{"product_id":11023,"v_id":11023,"product_name":"SonicWall Secure Mobile Access (SMA) v12.1","certification_status":"Certified","certification_date":"2020-07-13T00:00:00Z","tech_type":"Network Device","vendor_id":{"name":"SonicWall, Inc.","website":"www.sonicwall.com"},"vendor_poc":"Lawrence Wagner","vendor_phone":"1-888-557-6642","vendor_email":"lwagner@SonicWall.com","assigned_lab":{"cctl_name":"CygnaCom Solutions, Inc"},"product_description":"<p class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">The SonicWall Secure Mobile Access (SMA) v12.1 appliance functions as a remote access gateway operating as an intermediary device between end users on client devices and network resources residing on internal network.<span style=\"mso-spacerun: yes;\">&nbsp; </span>The appliance provides multiple access methods for end users or client devices to remotely access internal network resources from untrusted external networks. The SMA administrator configures policies comprised of security rules operating on users and targeting resources that must be satisfied in order to establish remote access.</span></p>","evaluation_configuration":"<p class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">The TOE, SonicWall SMA v12.1, is offered as SMA 6210 and SMA 7210 appliances. The TOE consists of both hardware and software components. The SMA 6210 and SMA 7210 are identical except for CPU, RAM, and SFP+ ports.</span></p>","security_evaluation_summary":"<p class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. The TOE was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 3.1 R5. </span></p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 R5.</span></p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\"><span style=\"mso-ascii-font-family: Calibri; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: 'Times New Roman'; mso-hansi-font-family: Calibri; mso-hansi-theme-font: minor-latin; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Cygnacom Solutions has determined that the product meets the security criteria in the Security Target, which specifies compliance with </span><em style=\"mso-bidi-font-style: normal;\"><span style=\"mso-ascii-font-family: Calibri; mso-ascii-theme-font: minor-latin; mso-hansi-font-family: Calibri; mso-hansi-theme-font: minor-latin; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">U.S. Government Standard Collaborative Protection Profile for Network Devices, September 2018, Version 2.1</span></em><span style=\"mso-ascii-font-family: Calibri; mso-ascii-theme-font: minor-latin; mso-hansi-font-family: Calibri; mso-hansi-theme-font: minor-latin; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">.</span></span></p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; line-height: normal;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">The project underwent CCEVS Validator review.<span style=\"mso-spacerun: yes;\">&nbsp; </span>The evaluation was completed in July 2020.<span style=\"mso-spacerun: yes;\">&nbsp; </span>Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11023-2020) prepared by CCEVS.</span></p>","environmental_strengths":"<p class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">The TOE is the SonicWall Secure Mobile Access (SMA) v12.1 which in the evaluated configuration consists of SMA 6210 and SMA 7210 appliances. SMA is an access gateway that enables an organization to provide anytime, anywhere and any device access to any internal application. TOE consists of a hardware appliance with embedded software components. </span></p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">All SMA appliances are shipped ready for immediate access through a Command Line Interface (CLI) and after basic network configuration through a web-based Appliance Management Console (AMC). However, to ensure secure use the product must be configured prior to being put into production environment as specified in the user guidance.</span></p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">The TOE is designed to provide the following functionalities:</span></p>\r\n<ul style=\"margin-top: 0in;\" type=\"disc\">\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level1 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Security Audit</span></li>\r\n<ul style=\"margin-top: 0in;\" type=\"circle\">\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Audit record generation for security-relevant events</span></li>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Interoperability with a remote audit server</span></li>\r\n</ul>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level1 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Cryptographic Support</span></li>\r\n<ul style=\"margin-top: 0in;\" type=\"circle\">\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Validated cryptographic algorithms</span></li>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Destruction of cryptographic keys</span></li>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Entropy generation</span></li>\r\n</ul>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level1 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Identification and Authentication</span></li>\r\n<ul style=\"margin-top: 0in;\" type=\"circle\">\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Authentication failure policies</span></li>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Password management policies</span></li>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Password and certificate-based authentication</span></li>\r\n</ul>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level1 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Security Management</span></li>\r\n<ul style=\"margin-top: 0in;\" type=\"circle\">\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Local and remote administration</span></li>\r\n</ul>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level1 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Protection of the TOE Security Function (TSF)</span></li>\r\n<ul style=\"margin-top: 0in;\" type=\"circle\">\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Self-testing on power-up</span></li>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Trusted update</span></li>\r\n</ul>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level1 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">TOE Access</span></li>\r\n<ul style=\"margin-top: 0in;\" type=\"circle\">\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Role-based access control</span></li>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Session timeout and lockout</span></li>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Access banner</span></li>\r\n</ul>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level1 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Trusted Path/Channels</span></li>\r\n<ul style=\"margin-top: 0in;\" type=\"circle\">\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Secure channel for remote administrators</span></li>\r\n<li class=\"MsoNormal\" style=\"margin-bottom: 6.0pt; line-height: normal; mso-list: l0 level2 lfo1;\"><span style=\"font-family: 'times new roman', times, serif; font-size: 12pt;\">Secure channel for authorized IT entities</span></li>\r\n</ul>\r\n</ul>","features":[]}