{"product_id":11473,"v_id":11473,"product_name":"Sonicwall SonicOS/X v7.0.1 with VPN and IPS on TZ, NSa, NSsp, and NSv Appliances","certification_status":"Certified","certification_date":"2025-01-08T00:00:00Z","tech_type":"Firewall, Network Device, Network Encryption, Virtual Private Network","vendor_id":{"name":"SonicWall, Inc.","website":"www.sonicwall.com"},"vendor_poc":"Akbal Singh Karlcut","vendor_phone":"408-962-8137","vendor_email":"akarlcut@sonicwall.com","assigned_lab":{"cctl_name":"Acumen Security"},"product_description":"<p>The TOE is comprised of the SonicWall SonicOS/X v7.0.1 software running either on purpose built TZ, NSa, NSsp, series hardware appliance platforms and NSv virtual appliances running on purpose built ESXi hardware appliances.</p>\r\n<p><br>The appliance next generation firewall capabilities include stateful packet inspection. Stateful packet inspection maintains the state of network connections, such as Transmission Control Protocol (TCP) streams and User Datagram Protocol (UDP) communication, traveling across the firewall. The firewall distinguishes between legitimate packets and illegitimate packets for the given network deployment. Only packets adhering to the administrator-configured access rules are permitted to pass through the firewall; all others are rejected.</p>\r\n<p><br>The appliance capabilities include deep-packet inspection (DPI) used for intrusion prevention and detection. These services employ stream-based analysis wherein traffic traversing the product is parsed and interpreted so that its content might be matched against a set of signatures to determine the acceptability of the traffic. Only traffic adhering to the administrator-configured policies is permitted to pass through the TOE.</p>\r\n<p><br>The appliances support Virtual Private Network (VPN) functionality, which provides a secure connection between the device and the audit server. The appliances support authentication and protect data from disclosure or modification during transfer.<br><br>The appliances are managed through a web based Graphical User Interface (GUI). All management activities may be performed through the web management GUI via a hierarchy of menu buttons. Administrators may configure policies and manage network traffic, users, and system logs. The appliances also have local console access where limited administrative functionality to configure the network, perform system updates, and view logs.</p>","evaluation_configuration":"<h2 style=\"margin: 12pt 0in 6pt 0.4in; text-indent: -0.4in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Times New Roman Bold';\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp; &nbsp; </span></span><span style=\"font-family: Calibri, sans-serif;\">Evaluated Configuration</span></h2>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The Section 1.2 and 1.3 of the ST provides an overview of the TOE architecture, including physical boundaries, security functions, and relevant TOE documentation and references.&nbsp; </span></p>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\">&nbsp;</p>\r\n<p style=\"margin: 0in 0in 12pt; font-size: 11pt; font-family: Calibri, sans-serif;\">The TOE supports secure connectivity with several other IT environment devices as described below.</p>\r\n<p style=\"margin: 0in 0in 6pt; text-align: center; break-after: avoid; font-size: 9pt; font-family: Cambria, serif; font-weight: bold;\"><a name=\"_Toc169253043\"></a>Environmental Components for TOE</p>\r\n<div align=\"center\">\r\n<table class=\"MsoNormalTable\" style=\"width: 100%; border-collapse: collapse; border: none;\" border=\"1\" cellspacing=\"0\" cellpadding=\"0\">\r\n<thead>\r\n<tr style=\"height: 5.85pt;\">\r\n<td style=\"width: 85.25pt; border: solid windowtext 1.0pt; background: #FFC000; padding: 0in .05in 0in .05in;\" valign=\"bottom\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><strong><span style=\"font-size: 10.0pt; color: black;\">Component</span></strong></p>\r\n</td>\r\n<td style=\"width: .75in; border: solid windowtext 1.0pt; border-left: none; background: #FFC000; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><strong><span style=\"font-size: 10.0pt; color: black;\">Required</span></strong></p>\r\n</td>\r\n<td style=\"width: 328.25pt; border: solid windowtext 1.0pt; border-left: none; background: #FFC000; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><strong><span style=\"font-size: 10.0pt; color: black;\">Usage/Purpose Description</span></strong></p>\r\n</td>\r\n</tr>\r\n</thead>\r\n<tbody>\r\n<tr style=\"height: 6.8pt;\">\r\n<td style=\"width: 85.25pt; border: solid windowtext 1.0pt; border-top: none; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">TOE Hardware</span></p>\r\n</td>\r\n<td style=\"width: .75in; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">Yes</span></p>\r\n</td>\r\n<td style=\"width: 328.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">The Sonicwall TZ, NSa, and NSsp, physical hardware models</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"height: 6.8pt;\">\r\n<td style=\"width: 85.25pt; border: solid windowtext 1.0pt; border-top: none; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">TOE Virtual Hardware</span></p>\r\n</td>\r\n<td style=\"width: .75in; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">Yes</span></p>\r\n</td>\r\n<td style=\"width: 328.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">Virtual hardware provided by VMware vShpere ESXi 7.0 and ESXi 8.0 on </span><span style=\"font-size: 10.0pt;\">Dell PowerEdge R640.</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"height: 6.8pt;\">\r\n<td style=\"width: 85.25pt; border: solid windowtext 1.0pt; border-top: none; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">Management Workstation</span></p>\r\n</td>\r\n<td style=\"width: .75in; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">Yes</span></p>\r\n</td>\r\n<td style=\"width: 328.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt 0.05pt; line-height: 107%; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt; line-height: 107%;\">This includes any IT Environment Management workstation</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"height: 6.8pt;\">\r\n<td style=\"width: 85.25pt; border: solid windowtext 1.0pt; border-top: none; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">Audit Server</span></p>\r\n</td>\r\n<td style=\"width: .75in; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">Yes</span></p>\r\n</td>\r\n<td style=\"width: 328.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">An audit server supporting the syslog protocol with an IPsec peer supporting IKEv2 and ESP in the cryptographic protocols defined in 5.2.2.6 of this document.</span></p>\r\n</td>\r\n</tr>\r\n<tr style=\"height: 6.8pt;\">\r\n<td style=\"width: 85.25pt; border: solid windowtext 1.0pt; border-top: none; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">Management Console</span></p>\r\n</td>\r\n<td style=\"width: .75in; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">Yes</span></p>\r\n</td>\r\n<td style=\"width: 328.25pt; border-top: none; border-left: none; border-bottom: solid windowtext 1.0pt; border-right: solid windowtext 1.0pt; padding: 0in .05in 0in .05in;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\"><span style=\"font-size: 10.0pt;\">Any computer that provides a supported browser may be used to access the GUI</span></p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n</div>\r\n<h3 style=\"margin: 12pt 0in 12pt 0.5in; text-indent: -0.5in; break-after: avoid; font-size: 11pt; font-family: Cambria, serif;\">&nbsp;</h3>\r\n<h3 style=\"margin: 12pt 0in 12pt 0.5in; text-indent: -0.5in; break-after: avoid; font-size: 11pt; font-family: Cambria, serif;\">Physical Boundaries</h3>\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\">The TOE is a software and hardware TOE. It is a combination of TZ, NSa, NSsp, and NSv hardware/software appliance and the SonicOS/X 7.0.1 software. The following table lists all the instances of the TOE that operate in the evaluated configuration. All listed TOE instances offer the same core functionality but vary in number of processors, physical size, and supported connections.</p>\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\">The physical boundary of the TOE<span style=\"color: red;\"> </span>includes the Sonicwall TZ, NSa, NSsp hardware models shown in Table 3 and the virtual appliances and related hardware shown in Table 4 running Sonicwall SonicOS/X software identified in table 1. The virtual appliances are evaluated as virtual Network Devices (vND) which is case 1 of Section 1.2 of NDcPP v2.2e. The physical TOE is shipped to the customer via commercial courier. The virtual appliance&rsquo;s deployment packages can be downloaded from the <a href=\"https://www.mysonicwall.com\">https://www.mysonicwall.com</a> site.</p>\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\">&nbsp;</p>\r\n<p style=\"margin: 0in 0in 6pt; text-align: center; break-after: avoid; font-size: 9pt; font-family: Cambria, serif; font-weight: bold;\">Physical Boundary Components for TOE hardware models</p>\r\n<table class=\"MsoTableGrid\" style=\"width: 806px; border-collapse: collapse; border: none;\" border=\"1\" cellspacing=\"0\" cellpadding=\"0\">\r\n<thead>\r\n<tr style=\"page-break-inside: avoid;\">\r\n<td style=\"width: 142.296px; border: 1pt solid windowtext; background: rgb(255, 192, 0); padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"break-after: avoid; margin: 0in 0in 6pt; font-size: 10pt; font-family: Calibri, sans-serif; font-weight: bold;\"><a name=\"_Hlk103935774\"></a><span style=\"color: black;\">Appliance Series</span></p>\r\n</td>\r\n<td style=\"width: 167.253px; border-top: 1pt solid windowtext; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; background: rgb(255, 192, 0); padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; text-align: center; font-size: 10pt; font-family: Calibri, sans-serif; font-weight: bold;\"><span style=\"color: black;\">Appliance Model</span></p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: 1pt solid windowtext; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; background: rgb(255, 192, 0); padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; text-align: center; font-size: 10pt; font-family: Calibri, sans-serif; font-weight: bold;\"><span style=\"color: black;\">Operational Environment</span></p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: 1pt solid windowtext; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; background: rgb(255, 192, 0); padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; text-align: center; font-size: 10pt; font-family: Calibri, sans-serif; font-weight: bold;\"><span style=\"color: black;\">Microarchitecture</span></p>\r\n</td>\r\n</tr>\r\n</thead>\r\n<tbody>\r\n<tr>\r\n<td style=\"width: 142.296px; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0in 5.4pt;\" rowspan=\"10\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ</p>\r\n</td>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ 670</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell CN9130</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 0in; font-size: 12pt; font-family: Calibri, sans-serif; color: black;\"><span style=\"font-size: 10.0pt; color: #000202;\">Quad Core Armv8 Cortex-A72</span></p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ 570</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell CN9130</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\"><span style=\"color: #000202;\">Quad Core Armv8 Cortex-A72</span></p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ 570W</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell CN9130</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\"><span style=\"color: #000202;\">Quad Core Armv8 Cortex-A72</span></p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ 570P</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell CN9130</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\"><span style=\"color: #000202;\">Quad Core Armv8 Cortex-A72</span></p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ 470</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell 88F7040</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 0in; font-size: 12pt; font-family: Calibri, sans-serif; color: black;\"><span style=\"font-size: 10.0pt;\">Quad core Armv8 Cortex-A72 </span></p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ 470W</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell 88F7040</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Quad core Armv8 Cortex-A72</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ 370</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell 88F7040</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Quad core Armv8 Cortex-A72</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ 370W</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell 88F7040</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Quad core Armv8 Cortex-A72</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ 270</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell 88F7040</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Quad core Armv8 Cortex-A72</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">TZ 270W</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell 88F7040</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Quad core Armv8 Cortex-A72</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 142.296px; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0in 5.4pt;\" rowspan=\"5\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSa</p>\r\n</td>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSa 2700</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell CN9130</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\"><span style=\"color: #000202;\">Quad Core Armv8 Cortex-A72</span></p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSa 3700</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Marvell CN9130</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\"><span style=\"color: #000202;\">Quad Core Armv8 Cortex-A72</span></p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSa 4700</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Intel Xeon D-2123IT</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Skylake</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSa 5700</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Intel Xeon D-2123IT</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Skylake</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSa 6700</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Intel Xeon D-2123IT</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Skylake</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 142.296px; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0in 5.4pt;\" rowspan=\"3\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSsp</p>\r\n</td>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSsp 10700</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Intel Xeon D-2166NT</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Skylake</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSsp 11700</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Intel Xeon D-2166NT</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Skylake</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 167.253px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSsp 13700</p>\r\n</td>\r\n<td style=\"width: 204.668px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Intel Xeon D-2187NT</p>\r\n</td>\r\n<td style=\"width: 229.398px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">Skylake</p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n<p style=\"margin: 0in 0in 6pt; font-size: 11pt; font-family: Calibri, sans-serif;\">&nbsp;</p>\r\n<p style=\"margin: 0in; font-size: 11pt; font-family: Calibri, sans-serif;\"><em>&nbsp;</em></p>\r\n<p style=\"margin: 0in 0in 6pt; text-align: center; break-after: avoid; font-size: 9pt; font-family: Cambria, serif; font-weight: bold;\"><a name=\"_Toc56525852\"></a>Physical Boundary Components for TOE Virtual Appliance</p>\r\n<table class=\"MsoTableGrid\" style=\"width: 757px; border-collapse: collapse; border: none;\" border=\"1\" cellspacing=\"0\" cellpadding=\"0\">\r\n<tbody>\r\n<tr style=\"height: 15.25pt;\">\r\n<td style=\"width: 144.543px; border: 1pt solid windowtext; background: rgb(255, 192, 0); padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"break-after: avoid; margin: 0in 0in 6pt; text-align: center; font-size: 10pt; font-family: Calibri, sans-serif; font-weight: bold;\"><span style=\"color: black;\">Appliance Series</span></p>\r\n</td>\r\n<td style=\"width: 193.236px; border-top: 1pt solid windowtext; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; background: rgb(255, 192, 0); padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; text-align: center; font-size: 10pt; font-family: Calibri, sans-serif; font-weight: bold;\"><span style=\"color: black;\">Appliance Model</span></p>\r\n</td>\r\n<td style=\"width: 372.455px; border-top: 1pt solid windowtext; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-image: initial; border-left: none; background: rgb(255, 192, 0); padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 0in 0in 6pt; text-align: center; font-size: 10pt; font-family: Calibri, sans-serif; font-weight: bold;\"><span style=\"color: black;\">Operational Environment</span></p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 144.543px; border-right: 1pt solid windowtext; border-bottom: 1pt solid windowtext; border-left: 1pt solid windowtext; border-image: initial; border-top: none; padding: 0in 5.4pt;\" rowspan=\"3\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSv</p>\r\n</td>\r\n<td style=\"width: 193.236px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSv 270</p>\r\n</td>\r\n<td style=\"width: 372.455px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" rowspan=\"3\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">ESXi 7.0 and 8.0 on Dell PowerEdge R640 (Running on Intel Xeon Silver 4208 (Cascade Lake))</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 193.236px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSv 470</p>\r\n</td>\r\n</tr>\r\n<tr>\r\n<td style=\"width: 193.236px; border-top: none; border-left: none; border-bottom: 1pt solid windowtext; border-right: 1pt solid windowtext; padding: 0in 5.4pt;\" valign=\"top\">\r\n<p style=\"margin: 1pt 0.05in 3pt 0in; font-size: 10pt; font-family: Calibri, sans-serif;\">NSv 870</p>\r\n</td>\r\n</tr>\r\n</tbody>\r\n</table>\r\n<h2 style=\"margin: 2pt 0in 0in 0.5in; text-indent: -0.5in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(31, 77, 120); font-weight: normal;\"><span style=\"font-family: Calibri, sans-serif; color: windowtext;\">&nbsp;</span></h2>","security_evaluation_summary":"<p><span data-teams=\"true\">The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Sonicwall SonicOS/X v7.0.1 with VPN and IPS on TZ, NSa, NSsp, and NSv Appliances was evaluated is described in the Common Criteria for Information Technology Security Evaluation, Version 3.1 rev 5.&nbsp; The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 rev 5.&nbsp; The product, when delivered and configured as identified in the Common Criteria Administrator Guidance, satisfies all of the security functional requirements stated in the ST. The project underwent CCEVS Validator review.&nbsp; The evaluation was completed in January 2025.&nbsp; Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.&nbsp;&nbsp;</span></p>","environmental_strengths":"<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TOE provides the security functions required by the Collaborative Protection Profile for Network Devices, hereafter referred to as NDcPP v2.2e or NDcPP, collaborative Protection Profile Module for Stateful Traffic Filter Firewall, hereafter referred to as MOD_FW v1.4e or MOD_FW, PP-Module for VPN Gateways Version 1.3 hereafter referred to as MOD_VPNGW v1.3 or MOD_VPNGW, PP-Module for Intrusion Protection Systems (IPS) Version 1.0, hereafter referred to as MOD_IPS v1.0 or MOD_IPS.</span></p>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">&nbsp;<span style=\"color: red;\">&nbsp;</span></span></p>\r\n<h4 style=\"margin: 2pt 0in 0in 0.6in; text-indent: -0.6in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(46, 116, 181); font-weight: normal; font-style: italic;\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp; &nbsp; &nbsp; &nbsp;</span></span><span style=\"font-family: Calibri, sans-serif;\">Security Audit </span></h4>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">&nbsp;The TOE generates audit records for administrative activity, security related configuration changes, cryptographic key changes and startup and shutdown of the audit functions. The audit events are associated with the administrator who performs them, if applicable. The audit records are transmitted over an IPsec VPN tunnel to an external audit server in the IT environment for storage.</span></p>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\">&nbsp;</p>\r\n<h4 style=\"margin: 2pt 0in 0in 0.6in; text-indent: -0.6in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(46, 116, 181); font-weight: normal; font-style: italic;\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp; </span></span><span style=\"font-family: Calibri, sans-serif;\">Cryptographic Support&nbsp;</span></h4>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TOE provides cryptographic functions (key generation, key establishment, key destruction, cryptographic operation) to secure remote administrative sessions over Hypertext Transfer Protocol Secure (HTTPS)/Transport Layer Security (TLS), and to support Internet Protocol Security (IPsec) to provide VPN functionality and to protect the connection to the audit server.&nbsp;</span></p>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\">&nbsp;</p>\r\n<h4 style=\"margin: 2pt 0in 0in 0.6in; text-indent: -0.6in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(46, 116, 181); font-weight: normal; font-style: italic;\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp; &nbsp;</span></span><span style=\"font-family: Calibri, sans-serif;\">Residual Data Protection </span></h4>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TOE ensures that data cannot be recovered once deallocated.</span></p>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\">&nbsp;</p>\r\n<h4 style=\"margin: 2pt 0in 0in 0.6in; text-indent: -0.6in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(46, 116, 181); font-weight: normal; font-style: italic;\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp; </span></span><span style=\"font-family: Calibri, sans-serif;\">Identification and Authentication </span></h4>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TOE provides a password-based logon mechanism. This mechanism enforces minimum strength requirements and ensures that passwords are obscured when entered. The TOE also validates and authenticates X.509 certificates for all certificate use.</span></p>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\">&nbsp;</p>\r\n<h4 style=\"margin: 2pt 0in 0in 0.6in; text-indent: -0.6in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(46, 116, 181); font-weight: normal; font-style: italic;\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp;</span></span><span style=\"font-family: Calibri, sans-serif;\">Security Management</span></h4>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TOE provides management capabilities via a Web-based GUI, accessed over HTTPS. Management functions allow the administrators to configure and update the system, manage users and configure the Virtual Private Network (VPN) and Intrusion Prevention System (IPS) functionality.</span></p>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\">&nbsp;</p>\r\n<h4 style=\"margin: 2pt 0in 0in 0.6in; text-indent: -0.6in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(46, 116, 181); font-weight: normal; font-style: italic;\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp; &nbsp; &nbsp;</span></span><span style=\"font-family: Calibri, sans-serif;\">Protection of the TSF</span></h4>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TOE prevents the reading of plaintext passwords and keys. The TOE provides a reliable timestamp for its own use. To protect the integrity of its security functions, the TOE implements a suite of self-tests at startup and shuts down if a critical failure occurs. The TOE verifies the software image when it is loaded. The TOE ensures that updates to the TOE software can be verified using a digital signature.</span></p>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\">&nbsp;</p>\r\n<h4 style=\"margin: 2pt 0in 0in 0.6in; text-indent: -0.6in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(46, 116, 181); font-weight: normal; font-style: italic;\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp; &nbsp;</span></span><span style=\"font-family: Calibri, sans-serif;\">TOE Access</span></h4>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TOE monitors local and remote administrative sessions for inactivity and either locks or terminates the session when a threshold time period is reached. An advisory notice is displayed at the start of each session.</span></p>\r\n<p style=\"margin: 6pt 0in; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\">&nbsp;</p>\r\n<h4 style=\"margin: 2pt 0in 0in 0.6in; text-indent: -0.6in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(46, 116, 181); font-weight: normal; font-style: italic;\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp; &nbsp; &nbsp;</span></span><span style=\"font-family: Calibri, sans-serif;\">Trusted Path/Channels</span></h4>\r\n<p style=\"margin: 6pt 0in 12pt; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TSF provides IPsec VPN tunnels for trusted communication between itself and an audit server. The TOE implements HTTPS for protection of communications between itself and the Management Console.</span></p>\r\n<p style=\"margin: 6pt 0in 12pt; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\">&nbsp;</p>\r\n<h4 style=\"margin: 2pt 0in 0in 0.6in; text-indent: -0.6in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(46, 116, 181); font-weight: normal; font-style: italic;\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp; &nbsp; </span></span><span style=\"font-family: Calibri, sans-serif;\">Intrusion Prevention</span></h4>\r\n<p style=\"margin: 6pt 0in 12pt; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TOE performs analysis of IP-based network traffic and detects violations of administratively defined IPS policies. The TOE inspects each packet header and payload for anomalies and known signature-based attacks and determines whether to allow traffic to traverse the TOE.</span></p>\r\n<p style=\"margin: 6pt 0in 12pt; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\">&nbsp;</p>\r\n<h4 style=\"margin: 2pt 0in 0in 0.6in; text-indent: -0.6in; line-height: 107%; break-after: avoid; font-size: 12pt; font-family: 'Calibri Light', sans-serif; color: rgb(46, 116, 181); font-weight: normal; font-style: italic;\"><span style=\"font-family: Calibri, sans-serif;\"><span style=\"font: 7.0pt 'Times New Roman';\">&nbsp; &nbsp;</span></span><span style=\"font-family: Calibri, sans-serif;\">Stateful Traffic Filtering and Packet Filtering</span></h4>\r\n<p style=\"margin: 6pt 0in 12pt; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TOE restricts the flow of network traffic between protected networks and other attached networks based on addresses and ports of the network nodes originating (source) and/or receiving (destination) applicable network traffic, as well as on established connection information. </span></p>\r\n<p style=\"margin: 6pt 0in 12pt; line-height: 107%; font-size: 12pt; font-family: 'Times New Roman', serif;\"><span style=\"font-size: 11.0pt; line-height: 107%; font-family: Calibri, sans-serif;\">The TOE performs packet filtering on network packets.</span></p>","features":[{"id":1429,"feature_name":"Asymmetric Key Generation"},{"id":1425,"feature_name":"Auditing"},{"id":1437,"feature_name":"Certificate Authentication"},{"id":1434,"feature_name":"Certificate Validation"},{"id":1432,"feature_name":"Cryptographic Hashing"},{"id":1430,"feature_name":"Cryptographic Key Establishment"},{"id":1431,"feature_name":"Cryptographic Signature Verification"},{"id":1427,"feature_name":"DRBG"},{"id":1446,"feature_name":"Firewall"},{"id":1438,"feature_name":"IKEv2"},{"id":1448,"feature_name":"Intrusion Prevention"},{"id":1436,"feature_name":"IPsec"},{"id":1426,"feature_name":"Key Destruction"},{"id":1433,"feature_name":"Keyed-hash message authentication"},{"id":1440,"feature_name":"TLS 1.2"},{"id":1435,"feature_name":"TLS Server without Mutual Authentication"},{"id":1428,"feature_name":"Virtual Network Device"},{"id":1451,"feature_name":"VPN Gateway"}]}