The Target of Evaluation (TOE) is the Aruba Networks, Inc. Virtual Intranet Access (VIA) Client Version 2.3.0.0.
\r\nThe TOE provides secure remote network connectivity for Linux, Android, and Windows mobile devices and workstations. The TOE is designed for two primary purposes:
\r\nThe TOE is a hybrid Internet Protocol Security (IPsec)/Secure Sockets Layer (SSL) VPN client available for multiple client operating systems. IPsec is the sole means of securing network traffic; SSL functionality involves encapsulation of IPsec inside HTTPS-formatted packets in order to traverse firewalls and proxies where required. SSL functionality is not included in this evaluation.
\r\nVIA can be downloaded directly from an Aruba Mobility Controller, pushed out using enterprise management tools, installed manually, or installed from the Google Play Store. An Aruba Mobility Controller is required to terminate connections from a VIA client – VIA is not a general-purpose VPN client that works with third-party VPN gateways.
","evaluation_configuration":"The evaluated configuration consists of the following:
\r\nAruba Virtual Intranet Access (VIA) client version 2.3.0.0. on the following platforms:
\r\nThe evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Aruba Virtual Intranet Access (VIA) Client was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 4. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 4. Gossamer Security Solutions determined that the evaluation assurance level (EAL) for the product is EAL 1. The product, when delivered and configured as identified in the Aruba Networks Federal Deployment Guide, 9/11/14, Revision: FDG-63-1-7-v5 document, satisfies all of the security functional requirements stated in the Aruba Networks, Inc. Virtual Intranet Access (VIA) Client Version 2.3 (IVPNCPP14) Security Target, Version 0.8, May 26, 2015. The project underwent CCEVS Validator review. The evaluation was completed in May 2015. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID10616-2015) prepared by CCEVS.
","environmental_strengths":"The logical boundaries of the Aruba Virtual Intranet Access (VIA) Client TOE are realized in the security functions that it implements. Each of these security functions is summarized below.
\r\nCryptographic Support - The IPsec implementation is the primary function of the TOE. IPSec is used by the TOE to protect communication between itself and a VPN Gateway over an unprotected network.
\r\nUser Data Protection - The TOE ensures that residual information is protected from potential reuse in accessible objects such as network packets.
\r\nIdentification and Authentication - The TOE provides the ability to use, store, and protect X.509 certificates and pre-shared keys that are used for IPsec Virtual Private Network (VPN) connections. In some cases, the storage and protection of X.509 certificates and keys is provided by the underlying operating system.
\r\nSecurity Management - The TOE provides all the interfaces necessary to manage the security functions identified throughout this Security Target. In particular, the IPsec VPN is fully configurable by a combination of functions provided directly by The TOE and those available to the associated VPN gateway.
\r\nTSF Protection - The TOE performs self-tests that cover the TOE as well as the functions necessary to securely update the TOE.
\r\nTrusted Path/Channels - The TOE acts as a VPN client using IPsec to established secure channels to corresponding VPN gateways.
","features":[]}