b.      This feature relates to the REST API which was not part of the evaluation.

c.      This feature made a cleaner distinction of the auditor role. This role was not covered by the NDcPP22e certification.

Twelve bug fixes were released for existing features that were outside the scope of the evaluation, or which did not directly impact any TOE security-related actions or operations.

Bug fix Category

Assessment

Port Access

Crash bugs

·   Restart interface bugs

·   Radius related issues

All port related bugs dealt with Radius servers which are not in the scope of the evaluation.

NTP

·   NTP does not take into account its source IP when the loopback interface is used

·   NTP not working properly with DHCP

The TOE was not evaluated as an NTP server.

Logging

·   Filename too long when moving

·   Incorrect permission on local logs

·   warning similar to Excessive write to coredump partition in module 1/2 observed. 7.07GB written over past 1 hour is logged in the event log

These are bugs with the local log.  None were noted during the NDcPP22e evaluation, and none had any effect on evaluation testing.

SNMP

There are several SNMP fixes, but that protocol was not in the NDcPP22e evaluation.

Routing protocols

There are several fixes related to the routing protocols.  Those are functional in nature and not considered in the NDcPP22e evaluation.

Radius/TACACS fixes

Authentication servers were not included in the NDcPP22e evaluation.

Interfaces

·   Denial of service on a restart

This results in a lack of access and does not pose an issue with the NDcPP22e evaluation.  A reboot reset the interface before the fix was in place.

802.1X authentication

There are several 802.1X authentication fixes but that protocol was not in the NDcPP22e evaluation.

Management related fixes

·   REST API updates

·   Diagnostic updates

·   Config file format updates (use Linux format)

·   Interfaces command displays extra information but works properly

 

These are management functions not included in the NDcPP22e evaluation. 

ACL

·   SNMP ACLs not functioning properly.

SNMP was not included in the evaluation.

Counters

·   The switch counts CRC errors and runt packets rather than reporting collisions properly

·   The switch reports collision errors or collision error counters increment incorrectly

The counters were not used in meeting the NDcPP22e requirements. As such, these changes have no impact on the evaluation results.

Bluetooth

·    The Bluetooth device name does not change when the switch hostname is changed, maintaining existing Bluetooth connections.

Bluetooth was not included in the evaluation

Vendor Information


Aruba, a Hewlett Packard Enterprise Company
Kevin Micciche
9165401250
aruba-product-security@hpe.com

www.arubanetworks.com
Site Map              Contact Us              Home