The Catalyst 9300/9300L/9400/9500/9600 Series Switches 17.12 Target of Evaluation (TOE) is a purpose-built, switching and routing platform enabling connected devices to communicate over a network at layer 2 or 3. The TOE provides Administrative control and management of the network. For communicating with other network devices, the TOE provides AES-128 and AES-256 MACsec encryption. The TOE also provides Layer 3 capabilities, including OSPF, EIGRP, ISIS, RIP, and routed access.
","evaluation_configuration":"Deployment of the TOE in its evaluated configuration consists of at least one TOE switch model following the CC installation and configuration guidance document (AGD). The TOE has two or more network interfaces and is connected to at least one internal and one external network. The Cisco IOS-XE configuration determines how packets are handled to and from the TOE’s network interfaces. The switch configuration will determine how traffic flows received on an interface will be handled. Typically, packet flows are passed through the internet working device and forwarded to their configured destination.
\r\nThe Cisco Catalyst 9300/9300L/9400/9500/9600 Series Switches 17.12 TOE is composed of hardware and software with the following specifications:
\r\n| \r\n Series \r\n | \r\n\r\n Models \r\n | \r\n
| \r\n Catalyst 9300 \r\nHardware Models: \r\n | \r\n\r\n Chassis: \r\nC9300-24T, C9300-48T, C9300-24P, C9300-48P, C9300-24U, C9300-48U, C9300-24UX, C9300-48UXM, C9300-48UN, C9300-24S, C9300-48S, C9300D-24UB, C9300D-48UB, C9300D-24UXB, C9300-24H, C9300-48H \r\nWith the following network modules: \r\nC9300-NM-4G, C9300-NM-8X, C9300-NM-2Q, C9300-NM-4M, C9300-NM-2Y \r\n | \r\n
| \r\n Catalyst 9300L \r\nHardware Models: \r\n | \r\n\r\n Chassis: \r\nC9300L-24T-4G, C9300L-48T-4G, C9300L-24P-4G, C9300L-48P-4G, \r\nC9300L-24T-4X, C9300L-48T-4X, C9300L-24P-4X, C9300L-48P-4X, \r\nC9300L-48PF-4G, C9300L-48PF-4X, C9300L-24UXG-4X, C9300L-24UXG-2Q, C9300L-48UXG-4X, C9300L-48UXG-2Q \r\n | \r\n
| \r\n Catalyst 9400 \r\nHardware Models: \r\n | \r\n\r\n Chassis: \r\nC9404R, C9407R, C9410R \r\nWith the following Supervisor models: \r\nC9400-SUP-1, C9400-SUP-1XL, C9400-SUP-1XL-Y \r\nWith the following Line Card models: \r\nC9400-LC-24S, C9400-LC-48S, C9400-LC-24XS, C9400-LC-48P, C9400-LC-48T, C9400-LC-48U, C9400-LC-48UX, C9400-LC-48H \r\n | \r\n
| \r\n Catalyst 9500 \r\nHardware Models: \r\n | \r\n\r\n Chassis: \r\nC9500-16X, C9500-32C, C9500-32QC, C9500-24Y4C, C9500-48Y4C \r\nWith the following network modules: \r\nC9500-NM-8X, C9500-NM-2Q \r\n | \r\n
| \r\n Catalyst 9600 \r\nHardware Models: \r\n | \r\n\r\n Chassis: \r\nC9606R \r\nWith the following Supervisor models: \r\nC9600-SUP-1 \r\nWith the following Line Card models: \r\nC9600-LC-24C, C9600-LC-48YL, C9600-LC-48TX, C9600-LC-24S \r\n | \r\n
\r\n
The TOE includes the cat9k_iosxe.17.12.03.SPA.bin software image available for download on Cisco Software Central at https://software.cisco.com/. Customers can use their Cisco Care Online (CCO) or SMART account to download the software in a binary image format.
","security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 5, April 2017. The product, when delivered and configured as identified in the Cisco Catalyst 9300/9300L/9400/9500/9600 Series Switches 17.12 CC Configuration Guide, Version 0.7, July 16, 2024 document, satisfies all of the security functional requirements stated in the Catalyst 9300/9300L/9400/9500/9600 Series Switches 17.12 Security Target, Version 0.9, July 29, 2024. The project underwent CCEVS Validator review. The evaluation was completed in August 2024. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11463-2024) prepared by CCEVS.
","environmental_strengths":"The logical boundaries of the Cisco Catalyst 9300/9300L/9400/9500/9600 Series Switches 17.12 are realized in the security functions that it implements. Each of these security functions is summarized below.
\r\n\r\n
Security audit:
\r\nAuditing allows Security Administrators to discover intentional and unintentional issues with the TOE’s configuration and/or operation. Auditing of administrative activities provides information that may be used to hasten corrective action should the system be configured incorrectly. Security audit data can also provide an indication of failure of critical portions of the TOE (e.g. a communication channel failure or anomalous activity (e.g. establishment of an administrative session at a suspicious time, repeated failures to establish sessions or authenticate to the TOE) of a suspicious nature.
\r\nThe TOE provides extensive capabilities to generate audit data targeted at detecting such activity. The TOE generates an audit record for each auditable event. Each security relevant audit event has the date, timestamp, event description, and subject identity. The TOE stores audit messages in a circular audit trail configurable by the Security Administrator. All audit logs are transmitted to an external audit server over a trusted channel protected with IPsec.
\r\nCryptographic support:
\r\nThe TOE provides cryptographic functions to implement SSH, IPsec, and MACsec protocols. The cryptographic algorithm implementation has been validated for CAVP conformance. This includes key generation and random bit generation, key establishment methods, key destruction, and the various types of cryptographic operations to provide AES encryption/decryption, signature verification, hash generation, and keyed hash generation.
\r\nThe TOE supports MACsec using the proprietary Unified Access Data Plane (UADP) 2.0 Application-Specific Integrated Circuit (ASIC). The MACsec Controller (MSC) v1.0 is embedded within the ASICs that are utilized within Cisco hardware platforms.
\r\nSSH and IPsec protocols are implemented using the IOS Common Cryptographic Module (IC2M) version Rel5a cryptographic modules. Refer to Table 21 of the ST for identification of the relevant CAVP certificates.
\r\nIdentification and authentication:
\r\nThe TOE implements three types of authentication to provide a trusted means for Security Administrators and remote servers/endpoints to securely communicate: X.509v3 certificate-based authentication for remote syslog servers, password-based authentication for Security Administrators, and pre-shared keys for MACsec endpoints.
\r\nSecurity Administrators have the ability to compose strong passwords which are stored using a SHA-2 hash. Additionally, the TOE detects and tracks successive unsuccessful remote authentication attempts and will prevent the offending account from making further attempts until a Security Administrator defined time period has elapsed or until the Administrator manually unblocks the account.
\r\nSecurity management:
\r\nThe TOE provides secure remote administrative interface and local interface to perform security management functions. This includes ability to configure cryptographic functionality; an access banner containing an advisory notice and consent warning message; a session inactivity timer before session termination as well as an ability to update TOE software.
\r\nThe TOE provides a Security Administrator role and only the Security Administrator can perform the above security management functions.
\r\nProtection of the TSF:
\r\nThe TOE protects critical security data including keys and passwords against tampering by untrusted subjects. The TOE provides reliable timestamps to support monitoring local and remote interactive administrative sessions for inactivity, validating X.509 certificates (to determine if a certificate has expired), and to support accurate audit records.
\r\nThe TOE provides self-tests to ensure it is operating correctly, including the ability to detect software integrity failures. Additionally, the TOE provides an ability to perform software updates and to verify those software updates are from Cisco Systems, Inc.
\r\nTOE access:
\r\nThe TOE monitors both local and remote admin sessions for inactivity and terminates when a threshold time period is reached. Once a session has been terminated the TOE requires the user to re-authenticate.
\r\nThe TOE also displays a Security Administrator specified advisory notice and consent warning message prior to initiating identification and authentication for each administrative user.
\r\nTrusted path/channels:
\r\nThe TOE provides encryption (protection from disclosure and detection of modification) for communication paths between itself and remote endpoints.
\r\nIn addition, the TOE provides two-way authentication of each endpoint in a cryptographically secure manner, meaning that even if there was a malicious attacker between the two endpoints, any attempt to represent themselves to either endpoint of the communications path as the other communicating party would be detected.
","features":[{"id":3522,"feature_name":"Asymmetric Key Generation"},{"id":3521,"feature_name":"Auditing"},{"id":3551,"feature_name":"Certificate Authentication"},{"id":3550,"feature_name":"Certificate Validation"},{"id":3546,"feature_name":"Cryptographic Hashing"},{"id":3531,"feature_name":"Cryptographic Key Establishment"},{"id":3545,"feature_name":"Cryptographic Signature Generation"},{"id":3544,"feature_name":"Cryptographic Signature Verification"},{"id":3523,"feature_name":"DRBG"},{"id":3564,"feature_name":"IKEv2"},{"id":3556,"feature_name":"IPsec"},{"id":3532,"feature_name":"Key Destruction"},{"id":3547,"feature_name":"Keyed-hash message authentication"},{"id":3514,"feature_name":"MACsec"},{"id":3568,"feature_name":"Network Switch"},{"id":3560,"feature_name":"SSH Server"}]}