{"product_id":11107,"v_id":11107,"product_name":"Red Hat Enterprise Linux 8.1","certification_status":"Certified","certification_date":"2021-01-04T00:00:00Z","tech_type":"Operating System","vendor_id":{"name":"Red Hat, Inc.","website":"http://www.redhat.com"},"vendor_poc":"Jaroslav Reznik","vendor_phone":"+420 532 294 645","vendor_email":"jreznik@redhat.com","assigned_lab":{"cctl_name":"Acumen Security"},"product_description":"<p><span style=\"text-align: justify;\">Red Hat&reg; Enterprise Linux&reg; is the world&rsquo;s leading enterprise Linux platform. It is an open source operating system (OS) that supports multiple users, user permissions, access controls, and cryptographic functionality.&nbsp;</span></p>","evaluation_configuration":"<p class=\"MsoNormal\" style=\"text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Red Hat&reg; Enterprise Linux&reg; is the world&rsquo;s leading enterprise Linux platform. It is an open source operating system (OS) that supports multiple users, user permissions, access controls, and cryptographic functionality. The TOE also supports (sometimes optionally) secure connectivity with several other IT environment devices as described in Table 1 below:</span></p>\r\n<div align=\"center\">\r\n<table class=\"MsoNormalTable\" style=\"width: 100.0%; border-collapse: collapse; border: none; mso-border-alt: solid windowtext .5pt; mso-yfti-tbllook: 480; mso-padding-alt: 0in 5.4pt 0in 5.4pt; mso-border-insideh: .5pt solid windowtext; mso-border-insidev: .5pt solid windowtext;\" border=\"1\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">\r\n<thead>\r\n<tr style=\"mso-yfti-irow: 0; mso-yfti-firstrow: yes;\">\r\n<td style=\"width: 115.95pt; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; background: #BFBFBF; mso-background-themecolor: background1; mso-background-themeshade: 191; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"175\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; text-align: center;\" align=\"center\"><a name=\"_Hlk1645487\"></a><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Component</span></strong></p>\r\n</td>\r\n<td style=\"width: 54.8pt; border: solid windowtext 1.0pt; border-left: none; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; background: #BFBFBF; mso-background-themecolor: background1; mso-background-themeshade: 191; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"83\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; text-align: center;\" align=\"center\"><span style=\"mso-bookmark: _Hlk1645487;\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Required</span></strong></span></p>\r\n</td>\r\n<td style=\"width: 296.75pt; border: solid windowtext 1.0pt; border-left: none; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; background: #BFBFBF; mso-background-themecolor: background1; mso-background-themeshade: 191; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"449\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; text-align: center;\" align=\"center\"><span style=\"mso-bookmark: _Hlk1645487;\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Usage/Purpose Description for TOE performance</span></strong></span></p>\r\n</td>\r\n</tr>\r\n</thead>\r\n<tbody>\r\n<tr style=\"mso-yfti-irow: 1;\">\r\n<td style=\"width: 115.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"175\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Workstation with SSH Client</span></span></p>\r\n</td>\r\n<td style=\"width: 54.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"83\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">No</span></span></p>\r\n</td>\r\n<td style=\"width: 296.75pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"449\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">This includes any IT Environment Management workstation with an SSH client installed that is used by the TOE users (including administrators) to remotely connect to the TOE through SSH protected channels. Any SSH client that supports SSHv2 may be used.</span></span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 2;\">\r\n<td style=\"width: 115.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"175\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Audit Server</span></span></p>\r\n</td>\r\n<td style=\"width: 54.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"83\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">No</span></span></p>\r\n</td>\r\n<td style=\"width: 296.75pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"449\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The audit server is used for remote storage of audit records that have been generated by and transmitted from the TOE.</span></span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 3; mso-yfti-lastrow: yes;\">\r\n<td style=\"width: 115.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"175\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Update Server</span></span></p>\r\n</td>\r\n<td style=\"width: 54.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"83\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Yes</span></span></p>\r\n</td>\r\n<td style=\"width: 296.75pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"449\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Provides the ability to check for updates to the TOE as well as providing signed updates.</span></span></p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n</div>\r\n<p class=\"MsoCaption\"><span style=\"mso-bookmark: _Hlk1645487;\"><a name=\"_Ref1676427\"></a><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Table </span></span><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-no-proof: yes;\">1</span></span><span style=\"mso-bookmark: _Hlk1645487;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\"> IT Environment Components</span></span></p>\r\n<h3 style=\"mso-list: none;\"><a name=\"_Toc17369621\"></a><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Physical Boundaries</span></h3>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\">The TOE itself does not have physical boundaries; however, the TOE was evaluated on the following hardware:</p>\r\n<div align=\"center\">\r\n<table class=\"MsoNormalTable\" style=\"width: 100.0%; border-collapse: collapse; border: none; mso-border-alt: solid windowtext .5pt; mso-yfti-tbllook: 480; mso-padding-alt: 0in 5.4pt 0in 5.4pt; mso-border-insideh: .5pt solid windowtext; mso-border-insidev: .5pt solid windowtext;\" border=\"1\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">\r\n<thead>\r\n<tr style=\"mso-yfti-irow: 0; mso-yfti-firstrow: yes;\">\r\n<td style=\"width: 94.25pt; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; background: #BFBFBF; mso-background-themecolor: background1; mso-background-themeshade: 191; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"142\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; text-align: center;\" align=\"center\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"font-size: 10.0pt; mso-bidi-font-size: 11.0pt; line-height: 106%; mso-bidi-font-family: Calibri;\">Vendor</span></strong></p>\r\n</td>\r\n<td style=\"width: 99.0pt; border: solid windowtext 1.0pt; border-left: none; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; background: #BFBFBF; mso-background-themecolor: background1; mso-background-themeshade: 191; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"150\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; text-align: center;\" align=\"center\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"font-size: 10.0pt; mso-bidi-font-size: 11.0pt; line-height: 106%; mso-bidi-font-family: Calibri;\">Model</span></strong></p>\r\n</td>\r\n<td style=\"width: 274.25pt; border: solid windowtext 1.0pt; border-left: none; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; background: #BFBFBF; mso-background-themecolor: background1; mso-background-themeshade: 191; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"415\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; text-align: center;\" align=\"center\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"font-size: 10.0pt; mso-bidi-font-size: 11.0pt; line-height: 106%; mso-bidi-font-family: Calibri;\">CPU</span></strong></p>\r\n</td>\r\n</tr>\r\n</thead>\r\n<tbody>\r\n<tr style=\"mso-yfti-irow: 1;\">\r\n<td style=\"width: 94.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"142\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Dell Inc.</span></p>\r\n</td>\r\n<td style=\"width: 99.0pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"150\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">PowerEdge R440</span></p>\r\n</td>\r\n<td style=\"width: 274.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"415\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Xeon Silver 42xx</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 2;\">\r\n<td style=\"width: 94.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"142\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Dell Inc.</span></p>\r\n</td>\r\n<td style=\"width: 99.0pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"150\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">PowerEdge R540</span></p>\r\n</td>\r\n<td style=\"width: 274.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"415\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Xeon Silver 42xx</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 3;\">\r\n<td style=\"width: 94.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"142\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Dell Inc.</span></p>\r\n</td>\r\n<td style=\"width: 99.0pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"150\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">PowerEdge R640</span></p>\r\n</td>\r\n<td style=\"width: 274.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"415\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Xeon Silver 42xx</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 4;\">\r\n<td style=\"width: 94.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"142\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Dell Inc.</span></p>\r\n</td>\r\n<td style=\"width: 99.0pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"150\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">PowerEdge R740</span></p>\r\n</td>\r\n<td style=\"width: 274.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"415\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Xeon Silver 42xx</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 5;\">\r\n<td style=\"width: 94.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"142\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Dell Inc.</span></p>\r\n</td>\r\n<td style=\"width: 99.0pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"150\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">PowerEdge R740XD</span></p>\r\n</td>\r\n<td style=\"width: 274.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"415\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Xeon Silver 42xx</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 6;\">\r\n<td style=\"width: 94.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"142\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Dell Inc.</span></p>\r\n</td>\r\n<td style=\"width: 99.0pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"150\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">PowerEdge 840</span></p>\r\n</td>\r\n<td style=\"width: 274.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"415\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Xeon Silver 42xx</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 7;\">\r\n<td style=\"width: 94.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"142\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Dell Inc.</span></p>\r\n</td>\r\n<td style=\"width: 99.0pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"150\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">PowerEdge 940</span></p>\r\n</td>\r\n<td style=\"width: 274.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"415\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Xeon Silver 42xx</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 8; mso-yfti-lastrow: yes;\">\r\n<td style=\"width: 94.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"142\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Dell Inc.</span></p>\r\n</td>\r\n<td style=\"width: 99.0pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"150\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">PowerEdge 940sa</span></p>\r\n</td>\r\n<td style=\"width: 274.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 5.4pt 0in 5.4pt;\" valign=\"top\" width=\"415\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; page-break-after: avoid;\"><span style=\"font-size: 10.0pt; line-height: 106%;\">Xeon Silver 42xx</span></p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n</div>\r\n<p class=\"MsoCaption\">Table 2 Evaluated Hardware</p>\r\n<p class=\"MsoNormal\">The Xeon Silver 4200 series processors are 2<sup>nd</sup> Generation Intel&reg; Xeon&reg; Scalable Processors and implement the Cascade Lake microarchitecture.</p>\r\n<p class=\"MsoNormal\">The TOE was tested on a PowerEdge R740 with a Xeon Silver 4216 CPU.</p>","security_evaluation_summary":"<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Red Hat Enterprise Linux 8.1 was evaluated is described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5.<span style=\"mso-spacerun: yes;\">&nbsp; </span>The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5.<span style=\"mso-spacerun: yes;\">&nbsp; </span>Acumen Security determined that the evaluation assurance level (EAL) for the product is EAL 1.<span style=\"mso-spacerun: yes;\">&nbsp; </span>The product, when delivered configured as identified in the Red Hat Enterprise Linux 8.1 CC Guidance, satisfies all of the security functional requirements stated in the Red Hat Enterprise Linux 8.1 Security Target. The project underwent CCEVS Validator review.<span style=\"mso-spacerun: yes;\">&nbsp; </span>The evaluation was completed in January 2021.<span style=\"mso-spacerun: yes;\">&nbsp; </span>Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.</span></p>","environmental_strengths":"<h3 style=\"mso-list: none;\"><a name=\"_Toc17369622\"></a><a name=\"_Toc412731272\"></a><a name=\"_Toc412634982\"></a><span style=\"mso-bookmark: _Toc412731272;\"><span style=\"mso-bookmark: _Toc17369622;\"><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Security Functions provided by the TOE</span></span></span></h3>\r\n<p class=\"MsoNormal\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE provides the security functionality required by [GPOSPP] and [SSHEP].</span></p>\r\n<h4 style=\"margin-left: 0in; text-indent: 0in; mso-list: l2 level2 lfo3;\"><!-- [if !supportLists]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\"><span style=\"mso-list: Ignore;\">3.1<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Security Audit</span></h4>\r\n<p class=\"MsoNormal\" style=\"text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE generates and stores audit events using the Lightweight Audit Framework (LAF). The LAF is designed to be an audit system making Linux compliant with the requirements from Common Criteria by intercepting all system calls and retrieving audit log entries from privileged user space applications. The framework allows configuring the events to be recorded from the set of all events that are possible to be audited. Each audit record contains the date and time of event, type of event, subject identity, user identity, and results (success/fail) of the action if applicable.</span></p>\r\n<h4 style=\"margin-left: -22.5pt; text-indent: 22.5pt; mso-list: l2 level2 lfo3;\"><!-- [if !supportLists]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\"><span style=\"mso-list: Ignore;\">3.2<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Cryptographic Support</span></h4>\r\n<p class=\"MsoNormal\" style=\"text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE provides a broad range of cryptographic support; providing SSHv2 and TLSv1.2 protocol implementations in addition to individual cryptographic algorithms.</span></p>\r\n<p class=\"MsoNormal\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The cryptographic services provided by the TOE are described below:</span></p>\r\n<div align=\"center\">\r\n<table class=\"MsoNormalTable\" style=\"border-collapse: collapse; mso-table-layout-alt: fixed; border: none; mso-border-alt: solid windowtext .5pt; mso-padding-alt: 0in 0in 0in 0in; mso-border-insideh: .5pt solid windowtext; mso-border-insidev: .5pt solid windowtext;\" border=\"1\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">\r\n<thead>\r\n<tr style=\"mso-yfti-irow: 0; mso-yfti-firstrow: yes; height: 5.85pt;\">\r\n<td style=\"width: 103.25pt; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; background: #D9D9D9; padding: 0in 0in 0in 0in; height: 5.85pt;\" valign=\"bottom\" width=\"156\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Cryptographic Protocol</span></strong></p>\r\n</td>\r\n<td style=\"width: 364.25pt; border: solid windowtext 1.0pt; border-left: none; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; background: #D9D9D9; padding: 0in 0in 0in 0in; height: 5.85pt;\" valign=\"top\" width=\"551\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Use within the TOE</span></strong></p>\r\n</td>\r\n</tr>\r\n</thead>\r\n<tbody>\r\n<tr style=\"mso-yfti-irow: 1; height: 6.8pt;\">\r\n<td style=\"width: 103.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"156\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">SSH Client</span></p>\r\n</td>\r\n<td style=\"width: 364.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"551\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE allows administrators and users to connect to remote SSH servers.</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 2; height: 6.8pt;\">\r\n<td style=\"width: 103.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"156\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">SSH Server</span></p>\r\n</td>\r\n<td style=\"width: 364.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"551\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE allows remote administrators to connect using SSH.</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 3; mso-yfti-lastrow: yes; height: 6.8pt;\">\r\n<td style=\"width: 103.25pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"156\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">TLS Client</span></p>\r\n</td>\r\n<td style=\"width: 364.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"551\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE connects to remote trusted IT entities using TLS.</span></p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n</div>\r\n<p class=\"MsoCaption\"><span style=\"font-size: 11.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Table 3 TOE Cryptographic Protocols</span></p>\r\n<p class=\"MsoNormal\" style=\"text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE includes three cryptographic libraries/implementations. Each of these cryptographic algorithms have been validated for conformance to the requirements specified in their respective standards, as identified below:</span></p>\r\n<div align=\"center\">\r\n<table class=\"MsoNormalTable\" style=\"border-collapse: collapse; mso-table-layout-alt: fixed; border: none; mso-border-alt: solid windowtext .5pt; mso-padding-alt: 0in 0in 0in 0in; mso-border-insideh: .5pt solid windowtext; mso-border-insidev: .5pt solid windowtext;\" border=\"1\" width=\"100%\" cellspacing=\"0\" cellpadding=\"0\">\r\n<thead>\r\n<tr style=\"mso-yfti-irow: 0; mso-yfti-firstrow: yes; page-break-inside: avoid; height: 5.85pt;\">\r\n<td style=\"width: 51.95pt; border: solid windowtext 1.0pt; mso-border-alt: solid windowtext .5pt; background: #D9D9D9; padding: 0in 0in 0in 0in; height: 5.85pt;\" valign=\"bottom\" width=\"79\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Algorithm </span></strong></p>\r\n</td>\r\n<td style=\"width: 83.2pt; border: solid windowtext 1.0pt; border-left: none; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; background: #D9D9D9; padding: 0in 0in 0in 0in; height: 5.85pt;\" valign=\"top\" width=\"126\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Related SFRs</span></strong></p>\r\n</td>\r\n<td style=\"width: 233.55pt; border: solid windowtext 1.0pt; border-left: none; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; background: #D9D9D9; padding: 0in 0in 0in 0in; height: 5.85pt;\" valign=\"top\" width=\"353\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">TOE Use</span></strong></p>\r\n</td>\r\n<td style=\"width: 98.8pt; border: solid windowtext 1.0pt; border-left: none; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; background: #D9D9D9; padding: 0in 0in 0in 0in; height: 5.85pt;\" valign=\"top\" width=\"149\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><strong style=\"mso-bidi-font-weight: normal;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">CAVP Certificate #</span></strong></p>\r\n</td>\r\n</tr>\r\n</thead>\r\n<tbody>\r\n<tr style=\"mso-yfti-irow: 1; page-break-inside: avoid; height: 6.8pt;\">\r\n<td style=\"width: 467.5pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" colspan=\"4\" valign=\"top\" width=\"707\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; text-align: center; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\" align=\"center\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">OpenSSL Version 1.1.1c with algorithm version rhel8.20190624cc</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 2; page-break-inside: avoid; height: 6.8pt;\">\r\n<td style=\"width: 51.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"79\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">AES</p>\r\n</td>\r\n<td style=\"width: 83.2pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"126\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_COP.1(1)</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_COP.1(1)/SSH</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHC_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHS_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_TLSC_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_STO_EXT.1</p>\r\n</td>\r\n<td style=\"width: 233.55pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"353\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SSH AES CBC and CTR modes with 128 and 256-bit keys</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS AES CBC and GCM modes with 128 and 256-bit keys</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">File Encryption using AES CBC with 128 and 256-bit keys</p>\r\n</td>\r\n<td style=\"width: 98.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"149\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">A796</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 3; page-break-inside: avoid; height: 6.8pt;\">\r\n<td style=\"width: 51.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"79\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">Diffie-Hellman</p>\r\n</td>\r\n<td style=\"width: 83.2pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"126\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_CKM.2</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHC_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHS_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_TLSC_EXT.1</p>\r\n</td>\r\n<td style=\"width: 233.55pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"353\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SSH Diffie-Hellman Group 14 Key Establishment</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS Diffie-Hellman Group 14 Key Establishment</p>\r\n</td>\r\n<td style=\"width: 98.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"149\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">N/A</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 4; page-break-inside: avoid; height: 6.8pt;\">\r\n<td style=\"width: 51.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"79\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">DRBG</span></p>\r\n</td>\r\n<td style=\"width: 83.2pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"126\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">FCS_DRBG_EXT.1</span></p>\r\n</td>\r\n<td style=\"width: 233.55pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"353\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">CTR_DRBG (AES-256)</span></p>\r\n</td>\r\n<td style=\"width: 98.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"149\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">A796</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 5; page-break-inside: avoid; height: 6.8pt;\">\r\n<td style=\"width: 51.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"79\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">ECDSA</p>\r\n</td>\r\n<td style=\"width: 83.2pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"126\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_CKM.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_COP.1(3)</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHC_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHS_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_TLSC_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_TLSC_EXT.2</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_TLSC_EXT.4</p>\r\n</td>\r\n<td style=\"width: 233.55pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"353\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SSH ECDSA P-256 and P-384 Host Key and User Key Generation</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SSH EC Diffie-Hellman P-256, P-384, and P-521 Key Generation</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SSH ECDSA P-256 and P-384 Host and User Signature Generation and Verification</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS ECDSA P-256, P-384, and P-521 Client Key Generation</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS EC Diffie-Hellman P-256, P-384, and P-521 Key Generation</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS ECDSA P-256, P-384, and P-521 Signature Generation and Verification</p>\r\n</td>\r\n<td style=\"width: 98.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"149\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">A796</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 6; page-break-inside: avoid; height: 6.8pt;\">\r\n<td style=\"width: 51.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"79\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">HMAC</p>\r\n</td>\r\n<td style=\"width: 83.2pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"126\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_COP.1(4)</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHC_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHS_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_TLSC_EXT.1</p>\r\n</td>\r\n<td style=\"width: 233.55pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"353\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SSH HMAC-SHA-256 and HMAC-SHA-512</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS HMAC-SHA-1, HMAC-SHA-256, and HMAC-SHA-384</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS HMAC-SHA-256 and HMAC-SHA-384 Key Derivation</p>\r\n</td>\r\n<td style=\"width: 98.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"149\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">A796</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 7; page-break-inside: avoid; height: 6.8pt;\">\r\n<td style=\"width: 51.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"79\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">KAS</p>\r\n</td>\r\n<td style=\"width: 83.2pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"126\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_CKM.2</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHC_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHS_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_TLSC_EXT.2</p>\r\n</td>\r\n<td style=\"width: 233.55pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"353\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SSH EC Diffie-Hellman P-256, P-384, and P-521 Key Establishment</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS EC Diffie-Hellman P-256, P-384, and P-521 Key Establishment</p>\r\n</td>\r\n<td style=\"width: 98.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"149\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">A796</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 8; page-break-inside: avoid; height: 6.8pt;\">\r\n<td style=\"width: 51.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"79\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">RSA</p>\r\n</td>\r\n<td style=\"width: 83.2pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"126\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_CKM.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_CKM.2</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_COP.1(3)</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHC_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHS_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_TLSC_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_TLSC_EXT.4</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FPT_TST_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FPT_TUD_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FPT_TUD_EXT.2</p>\r\n</td>\r\n<td style=\"width: 233.55pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"353\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SSH RSA 2048-bit, 3072-bit, and 4096-bit Host Key and User Key Generation</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SSH RSA 2048-bit, 3072-bit, and 4096-bit Host and User Signature Generation and Verification</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS RSA 2048-bit, 3072-bit, and 4096-bit Client Key Generation</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS RSA 2048-bit, 3072-bit, and 4096-bit Key Establishment (CAVP certificate is N/A)</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">TLS RSA 2048-bit, 3072-bit, and 4096-bit Signature Generation and Verification</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">Self-Test RSA 2048 Signature Verification</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">Trusted Update RSA 4096 Signature Verification</p>\r\n</td>\r\n<td style=\"width: 98.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"149\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">A796</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"mso-yfti-irow: 9; mso-yfti-lastrow: yes; page-break-inside: avoid; height: 6.8pt;\">\r\n<td style=\"width: 51.95pt; border: solid windowtext 1.0pt; border-top: none; mso-border-top-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"79\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SHS</p>\r\n</td>\r\n<td style=\"width: 83.2pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"126\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_COP.1(2)</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHC_EXT.1</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">FCS_SSHS_EXT.1</p>\r\n</td>\r\n<td style=\"width: 233.55pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"353\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SSH SHA-1, SHA-256, SHA-384, and SHA-512 Key Derivation</p>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\">SHA-1, SHA-256, SHA-384, and SHA-512 for Digital Signatures and HMACs</p>\r\n</td>\r\n<td style=\"width: 98.8pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; mso-border-top-alt: solid windowtext .5pt; mso-border-left-alt: solid windowtext .5pt; mso-border-alt: solid windowtext .5pt; padding: 0in 0in 0in 0in; height: 6.8pt;\" valign=\"top\" width=\"149\">\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt; mso-pagination: none; mso-layout-grid-align: none; text-autospace: none;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">A796</span></p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n</div>\r\n<p class=\"MsoCaption\"><a name=\"_Ref535271062\"></a><span style=\"font-size: 11.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Table </span><span style=\"font-size: 11.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin; mso-no-proof: yes;\">4</span><span style=\"font-size: 11.0pt; mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\"> CAVP Algorithm Testing References</span></p>\r\n<p class=\"MsoNormal\">The OpenSSL library provides the TLS Client function. The OpenSSL library also provides the cryptographic algorithms for the SSH Client, SSH Server, trusted update, and secure boot security functions.</p>\r\n<h4 style=\"margin-left: 0in; text-indent: 0in; mso-list: l2 level2 lfo3;\"><!-- [if !supportLists]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\"><span style=\"mso-list: Ignore;\">3.3<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">User Data Protection</span></h4>\r\n<p class=\"MsoNormal\" style=\"text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Discretionary Access Control (DAC) allows the TOE to assign owners to file system objects and Inter-Process Communication (IPC) objects. The owners are allowed to modify Unix-type permission bits for these objects to permit or deny access for other users or groups. The DAC mechanism also ensures that untrusted users cannot tamper with the TOE mechanisms.</span></p>\r\n<p class=\"MsoNormal\" style=\"text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE also implements POSIX Access Control Lists (ACLs) that allow the specification of the access to individual file system objects down to the granularity of a single user.</span></p>\r\n<h4 style=\"margin-left: -.25in; text-indent: .25in; mso-list: l2 level2 lfo3;\"><!-- [if !supportLists]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\"><span style=\"mso-list: Ignore;\">3.4<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Identification and Authentication</span></h4>\r\n<p class=\"MsoNormal\" style=\"text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">User identification and authentication in the TOE includes all forms of interactive login (e.g. using the SSH protocol or log in at the local console) as well as identity changes through the su or sudo command. These all rely on explicit authentication information provided interactively by a user.</span></p>\r\n<p class=\"MsoNormal\" style=\"text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The authentication security function allows password-based authentication. For SSH access, public-key-based authentication is also supported.</span></p>\r\n<p class=\"MsoNormal\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">Password quality enforcement mechanisms are offered by the TOE which are enforced at the time when the password is changed.</span></p>\r\n<h4 style=\"margin-left: -.5in; text-indent: .5in; mso-list: l2 level2 lfo3;\"><!-- [if !supportLists]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\"><span style=\"mso-list: Ignore;\">3.5<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Security Management</span></h4>\r\n<p class=\"MsoNormal\" style=\"text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The security management facilities provided by the TOE are usable by authorized users and/or authorized administrators to modify the configuration of TSF.</span></p>\r\n<h4 style=\"margin-left: 0in; text-indent: 0in; mso-list: l2 level2 lfo3;\"><!-- [if !supportLists]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\"><span style=\"mso-list: Ignore;\">3.6<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Protection of the TSF</span></h4>\r\n<p class=\"MsoNormal\" style=\"text-align: justify;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE implements self-protection mechanisms that protect the security mechanisms of the TOE as well as software executed by the TOE. The following self-protection mechanisms are implemented and enforced:</span></p>\r\n<p class=\"MsoListParagraphCxSpFirst\" style=\"margin-bottom: 8.0pt; mso-add-space: auto; text-indent: -.25in; mso-list: l1 level1 lfo2;\"><!-- [if !supportLists]--><span style=\"font-size: 11.0pt; mso-bidi-font-size: 10.0pt; font-family: Symbol; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol;\"><span style=\"mso-list: Ignore;\">&middot;<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-size: 11.0pt; mso-bidi-font-size: 10.0pt; font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Address Space Layout Randomization for user space code.</span></p>\r\n<p class=\"MsoListParagraphCxSpMiddle\" style=\"margin-bottom: 8.0pt; mso-add-space: auto; text-indent: -.25in; mso-list: l1 level1 lfo2;\"><!-- [if !supportLists]--><span style=\"font-size: 11.0pt; mso-bidi-font-size: 10.0pt; font-family: Symbol; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol;\"><span style=\"mso-list: Ignore;\">&middot;<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-size: 11.0pt; mso-bidi-font-size: 10.0pt; font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Stack buffer overflow protection using stack canaries.</span></p>\r\n<p class=\"MsoListParagraphCxSpMiddle\" style=\"margin-bottom: 8.0pt; mso-add-space: auto; text-indent: -.25in; mso-list: l1 level1 lfo2;\"><!-- [if !supportLists]--><span style=\"font-size: 11.0pt; mso-bidi-font-size: 10.0pt; font-family: Symbol; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol;\"><span style=\"mso-list: Ignore;\">&middot;<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-size: 11.0pt; mso-bidi-font-size: 10.0pt; font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Secure Boot ensuring that the boot chain up to and including the kernel together with the boot image (initramfs) is not tampered with.</span></p>\r\n<p class=\"MsoListParagraphCxSpMiddle\" style=\"margin-bottom: 8.0pt; mso-add-space: auto; text-indent: -.25in; mso-list: l1 level1 lfo2;\"><!-- [if !supportLists]--><span style=\"font-size: 11.0pt; mso-bidi-font-size: 10.0pt; font-family: Symbol; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol;\"><span style=\"mso-list: Ignore;\">&middot;<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-size: 11.0pt; mso-bidi-font-size: 10.0pt; font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Updates to the operating system are only installed after their signatures have been successfully validated.</span></p>\r\n<p class=\"MsoListParagraphCxSpLast\" style=\"text-indent: -.25in; mso-list: l1 level1 lfo2;\"><!-- [if !supportLists]--><span style=\"font-size: 11.0pt; mso-bidi-font-size: 10.0pt; font-family: Symbol; mso-fareast-font-family: Symbol; mso-bidi-font-family: Symbol;\"><span style=\"mso-list: Ignore;\">&middot;<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-size: 11.0pt; mso-bidi-font-size: 10.0pt; font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Application Whitelisting restricts execution to known/trusted applications.</span></p>\r\n<h4 style=\"margin-left: 0in; text-indent: 0in; mso-list: l2 level2 lfo3; tab-stops: 4.5pt;\"><!-- [if !supportLists]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\"><span style=\"mso-list: Ignore;\">3.7<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">TOE Access</span></h4>\r\n<p class=\"MsoNormal\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE displays informative banners before users are allowed to establish a session.</span></p>\r\n<h4 style=\"margin-left: 0in; text-indent: 0in; mso-list: l2 level2 lfo3;\"><!-- [if !supportLists]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-fareast-font-family: Calibri; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\"><span style=\"mso-list: Ignore;\">3.8<span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </span></span></span><!--[endif]--><span style=\"font-family: 'Calibri',sans-serif; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin; mso-bidi-theme-font: minor-latin;\">Trusted Path/Channels</span></h4>\r\n<p class=\"MsoNormal\" style=\"margin-bottom: .0001pt;\"><span style=\"mso-bidi-font-family: Calibri; mso-bidi-theme-font: minor-latin;\">The TOE supports TLSv1.2 and SSHv2 to secure remote communications.<span style=\"mso-spacerun: yes;\">&nbsp; </span>Both protocols may be used for communications with remote IT entities. Remote administration is only supported using SSHv2.</span></p>","features":[]}