The Target of Evaluation (TOE) is Hewlett-Packard (HP) Company 5900 Series, and 5920 Series both running Comware V7.1.045 Release 2311 P03, HP 10500 Series running Comware V7.1.045 Release 2111 P05, and HP 12500 Series Switches running Comware 7.1.045, Release 7328 P03. Each device in the TOE is a stand-alone gigabit Ethernet switch that implements network layers 2 and 3 switching, service and routing
\r\nThe various switches comprising the TOE are all gigabit Ethernet switch appliances that consist of hardware and software components. While the physical form factor of each distinct series is substantially different, the underlying hardware shares a similar architecture. The software shares a common code base of a modular nature, with only the modules applicable for the specific hardware installed. The devices which vary primarily according to power delivery, performance, and port density
\r\nBoth the 5900 and the 5920 switches have a fixed number of ports. The HP 5900 series comprises high-density 10 gigabit Ethernet (10GbE), ultra-low latency, top-of-rack switches, suited for deployment at the server access layer of a large enterprise data center or for deployment at the data center core layer of medium-sized enterprises. The HP 5920 series comprises a high-density 10 gigabit Ethernet (10GbE), ultra-deep packet buffering, top-of rack switch, suited for deployments at the server access layer of large enterprise data centers.
\r\nThe 10500 and 12500 Series support plug-in modules, which provide additional functionality (e.g., various numbers and types of network connection ports), and security blades, which offer additional advanced security functions (e.g., firewall). With the exception of pluggable security blades, all of the available plug-in modules are included in the evaluated configuration (see below). The security blades offer additional advanced (e.g., firewall) security functions and are intended to be addressed in an alternate evaluation.
\r\nThe HP 10500 series comprises gigabit Ethernet switches designed for enterprise campus core networks that provide 10GbE/40GbE port density. They support layer 2 switching, select layer 3 services, static layer 3 routing and provide dual IP stack to transition from IPv4 to IPv6. The HP 12500 series comprises routing switches with capacity for the network core or the data center and support IRF technology, allowing up to four 12500 switches to be grouped together and managed as a single switch with a single IP address. The 12500 series is intended for organizations contemplating large-scale data center or campus consolidations, business continuity and disaster recovery sites, metropolitan area network deployments, and other applications requiring a robust, high-performance switching platform.
","evaluation_configuration":"","security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Hewlett-Packard Hewlett-Packard Company 5900 Series, 5920 Series, 10500 Series, and 12500 Series Switches were judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 4. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 4. The product, when delivered and configured as identified in the Preparative Procedures for CC NDPP Evaluated Hewlett-Packard 5900 Series, 5920 Series, 10500 Series, and 12500 Series Switches on Comware V7 document, satisfies all of the security functional requirements stated in the Hewlett-Packard Company 5900 Series, 5920 Series, 10500 Series, and 12500 Series Switches Security Target, Version 1.0, 28 October 2014. The project underwent CCEVS Validator review. The evaluation was completed in November 2014. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
","environmental_strengths":"Security Audit
\r\nThe TOE is able to generate audit records of security relevant events. The TOE can be configured to store the audit records locally so they can be accessed by an administrator or alternately to send the audit records to a designated log server.
\r\nCryptographic Support
\r\nThe TOE includes NIST-validated cryptographic mechanisms that provide key management, random bit generation, encryption/decryption, digital signature and secure hashing and key-hashing features in support of higher level cryptographic protocols, including IPsec and SSHv2. Note that to be in the evaluated configuration, the TOE must be configured in FIPS mode, which ensures the TOE’s configuration is consistent with the FIPS 140-2 standard.
\r\nUser Data Protection
\r\nThe TOE performs network switching and routing functions, passing network traffic among its various physical and logical (e.g., VLAN) network connections. While implementing applicable network protocols associated with network traffic forwarding, the TOE is designed to ensure that it does not inadvertently reuse data found in network traffic.
\r\nIdentification and Authentication
\r\nThe TOE requires users (i.e., administrators) to be successfully identified and authenticated before they can access any security management functions available in the TOE. The TOE offers both a locally connected console and a network accessible interface (SSHv2) for interactive administrator sessions.
\r\nThe TOE supports the local (i.e., on device) definition of administrators with usernames and passwords. Additionally, the TOE can be configured to use the services of trusted RADIUS and TACACS servers in the operational environment to support, for example, centralized user administration.
\r\nSecurity Management
\r\nThe TOE provides a CLI to access its security management functions. Security management commands are limited to administrators and are available only after they have provided acceptable user identification and authentication data to the TOE.
\r\nProtection of the TSF
\r\nThe TOE implements a number of features designed to protect itself to ensure the reliability and integrity of its security features.
\r\nIt protects particularly sensitive data such as stored passwords and cryptographic keys so that they are not accessible even by an administrator. It also provides its own timing mechanism to ensure that reliable time information is available (e.g., for log accountability).
\r\nThe TOE uses cryptographic means to protect communication with remote administrators. When the TOE is configured to use the services of a Syslog server or authentication servers in the operational environment, the communication between the TOE and the operational environment component is protected using encryption.
\r\nThe TOE includes functions to perform self-tests so that it might detect when it is failing. It also includes mechanisms so that the TOE itself can be updated while ensuring that the updates will not introduce malicious or other unexpected changes in the TOE.
\r\nTOE Access
\r\nThe TOE can be configured to display an informative banner that will appear prior to authentication when accessing the TOE via the console or SSH interfaces. The TOE subsequently will enforce an administrator-defined inactivity timeout value after which the inactive session will be terminated.
\r\nTrusted Path/Channels
\r\nThe TOE protects interactive communication with administrators using SSHv2 for CLI access. Using SSHv2, both integrity and disclosure protection is ensured.
\r\nThe TOE protects communication with external IT entities, including audit and authentication servers, using IPsec connections, which prevent unintended disclosure or modification of data.
","features":[]}