The Target of Evaluation (TOE) is the Hewlett-Packard Company A-Series Family with Comware version 5.2. The following models were evaluated:
\r\n| \r\n Product Series \r\n | \r\n\r\n Specific Devices \r\n | \r\n
| \r\n HP A5120 Series Gigabit Ethernet Switches \r\n | \r\n\r\n HP A5120?24G EI 2?slot Switch \r\n | \r\n
| \r\n HP A5120?48G EI 2?slot Switch \r\n | \r\n|
| \r\n HP A5120?24G?PoE EI 2?slot Switch \r\n | \r\n|
| \r\n HP A5120?48G?PoE EI 2?slot Switch \r\n | \r\n|
| \r\n HP A5500 Series Gigabit Ethernet Switches \r\n | \r\n\r\n HP A5500?24G EI Switch \r\n | \r\n
| \r\n HP A5500?24G?PoE EI Switch \r\n | \r\n|
| \r\n HP A5500?24G?SFP EI Switch \r\n | \r\n|
| \r\n HP A5500?48G EI Switch \r\n | \r\n|
| \r\n HP A5500?48G?PoE EI Switch \r\n | \r\n|
| \r\n HP A5800 Series Flex Chassis Switches \r\n | \r\n\r\n HP A5800?24G?PoE Switch \r\n | \r\n
| \r\n HP A5800?24G Switch \r\n | \r\n|
| \r\n HP A5800?48G Switch with 2 Slots \r\n | \r\n|
| \r\n HP A5800?24G?SFP Switch \r\n | \r\n|
| \r\n HP A5800?48G?PoE Switch \r\n | \r\n|
| \r\n HP A5800?48G Switch \r\n | \r\n|
| \r\n HP A5820 Series 10-Gigabit Switches \r\n | \r\n\r\n HP A5820?24XG?SFP+ Switch \r\n | \r\n
| \r\n HP A5820?14XG?SFP+ 2?slot Switch \r\n | \r\n|
| \r\n HP A7500 Series Modular Core Switches \r\n | \r\n\r\n HP A7510 Switch Chassis \r\n | \r\n
| \r\n HP A7506 Switch Chassis \r\n | \r\n|
| \r\n HP A7506?V Switch Chassis \r\n | \r\n|
| \r\n HP A7503 Switch Chassis \r\n | \r\n|
| \r\n HP A7502 Switch Chassis \r\n | \r\n|
| \r\n HP A7503 1 Fabric Slot Switch Chassis \r\n | \r\n|
| \r\n HP A9500 Series Modular Core Switches \r\n | \r\n\r\n HP A9505 Switch Chassis \r\n | \r\n
| \r\n HP A9508?V Switch Chassis \r\n | \r\n|
| \r\n HP A9512 Switch Chassis \r\n | \r\n|
| \r\n HP A12500 Series Data Center Switches \r\n | \r\n\r\n HP A12518 Switch Chassis \r\n | \r\n
| \r\n HP A12508 Switch Chassis \r\n | \r\n
\r\n
The Target of Evaluation (TOE) is the Hewlett-Packard A-Series family of switches. The A-Series switches in the evaluated configuration include the A5120, A5500, A5800, A5820, A7500, A9500 and A12500 series. Each series of this family consists of a set of distinct devices which vary primarily according to power delivery, performance, and port density.
\r\nWhile most of the A-Series switches have fixed ports, they all support plug-in modules (or blades) that provide additional functionality (e.g., various numbers and types of network connection ports). With the exception of pluggable security blades, all of the available plug-in modules are included in the evaluated configuration (see below). The security blades offer additional advanced (e.g., firewall) security functions and are intended to be addressed in an alternate evaluation.
\r\nThe TOE can be deployed as a single A-Series device or alternately as a group of A-Series devices connected using the HP Intelligent Resilient Framework (IRF) technology to effectively form a logical switch device. The IRF technology requires that A-Series device be directly connected to one another using an IRF stack utilizing one or more dedicated Ethernet connections that are used to coordinate the overall logical switch configuration and also to forward applicable network traffic as necessary between attached devices.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Hewlett-Packard Company A-Series Switches TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 3. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is EAL 1. The product, when delivered configured as identified in the Preparative Procedures for CC NDPP Evaluated Hewlett-Packard A-Series Family, Revision 1.00, 03/18/2013 document, satisfies all of the security functional requirements stated in the Hewlett-Packard Company A-Series Switches Security Target (Version 1.0). The project underwent CCEVS Validator review. The evaluation was completed in April 2013. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report, (report number CCEVS-VR-10469-2013, dated April 2013) prepared by CCEVS.
","environmental_strengths":"The logical boundaries of the Hewlett-Packard Company A-Series Switches TOE are realized in the security functions that it implements. These security functions are realized at the network interfaces that service clients and via the administrator commands. Each of these security functions is summarized below.
\r\n\r\n
Security audit - The TOE is designed to be able to generate logs for a wide range of security relevant events. The TOE can be configured by an administrator to send the logs to a designated log server.
\r\n\r\n
Cryptographic support - The TOE includes a FIPS-certified cryptographic module that provides key management, random bit generation, encryption/decryption, digital signature and secure hashing and key-hashing features in support of higher level cryptographic protocols including IPSec and SSH.
\r\n\r\n
User data protection - The TOE performs a wide variety of network switching and routing functions, passing network traffic among its various physical and logical (e.g., VLAN) network connections. While implementing applicable network protocols associated with network traffic forwarding, the TOE is carefully designed to ensure that it doesn’t inadvertently reuse data found in network traffic.
\r\n\r\n
Identification and authentication - The TOE requires users (i.e., administrators) to be successfully identified and authenticated before they can access any security management functions available in the TOE. The TOE offers both a locally connected console as well as network accessible interfaces (SSHv2) for interactive administrator sessions.
\r\n\r\n
The TOE supports the local (i.e., on device) definition of administrators with usernames and passwords. Additionally, the TOE can be configured to utilize the services of trusted RADIUS and TACACS servers in the operational environment to support, for example, centralized user administration.
\r\nSecurity management- The TOE provides Command Line (CLI) commands to access the wide range of security management functions. Security management commands are limited to administrators only after they have provided acceptable user identification and authentication data to the TOE.
\r\n\r\n
Protection of the TSF- The TOE implements a number of features design to protect itself to ensure the reliability and integrity of its security features.
\r\n\r\n
It protects particularly sensitive data such as stored passwords and cryptographic keys so that they are not accessible even by an administrator. It also provides its own timing mechanism to ensure that reliable time information is available (e.g., for log accountability).
\r\nFrom a communication perspective it employs both dedicated communication channels (based on physically separate networks and VLAN technology) and also cryptographic means (e.g., to prevent replays) to protect communication between distributed TOE components as well as between TOE and other components in the operation environment (e.g., administrator workstations). Note that IRF communication is not considered communication between distributed TOE components, but rather is communication among collocated components that logically form an instance of the TOE. As such, since the the IRF communication channels are not protected using mechanisms such as encryption, they need to be as protected as the TOE devices themselves.
\r\nThe TOE includes functions to perform self-tests so that it might detect when it is failing. It also includes mechanisms so that the TOE itself can be updated while ensuring that the updates will not introduce malicious or other unexpected changes in the TOE.
\r\nResource utilization - The TOE can limit network connections in order to ensure that administrators will be able to connect when they need to perform security management operations on the TOE.
\r\nTOE access - The TOE can be configured to display an informative banner when an administrator establishes an interactive session and subsequently will enforce an administrator-defined inactivity timeout value after which the inactive session will be terminated.
\r\nTrusted path/channels - The TOE protects interactive communication with administrators using SSHv2 for CLI access. Both integrity and disclosure protection is ensured. The TOE protects communication with network peers, such as a log server, using IPSec connections and optionally using a dedicated VLAN to prevent unintended disclosure or modification of logs.
","features":[]}