The Target of Evaluation (TOE) is Juniper Networks Security Appliances, a line of integrated security network devices combining firewall, virtual private networking (VPN), and traffic management functions. The TOE consists of one or more of the following security appliances running the specified ScreenOS firmware version: The TOE is administered via a command line interface (CLI). During normal operation, the CLI is accessed remotely over a Secure Shell (SSH) connection.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 3, July 2009. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 3, July 2009. Science Application International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the TOE is EAL 2 augmented with ALC_FLR.2. The TOE, configured as specified in the evaluated configuration guide, satisfies all of the security functional requirements stated in the Security Target. Validators on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed March 2012. Results of the evaluation can be found in the National Information Assurance Partnership Common Criteria Evaluation and Validation Scheme Validation Report Juniper Networks Security Appliances prepared by the CCEVS.
","environmental_strengths":"Juniper Networks Security Appliances provide a moderate to high level of independently assured security in a conventional TOE and are suitable for generalized environments with a low to medium level of risk to the applicable assets.
\r\nJuniper Networks Security Appliances support the following security functions:
\r\nSecurity Audit
\r\nAudit data is stored in memory and is separated into three types of logs: events; traffic logs; and self logs. Events are system-level notifications and alarms which are generated by the system to indicate events such as configuration changes, network attacks detected, or administrators logging in or out of the device. Traffic logs are directly driven by policies that allow traffic to go through the device. Self logs store information on traffic that is dropped and traffic that is sent to the device. Logs are protected and a searching/sorting mechanism of these logs is offered to administrators.
\r\nCryptographic Support
\r\nEach of the appliances comprising the TOE has completed FIPS 140-2 validation. All appliances support the use of AES with SSH using key sizes greater than or equal to 128-bits.
\r\nUser Data Protection
\r\nThe TOE enforces information flow control policies based on the concept of zones. Security policies are applied to the flow of information from network nodes in one zone to network nodes in other zones. These policies control interzone and intrazone information flows.
\r\nA zone is a logical abstraction on which a security appliance provides services that are typically configurable by the administrator. A zone can be a segment of network space to which security measures are applied (a security zone), a logical segment to which a VPN tunnel interface is bound (a tunnel zone), or either a physical or logical entity that performs a specific function (a function zone).
\r\nIdentification and Authentication
\r\nThe TOE provides an authentication mechanism for administrative users through an internal authentication database. Administrative login is supported at the local console for initial configuration, and remotely via an SSH protected communication channel.
\r\nA known administrator user id and its corresponding authentication data must be entered correctly in order for the administrator to successfully logon and thereafter gain access to administrative functions. For local authentication, all administrator user name and password pairs are managed in a database internal to the security appliance. Excessive failed login attempts while initiating a remote administration session can cause the session being created to be closed.
\r\nSecurity Management
\r\nAfter initial configuration, administrators manage the TOE remotely using a CLI communicating over the SSH protocol. The TOE also implements a web interface, but this is not part of the evaluated configuration.
\r\nTo execute the CLI, the administrator can establish a trusted SSH connection to the TOE and utilize the CLI offered through the SSH connection. Regardless of the interface, the authorized administrator must be successfully identified and authenticated before they are permitted to perform any security management functions on the TOE.
\r\nThe TOE supports distinct administrative roles: Root Administrator, Audit Administrator; Cryptographic Administrator; and Security Administrator. In addition to these administrative roles, an administrator may be given a read-write or read-only attribute that affects that administrator’s ability to change the device’s configuration data.
\r\nProtection of the TSF
\r\nThe TOE is a hardware and firmware device that protects itself largely by offering only a minimal logical interface to the network and attached nodes. ScreenOS is a special purpose OS that provides no general purpose programming capability. All network traffic from one network zone to another or between two networks within the same network zone passes through the TOE; however, no protocol services are provided for user communication with the security appliance itself. The TOE also utilizes a hardware clock to maintain and provide reliable time stamps.
","features":[]}