The TOE leverages a custom OS called Wave Relay OS that provides a secure operating environment. Available as a hardware network appliance, the TOE supports a wide range of network, wireless and security protocols designed for peer-to-peer MANET networking at OSI Layer 2 and Layer 3. This includes, for instance, the use of multiple layer-3 Gateways in a MANET.
\r\nThe TOE is capable of securing communication via its ethernet interface with MACsec, IPsec and TLS. Remote administration utilizes TLS to protect communications to the Wave Relay Device GUI and programmatic interface.
\r\nFor the purposes of evaluation, the TOE will be treated as a Network Device, IPsec VPN Gateway and MACsec Ethernet Encryption Device. Thus, the security functionality offered by the TOE includes validated secure by design components such as CAVP tested Cryptographic support, Trusted updates, Self Tests, Secure connections, Identification & Authentication, Packet Filtering, and Secure Auditing.
","evaluation_configuration":"The TOE is a hardware network appliance available in several models w/ varying form factors.
\r\n| \r\n Model \r\n | \r\n\r\n Processor \r\n | \r\n
| \r\n MPU5 (WR-5100) \r\n | \r\n\r\n NXP iMX6 \r\n | \r\n
| \r\n Embedded Module (WR-5200) \r\n | \r\n\r\n NXP i.MX6 \r\n | \r\n
| \r\n Embedded Module Lite (WR-5250) \r\n | \r\n\r\n NXP i.MX6 \r\n | \r\n
| \r\n GVR5 (WR-GVR5-SYS) \r\n | \r\n\r\n NXP i.MX6 \r\n | \r\n
| \r\n Integrated Antenna Series (WR-INT-ANT-SYS) \r\n | \r\n\r\n NXP i.MX6 \r\n | \r\n
The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 5, April 2017. The product, when delivered and configured as identified in the Persistent Common Criteria Administrator Guide, Target of Evaluation: Persistent Systems LLC, Wave Relay® Devices v1.0, Version 1.0, February 24, 2025 document, satisfies all of the security functional requirements stated in the Persistent Systems LLC, Wave Relay® Devices v1.0 Security Target, Version 0.7, February 21, 2025. The project underwent CCEVS Validator review. The evaluation was completed in March 2025. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11509-2025) prepared by CCEVS.
","environmental_strengths":"The logical boundaries of the Persistent Systems LLC, Wave Relay® Devices v1.0 are realized in the security functions that it implements. Each of these security functions is summarized below.
\r\n\r\n
Security audit:
\r\nThe TOE generates audit events for numerous activities including events related to cryptographic functionality, identification and authentication, and administrative actions. The TOE generates a complete audit record including the IP address of the TOE, the event details, and the time the event occurred. The TOE provides the administrator with a local circular audit trail where the TOE overwrites the oldest audit records with the newest audit records when space is full. Audit logs are also sent to a remote syslog server in the environment over TLS encrypted channel.
\r\nCryptographic support:
\r\nThe TOE provides cryptography in support of other TOE security functionality. The TOE provides cryptography in support of secure connections using IPsec, TLS, MACsec and remote administrative management HTTPS/TLS.
\r\nIdentification and authentication:
\r\nThe TOE allows unauthenticated users to read the login banner, view the TOE identity (DNS name and IP address), view the TOE power level, and view status. The TOE also performs packet filtering operations prior to administrator login. The TOE requires users to be authenticated before all other administrative operations.
\r\nThe TOE authenticates the administrator prior to granting access to the GUI and programmatic interfaces by accepting a password. The TOE supports the validation of x509v3 certificates for authentication in the context of the TLS and IPsec protocols. These certificates can be ECDSA certificates. The TOE also supports pre-shared key authentication for MACsec and IPsec connections. The TOE checks the revocation status of a certificate using OCSP or CRLs.
\r\nSecurity management:
\r\nSecurity management commands are limited to authorized users (i.e., administrators) and available only after they have provided acceptable user identification and authentication data to the TOE. All TOE administration occurs through a TLS/HTTPS session.
\r\nPacket filtering:
\r\nThe TOE provides packet filtering and secure IPsec tunneling functionality. The tunnels can be established between the TOE and a VPN peer. An authorized administrator can define the traffic that needs to be protected via IPsec by configuring access lists (permit, deny, log) and applying these access lists to the VPN interfaces.
\r\nProtection of the TSF:
\r\nThe TOE provides a variety of means of protecting itself. The TOE performs self-tests and integrity verification that cover the correct operation of the TOE at startup. Any test failures that occur will prevent the TOE from booting to a usable state. It provides functions necessary to securely update the TOE. The TOE includes a hardware clock to ensure reliable timestamps. The TOE’s time can be configured manually or by syncing to a remote NTP server. It protects sensitive data such as stored passwords and cryptographic keys so that they are not accessible through the TOE, even to a Security Administrator.
\r\nThe TOE has the ability detect replay of frames received over the MACsec channel. The detected replayed frames are dropped.
\r\nTOE access:
\r\nThe TOE can be configured to display a logon banner before a user session is established. The TOE also enforces inactivity timeouts for local and remote sessions that can be configured by an administrator.
\r\nTrusted path/channels:
\r\nThe TOE protects interactive communication with administrators using TLS for GUI and programmatic access. The TLS protocol provides integrity and disclosure protection. If the negotiation of a TLS session fails, the attempted connection will not be established.
\r\nThe TOE protects communication with network peers, such as an external audit server (syslog server) and a VPN peer using IPsec connections to provide disclosure or modification protections. The TOE can be configured to use MACsec to secure the channel to an external audit server (syslog server) at Layer 2. The TOE can also provide a TLS connection to a controlled network device and validate the X509v3 certificate that is presented by the device.
","features":[{"id":2738,"feature_name":"Asymmetric Key Generation"},{"id":2725,"feature_name":"Auditing"},{"id":2736,"feature_name":"Certificate Authentication"},{"id":2737,"feature_name":"Certificate Validation"},{"id":2754,"feature_name":"Cryptographic Hashing"},{"id":2751,"feature_name":"Cryptographic Key Establishment"},{"id":2752,"feature_name":"Cryptographic Signature Verification"},{"id":2749,"feature_name":"DRBG"},{"id":2765,"feature_name":"HTTPS Client"},{"id":2766,"feature_name":"HTTPS Server without Mutual Authentication"},{"id":2767,"feature_name":"IKEv2"},{"id":2735,"feature_name":"IPsec"},{"id":2726,"feature_name":"Key Destruction"},{"id":2756,"feature_name":"Keyed-hash message authentication"},{"id":2731,"feature_name":"MACsec"},{"id":2768,"feature_name":"TLS 1.2"},{"id":2763,"feature_name":"TLS Client"},{"id":2764,"feature_name":"TLS Server without Mutual Authentication"},{"id":2734,"feature_name":"VPN Gateway"}]}