NIAP: Assurance Continuity
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Product Entry  »»  Assurance Continuity  
Assurance Continuity - Cisco AnyConnect Secure Mobility Client v4.7 for Apple iOS 11.2

Date of Maintenance Completion:  2019.02.11

Product Type:    Virtual Private Network

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for IPsec Virtual Private Network (VPN) Clients Version 1.4

Original Evaluated TOE:  2018.06.08 - Cisco AnyConnect Secure Mobility Client v4.6 for Apple iOS

CC Certificate [PDF] Validation Report [PDF] Assurance Activity [PDF]

Administrative Guide [PDF]

Please note:  The above files are for the Original Evaluated TOE.  Consequently, they do not refer to this maintained version, although they apply to the maintained version. 

Security Target [PDF] * Assurance Continuity Maintenance Report [PDF]

Please note:  This serves as an addendum to the VR for the Original Evaluated TOE. 

* This is the Security Target (ST) associated with this latest Maintenance Release.  To view previous STs for this TOE, click here.

Readers are reminded that the certification of this product (TOE) is the result of maintenance, rather than an actual re-evaluation of the product.  Maintenance only considers the affect of TOE changes on the assurance baseline (i.e. the original evaluated TOE); maintenance is not intended to provide assurance in regard to the resistance of the TOE to new vulnerabilities or attack methods discovered since the date of the initial certificate.  Such assurance can only be gained through re-evaluation. 

Using a security impact analysis of the changes made to the TOE, which was provided by the developer, the CCEVS has determined that the impact of changes on the TOE are considered minor and that independent evaluator analysis was not necessary.  A summary of the results can be found in the Maintenance Report, which is written in relation to the product's original validation report and Security Target.  Readers are therefore reminded to read the Security Target, Validation Report, and the Assurance Maintenance Report to fully understand the meaning of what a maintained certificate represents. 

Product Description

The changes are divided into two categories: new features and bugfixes. The subsections below justify that changes to version 4.7 have no security relevance on the certified TOE.
 
New Features: The following table lists and describes each feature and provides supporting rationale regarding security relevance.
 

Feature

Analysis and Supporting Rationale

Managing NSUserDefault for External Control usage

NSUserDefault is platform provided programmatic interface used to persist small amounts of data between launches of an application, for example, sound settings and preferred screen orientations. This does not apply to any security credentials.

Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

Sharing AnyConnect logs via iOS Share Extension

 

This new feature does not directly correlate to a TOE Security function in the Security Target.  However, since log file may contain TSF data, a warning was added to AGD section 4.6 to not share AnyConnect app log files outside of the protection provided by the mobile platform.

Support for SAML authentication

SAML authentication does not apply to the IPsec VPN client.

Support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

VPN TLS ECDSA client certificate support

New support for TLS ECDSA client certificate is only applicable to SSL VPN.  The VPN Client permits only IPsec VPN.

Therefore, support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.

Support for DTLSv1.2

New support for DTLS 1.2 is only applicable to SSL VPN.  The VPN Client permits only IPsec VPN.

Therefore, support for this feature does not impact the TOE security functions, and the functional capabilities of the features are not claimed as security functionality in the ST.



 

Bug Fixes The fixes listed in the table below do not directly apply to the TSF or fell out of the scope of evaluated functionality.   

Identifier

Description of the Issue

Analysis and Supporting Rationale

CSCvn30076

AC Network Extension logs not always retrieved

The Network Extension logs are outside of the TOE evaluated configuration.  In addition, the bug fix corrects a specific situation where those logs are not accessible which is only when the extension is launched via On Demand or Per-App.  This also does not apply to the TOE.   Therefore, this bug fix does not impact TOE security functions.

CSCvm94880

No biometric prompt when TouchID enabled for certificate.  User should get TouchID or FaceID prompt when certificate is protected, and finger or face is enrolled.

This issue applies to iOS 12.  It is not an issue for iOS 11.2, which is the mobile platform the AnyConnect TOE was certified on. 

Therefore, this bug fix does not impact TOE security functions.

CSCvn00655

AnyConnect app doesn't rotate on the new iPhone devices (XS/XR/XS Max).

App orientation does not have a security impact to the TOE.  In addition, iPhone XS/SR/XS Max are not the devices the AnyConnect TOE was certified on.

Therefore, this bug fix does not impact TOE security functions.

CSCvb78548

VPN Fails to transition from Wi-Fi to Cellular using T-Mobile IPv6 Network.

This issue is only applicable to SSL VPN.  The VPN Client permits only IPsec VPN.

Therefore, this bug fix does not impact TOE security functions.

CSCvi79881

AC Apple iOS stuck in Examining System when roaming between IPv4 only <-> IPv6 only network

This issue is only applicable to SSL VPN.  The VPN Client permits only IPsec VPN.

Therefore, this bug fix does not impact TOE security functions.

CSCvm96366

Installing per-app VPN using MDM to push the profile. Users see a one-time pop-up

This per app VPN issue applies only to SSL VPN.  This issue does not apply to IPsec, which the VPN Client PP requires.

Therefore, this bug fix does not impact TOE security functions.

CSCvm12157

SVC Message: 17/ERROR: Reconnecting to recover from error.

The message falsely indicated an 'Error' when in fact there was not.  In addition, this issue is only applicable to SSL VPN.  The VPN Client permits only IPsec VPN.

Therefore, this bug fix does not impact TOE security functions.

Affected Developer Evidence:  None

Regression Testing:  The vendor performed regression testing to ensure correct operation of the updated software as a matter of course. Each individual change was unit tested, and the 4.7 software image has had a limited amount of automated regression testing covering all major areas of baseline client functionality. This regression testing was conducted on both the evaluated Apple iOS 11.2 version, and on subsequent versions of Apple iOS.
 
In addition, the developer confirmed the changed TOE conforms to NIAP Policy 5.  The operational environment under which the validated cryptographic algorithm implementation was tested is the same as the operational environment for the changed TOE.  Therefore, the cryptographic algorithm implementation validated for CAVP conformance also applies to the changed TOE.
 
Vulnerability Analysis:  A search of the following national sites was conducted for vulnerabilities related to the Cisco AnyConnect 4.7 TOE.  There were no vulnerabilities found for AnyConnect v4.7 iOS.

  • National Vulnerability Database:  https://nvd.nist.gov
  • US-CERT:  https://www.us-cert.gov
  • Security Focus:  www.securityfocus.com

The following key words, product, and vendor were each selected for search criteria:

Product:

  • AnyConnect Secure Mobility Client for iOS

Vendor:

  • Cisco

 
Since the evaluation was completed, several minor updates of Apple iOS have been released as normal maintenance updates to the previously-evaluated Apple 11.2 iOS. Each of those updates included security-related fixes. All publicly disclosed vulnerabilities applicable to the TOE since the evaluation have been mitigated in the subsequent maintenance updates.

Vendor Information

Logo
Cisco Systems, Inc.
Rick West
978-936-6155
rickwes@cisco.com

cisco.com
Site Map              Contact Us              Home