{"product_id":11436,"v_id":11436,"product_name":"KlasOS Keel 5.4.0","certification_status":"Certified","certification_date":"2024-07-16T00:00:00Z","tech_type":"Firewall, Network Device","vendor_id":{"name":"Anduril","website":"https://www.klasgroup.com"},"vendor_poc":"Toby Stidham","vendor_phone":"657-791-0983","vendor_email":"tstidham@anduril.com","assigned_lab":{"cctl_name":"Acumen Security"},"product_description":"

The TOE is KlasOS Keel 5.4.0 running on the VoyagerVMm, TRX R2 and Voyager VM3.0 platforms (herein referred to as the TOE). It runs the KlasOS Keel 5.4.0 firmware combining both connectivity and local compute capabilities. Network connectivity includes ethernet and SDWAN. Computing and firewall capabilities are combined in one unit. This provides users with cloud connectivity when necessary and local processing power for analytics when there is no backhaul. Administration can be performed locally or over a trusted SSH channel. 

","evaluation_configuration":"

All testing was conducted on the TRX, VM3 and VMM TOE models outlined in the Security Target. The final version of the TOE software running on the devices is KlasOS.keel.v5.4.0rc7.bin. Testing took place at the Acumen Security offices located at 2400 Research Blvd Suite #395, Rockville, MD 20850. Testing occurred from May 2023 through July 2024.

","security_evaluation_summary":"

The TOE provides the security functions required by the Collaborative Protection Profile for Network Devices, hereafter referred to as NDcPP v2.2e or NDcPP. In addition, the TOE provides security functions for the PP-Configuration for Network Devices and Stateful Traffic Filter Firewalls. The TOE implements the following security requirements:

\r\n

 

\r\n","environmental_strengths":"

The TOE supports local and remote management of its security functions including:

\r\n\r\n

 

\r\n

The administrative user can perform all the above security-related management functions.

","features":[{"id":3628,"feature_name":"Asymmetric Key Generation"},{"id":3627,"feature_name":"Auditing"},{"id":3643,"feature_name":"Certificate Authentication"},{"id":3644,"feature_name":"Certificate Validation"},{"id":3631,"feature_name":"Cryptographic Hashing"},{"id":3629,"feature_name":"Cryptographic Key Establishment"},{"id":3633,"feature_name":"Cryptographic Signature Generation"},{"id":3634,"feature_name":"Cryptographic Signature Verification"},{"id":3626,"feature_name":"DRBG"},{"id":3639,"feature_name":"DTLS 1.2"},{"id":3636,"feature_name":"DTLS Client"},{"id":3635,"feature_name":"DTLS Server with Mutual Authentication"},{"id":3625,"feature_name":"Firewall"},{"id":3641,"feature_name":"HTTPS Server without Mutual Authentication"},{"id":3630,"feature_name":"Key Destruction"},{"id":3632,"feature_name":"Keyed-hash message authentication"},{"id":3645,"feature_name":"Network Device"},{"id":3646,"feature_name":"SD-WAN"},{"id":3642,"feature_name":"SSH Client"},{"id":3640,"feature_name":"SSH Server"},{"id":3638,"feature_name":"TLS 1.2"},{"id":3637,"feature_name":"TLS Server without Mutual Authentication"}]}