The TOE is the SecuSUITE Server Version 6.0. The SecuSUITE Server Version 6.0 enables use of the Session Initiation Protocol (SIP) to establish secure connections between mobile devices.
\r\nThe SecuSUITE Server is the centerpiece in the SecuSUITE Security Solution. The SecuSUITE Security Solution includes the SecuSUITE SIP Server and client software[1] for mobile device platforms. Together these form a system that provides end-to-end secure mobile voice communication and instant messaging, using IP-based mobile data connections such as EDGE, UMTS/HSPA, LTE, and Wi-Fi.
\r\nThe SecuSUITE Server is an infrastructure component of the SecuSUITE Security Solution. The SecuSUITE Server does not work in isolation but relies on other infrastructure components to enable secure VoIP communications.
\r\n","evaluation_configuration":"The SecuSUITE Server runs on RHEL 8 OS within an ESXi version 8 virtualized environment using one of the following physical platforms:
\r\nThe Dell PowerEdge R660 system can support either Broadcom Ethernet or Intel Ethernet network interfaces, while the PacStar 451 system supports only Intel Ethernet network interfaces.
","security_evaluation_summary":"The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 5, April 2017. The product, when delivered and configured as identified in the BlackBerry SecuSUITE Server Common Criteria Configuration Guide SecuSUITE for Government 6.0, Version 1.2 document, satisfies all of the security functional requirements stated in the BlackBerry SecuSUITE Server Version 6.0 Security Target, Version 0.7, January 23, 2026. The project underwent CCEVS Validator review. The evaluation was completed in January 2026. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11634-2026) prepared by CCEVS.
","environmental_strengths":"The logical boundaries of the SecuSUITE Server are realized in the security functions that it implements. Each of these security functions is summarized below.
\r\n\r\n
Security audit:
\r\nThe TOE generates audit events for numerous activities including policy enforcement, system management, authentication, and system status (i.e., system log records). The TOE also generates call detail records providing information about connections that are mediated by the TOE. A syslog server in the environment is relied on to store audit and system log records generated by the TOE. The TOE generates a complete audit record including the IP address of the TOE, the event details, and the time the event occurred. The time stamp is provided by the TOE appliance hardware.
\r\nCryptographic support:
\r\nThe TOE contains CAVP-tested cryptographic implementations that provide key management, random bit generation, encryption/decryption, digital signature, and secure hashing and key-hashing features in support of higher-level cryptographic protocols, including HTTPS, NTP, SSH, and TLS.
\r\nUser data protection:
\r\nThe TOE mediates connections between VVoIP endpoints, allowing enrolled endpoints to establish “calls” with other enrolled endpoints.
\r\nIdentification and authentication:
\r\nThe TOE authenticates administrative users. In order for an administrative user to access the TOE, a user account including a username and password must be created for the user, and an administrative role must be assigned. The TOE performs the validation of the login credentials. The TOE also performs extensive X.509v3 certificate validation checks on certificates it receives as identification and authentication material.
\r\nSecurity management:
\r\nThe TOE also provides a Web UI (protected by HTTPS) and Command Line Interface (protected by SSH) to configure the TOE. Security management commands are limited to authorized users (i.e., administrators) and available only after they have provided acceptable user identification and authentication data to the TOE. The security management functions are controlled through the use of privileges associated with roles that can be assigned to TOE users. Among the available privileges, only the Authorized Administrator role can actually manage the security policies provided by the TOE and the TOE offers a complete set of functions to facilitate effective management.
\r\nProtection of the TSF:
\r\nThe TOE implements a number of features designed to protect itself to ensure the reliability and integrity of its security features.
\r\nIt protects particularly sensitive data such as stored passwords and cryptographic keys so that they are not accessible even by an administrator. It also provides its own timing mechanism to ensure that reliable time information is available (e.g., for log accountability) and can obtain time from external time sources using NTP.
\r\nThe TOE performs self-tests and integrity checks on TOE executables during system start-up as well as periodically during normal operation. The TOE also includes mechanisms (i.e., verification of the digital signature of each new update package) so that the TOE itself can be updated while ensuring that the updates will not introduce malicious or other unexpected changes in the TOE.
\r\nTOE access:
\r\nThe TOE can be configured to display a warning banner when an administrator establishes an interactive session and subsequently will enforce an administrator-defined inactivity timeout value after which the inactive session (local or remote) will be terminated.
\r\nTrusted path/channels:
\r\nThe TOE protects interactive communication with administrators using SSHv2 for CLI access, ensuring both integrity and disclosure protection. The TOE also provides a Web UI API interface for security management that is protected with HTTPS/TLS. If the negotiation of an encrypted session (either SSH or TLS) fails or if the user does not have authorization for remote administration, an attempted connection is not established.
\r\nThe TOE protects communication with network peers, such as an audit server, VVoIP endpoints, ESC devices for trunking, and a VVoIP conferencing system using TLS connections to prevent unintended disclosure or modification of data.
","features":[{"id":1780,"feature_name":"Asymmetric Key Generation"},{"id":1853,"feature_name":"Auditing"},{"id":1850,"feature_name":"Certificate Authentication"},{"id":1844,"feature_name":"Certificate Validation"},{"id":1842,"feature_name":"Cryptographic Hashing"},{"id":1781,"feature_name":"Cryptographic Key Establishment"},{"id":1782,"feature_name":"Cryptographic Signature Verification"},{"id":1778,"feature_name":"DRBG"},{"id":1852,"feature_name":"Enterprise Session Controller"},{"id":1848,"feature_name":"HTTPS Client"},{"id":1849,"feature_name":"HTTPS Server with Mutual Authentication"},{"id":1854,"feature_name":"Key Destruction"},{"id":1843,"feature_name":"Keyed-hash message authentication"},{"id":1847,"feature_name":"SSH Server"},{"id":1851,"feature_name":"TLS 1.2"},{"id":1846,"feature_name":"TLS Client"},{"id":1845,"feature_name":"TLS Server with Mutual Authentication"},{"id":1779,"feature_name":"Virtual Network Device"}]}