{"product_id":10585,"v_id":10585,"product_name":"Brocade Communications Systems, Inc. Brocade Directors and Switches operating with Fabric OS version 7.3.0","certification_status":"Certified","certification_date":"2015-03-25T00:00:00Z","tech_type":"Network Device, Network Switch, Router","vendor_id":{"name":"Brocade Communications Systems LLC A Broadcom Inc. Company","website":"www.broadcom.com"},"vendor_poc":"Chris Marks","vendor_phone":"408.333.4300","vendor_email":"marksc@brocade.com","assigned_lab":{"cctl_name":"Gossamer Security Solutions"},"product_description":"<p class=\"Body\">The Target of Evaluation (TOE) is the Brocade Communications Systems, Inc. Brocade Directors and Switches 7.3 family of products.&nbsp;</p>\r\n<p class=\"Body\">The Target of Evaluation (TOE) is the Brocade Directors and Switches 7.3.&nbsp; The various models of the TOE identified below differ in performance, form factor and number of ports, but all run the same FabricOS version 7.3.0a1 software.&nbsp;&nbsp; The TOE is available in three form factors:&nbsp;</p>\r\n<ol>\r\n<li>a rack-mount Director chassis with a variable number of blades and</li>\r\n<li>a self-contained switch appliance device.</li>\r\n</ol>\r\n<p class=\"Body\">Director models are composed of blades of several types.&nbsp; A &lsquo;director blade model&rsquo; is a control blade (CP8), a core switch blade (CR8 or CR4S-8, CR16-4, CR16-8), and port blades (FC8-16, FC8-32, FC8-48, FC8-64, FC16-32, FC16-48) or application blades (FX8-24).&nbsp; Control blades contain the control plane for the chassis.&nbsp; A core switch blade contains the ASICs for switching between port blades.&nbsp; A port blade supports various numbers of ports and speeds.&nbsp; Application blades provide additional capabilities such as FC over Ethernet.&nbsp; The DCX, DCX-4S, DCX 8510-4 and DCX 8510-8 require at least one control blade and one core blade to make the director operational.&nbsp;</p>\r\n<p class=\"Body\">Brocade Directors and Switches are hardware appliances that implement what is called a &ldquo;Storage Area Network&rdquo; or &ldquo;SAN&rdquo;. SANs provide physical connections between machines in the environment containing a type of network card called a Host Bus Adapter (HBA) that are located in the environment and storage devices such as disk storage systems and tape libraries that are also located in the environment. The network connection between the storage devices in the environment, the TOE, and HBAs in the environment use high-speed network hardware. SANs are optimized to transfer large blocks of data between HBAs and storage devices.&nbsp; SANs can be used to replace or supplement server-attached storage solutions, for example.</p>\r\n<p>HBAs communicate with the TOE using Fibre Channel (FC) or FC over IP (FCIP) protocols. Storage devices in turn are physically connected to the TOE using FC/FCIP interfaces. When more than one instance of the TOE is interconnected (i.e. installed and configured to work together), they are referred to collectively as a &ldquo;SAN fabric&rdquo;. A zone is a specified group of fabric-connected devices (called zone members) that have access to one another.</p>","evaluation_configuration":"<p class=\"Body\">The evaluated configuration consists of the Brocade Communications Systems, Inc. Brocade Directors and Switches operating with FabricOS version 7.3.0a1, including the following series and models:</p>\r\n<ul>\r\n<li>Director Blade Models: FC8-16, FC8-32, FC8-48, FC8-64, FC16-32, FC16-48, CP8, CR8, CR4S-8, CR16-4, CR16-8, FX8-24</li>\r\n<li>Director Models: DCX, DCX-4S, DCX 8510-4, DCX 8510-8</li>\r\n<li>Switch Appliance Models: 300, 6510, 6520, 7800, 7840.</li>\r\n</ul>","security_evaluation_summary":"<p>The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Brocade Directors and Switches 7.3 &nbsp;was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 4.&nbsp; The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 4.&nbsp; Gossamer Security Solutions determined that the evaluation assurance level (EAL) for the product is EAL 1.&nbsp; The product, when delivered and configured as identified in the Brocade &ndash; Fabric OS FIPS and Common Criteria Configuration Guide Supporting Fabric OS 7.3.0 for FIPS and 7.3.0a1 for Common Criteria, Publication #53-1003145-02, 13 February 2015 document, satisfies all of the security functional requirements stated in the Brocade Communications Systems, Inc. Brocade Directors and Switches 7.3 Security Target, Version 1.0, March 18, 2015.&nbsp; The project underwent CCEVS Validator review.&nbsp; The evaluation was completed in February 2015.&nbsp; Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID10585-2014) prepared by CCEVS</p>","environmental_strengths":"<p>The logical boundaries of the Brocade Directors and Switches 7.3 TOE are realized in the security functions that it implements. Each of these security functions is summarized below.</p>\r\n<p><strong>Security Audit</strong> - The TOE generates audit events for numerous activities including policy enforcement, system management and authentication. A syslog server in the environment is relied on to store audit records generated by the TOE.&nbsp; The TOE generates a complete audit record including the IP address of the TOE, the event details, and the time the event occurred.&nbsp; The time stamp is provided by the TOE appliance hardware. When the syslog server writes the audit record to the audit trail, it applies its own time stamp, placing the entire TOE-generated syslog protocol message MSG contents into an encapsulating syslog record.</p>\r\n<p><strong>Cryptographic Support</strong> - The TOE contains FIPS-certified cryptographic implementations that provide key management, random bit generation, encryption/decryption, digital signature and secure hashing and key-hashing features in support of higher level cryptographic protocols including SSH and TLS.</p>\r\n<p><strong>User Data Protection</strong> - While implementing SAN and HBA protocols, the TOE is carefully designed to ensure that it doesn&rsquo;t inadvertently release or leak residual data. When the TOE allocates a new buffer for either an incoming or outgoing a network packet, the new packet data will be used to overwrite any previous data in the buffer. If an allocated buffer exceeds the size of the packet, and additional space will be overwritten (padded) with zeros before the packet is forwarded (either to an external network of HBA or written to a storage device) on both Ethernet and FiberChannel connections.</p>\r\n<p class=\"Body\"><strong>Identification and Authentication</strong> - The TOE authenticates administrative users. In order for an administrative user to access the TOE, a user account including a user name and password must be created for the user, and an administrative role must be assigned. Either the TOE performs the validation of the login credentials or the information is passed to a RADIUS or LDAP Server to perform the validation and the TOE enforces the decision.&nbsp; The administrator can configure the order in which the external authentication provider and the local credentials are checked.</p>\r\n<p><strong>Security Management</strong> - The TOE provides both serial terminal- and Ethernet network-based management interfaces. Each of the three types of interfaces provides equivalent management functionality. The TOE provides administrative interfaces to configure hard zoning, as well as to set and reset administrator passwords. By default, host bus adapters do not have access to storage devices.</p>\r\n<p><strong>TSF Protection</strong> - The TOE implements a number of features design to protect itself to ensure the reliability and integrity of its security features. It protects particularly sensitive data such as stored passwords and cryptographic keys so that they are not accessible even by an administrator. It also provides its own timing mechanism to ensure that reliable time information is available (e.g., for log accountability). Note that the TOE is a single appliance, and as such, no intra-TOE communication is subject to any risks that may require special protection (e.g., cryptographic mechanisms). The TOE includes functions to perform self-tests so that it might detect when it is failing. It also includes mechanisms (i.e., verification of the digital signature of each new image) so that the TOE itself can be updated while ensuring that the updates will not introduce malicious or other unexpected changes in the TOE.</p>\r\n<p><strong>TOE Access</strong> - The TOE provides an IP Filter policy that is a set of rules applied to the IP management interfaces.&nbsp; These rules provide the ability to control how and to whom the TOE exposes the management services hosted on a switch.&nbsp; They cannot affect the management traffic that is initiated from a switch.&nbsp; The TOE limits the number of concurrent login sessions for users, such that the number of simultaneous login sessions for each role is limited.</p>\r\n<p><strong>Trusted Path/Channels</strong> - The TOE enforces a trusted path between the TOE administrators and the TOE using SSH and HTTPS connections for Ethernet connections from the Administrator terminal to the TOE. The TOE encrypts commands sent from terminal applications by administrators using SSH for the command line interface and HTTPS for the Advanced Web Tools GUI interface.</p>","features":[]}