The Target of Evaluation (TOE) is FortiSwitchOS with the specific build version of 7.6.0, build 8083, which incorporated a patch to address FG-IR-24-435 (CVE-2024-48887). NIAP strongly recommends that all vendor-delivered bug fixes and security patches be installed; and with such updates properly installed, the product is still considered by NIAP to be in its evaluated configuration as per NIAP Publication #6 section 2.4.5.
\r\n\r\n
The Fortinet FortiSwitch v7.6 TOE is a series of scalable Ethernet Switch network devices used to connect devices on Ethernet local area networks (LANs). The switches are enterprise level switches suitable for SD-Branch deployments with high throughput requirements. The TOE is optimal for use in converged network environments, enabling voice, data, and wireless traffic to be delivered across a single network.
\r\nFor this evaluation, the TOE is treated as a network device offering NIST validated cryptographic functions, security auditing, secure administration, trusted updates, self-tests, and secure connection to an external audit server.
\r\nCryptographic functionality is provided by the OpenSSL and OpenSSH libraries included in the TOE in support of higher-level protocols (TLS, SSH). The module’s FIPS-Approved cryptographic algorithms have obtained CAVP certificates.
\r\nThe TOE audits security relevant events, stores audit records locally, and can be configured to forward its audit records to an external syslog server in the network environment. An administrator can manually set the TOE’s time.
\r\nThe TOE uses TLS to protect syslog, offers a management GUI protected by TLS/HTTPS, and provides a management CLI protected by SSH.
\r\nAdministrators are able to query the current version of the product firmware and manage the security functions of the TOE including perform updates on the product. Public/private keys are used to provide digital signatures for protection of the update files.
\r\nThe TOE provides self-tests to ensure the integrity and correct operation of the TOE.
","evaluation_configuration":"The TOE comprises the following FortiSwitch appliance models, all running FortiSwitch 7.6.0, build 8083:
\r\nThe evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, September 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1 release 5. The product, when configured as identified in the guidance documentation, satisfies all of the security functional requirements stated in the Fortinet FortiSwitch v7.6 Security Target. The evaluation was completed in August 2025. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.
","environmental_strengths":"Security Audit
\r\nThe TOE generates audit events associated with identification and authentication, management, updates, and user sessions. The TOE can store the events in a local log and export them to a syslog server using a TLS protected channel.
\r\nCryptographic Support
\r\nThe TOE provides CAVP certified cryptography in support of its SSH, TLS, self-testing, and for verifying TOE update package signatures. Cryptographic services include key management, random bit generation, symmetric encryption and decryption, digital signature, and secure hashing.
\r\nIdentification and Authentication
\r\nThe TOE requires users to be identified and authenticated before they can use functions mediated by the TOE, with the exception of viewing and agreeing to the login banner. The TOE authenticates a user’s credentials (password, public key) using local mechanisms provided by the TOE. The TOE also provides X.509 certificate checking for its TLS connections.
\r\nSecurity Management
\r\nThe TOE provides CLI and web-based management interfaces that an administrator can access locally or remotely via a network port. Remote connections to the management interfaces are protected with SSH for the CLI and HTTPS for the GUI. The local administrative interface is subject to physical protection. To access the TOE locally, an administrator must directly connect their workstation to the TOE using a serial cable and successfully log in. The management interface is limited to the authorized administrators.
\r\nProtection of the TSF
\r\nThe TOE implements various self-protection mechanisms. The TOE performs self-tests that cover the correct operation of the TSF. It provides functions necessary to securely update the TOE. It relies upon administrator manually provided time to ensure reliable timestamps. It protects sensitive data such as passwords and cryptographic keys stored on the TOE so that they are not accessible, even by an authorized administrator.
\r\nTOE Access
\r\nThe TOE will terminate local and remote interactive sessions after a configurable period of inactivity. The TOE additionally provides the capability for administrators to terminate their own interactive sessions. The TOE can be configured to display an advisory and consent warning message before establishing a user session.
\r\nTrusted Path/Channels
\r\nWhen accessed remotely, the CLI and GUI management interfaces are protected by SSH or TLS, thus ensuring protection against modification and disclosure.
\r\nThe TOE protects communications with the external syslog server from modification and disclosure by using TLS.
","features":[{"id":1106,"feature_name":"Asymmetric Key Generation"},{"id":1102,"feature_name":"Auditing"},{"id":1115,"feature_name":"Certificate Authentication"},{"id":1111,"feature_name":"Certificate Validation"},{"id":1109,"feature_name":"Cryptograhic Hashing"},{"id":1107,"feature_name":"Cryptographic Key Establishment"},{"id":1108,"feature_name":"Cryptographic Signature Verification"},{"id":1105,"feature_name":"DRBG"},{"id":1101,"feature_name":"Flaw Remediation"},{"id":1113,"feature_name":"HTTPS Client"},{"id":1114,"feature_name":"IPsec"},{"id":1103,"feature_name":"Key Destruction"},{"id":1110,"feature_name":"Keyed-hash message authentication"},{"id":1104,"feature_name":"SSH Server"},{"id":1116,"feature_name":"TLS 1.2"},{"id":1117,"feature_name":"TLS 1.3"},{"id":1112,"feature_name":"TLS Client"}]}