Compliant Product - Aruba Virtual Intranet Access (VIA) Client v4.3
Certificate Date: 2022.08.31CC Certificate Security Target * Validation Report
Validation Report Number: CCEVS-VR-VID11303-2022
Product Type: Virtual Private Network
Conformance Claim: Protection Profile Compliant
PP Identifier: PP-Module for VPN Client, Version 2.3
Protection Profile for Application Software Version 1.3
CC Testing Lab: Leidos Common Criteria Testing Laboratory
* This is the Security Target (ST) associated with the latest Maintenance Release. To view previous STs for this TOE, click here.
The Target of Evaluation (TOE) is the Aruba Virtual Intranet Access (VIA) Client version 4.3. The TOE is a software application with IPsec VPN client capability. The TOE boundary includes Windows, Linux, and Android versions of the application. Each version of the application is identical with respect to the capabilities it offers the user; the security-relevant implementation differences between each version only include those functions where different mechanisms are used to interact with the platform, depending on the platform being claimed (e.g., the platform mechanism used for any storage of credential data and configuration settings will differ based on the platform version).
VIA is a part of the Aruba remote networks solution intended for teleworkers and mobile users. VIA detects the network environment (trusted and untrusted) of the user and connects the users to the enterprise network. The VIA Client interacts with an environmental Aruba Mobility Controller, which functions as its VPN gateway as well as the authorized source of its IPsec configuration settings.
Security Evaluation Summary
The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 5, April 2017. The product, when delivered and configured as identified in the Aruba Virtual Intranet Access (VIA) 4.x Client Common Criteria Guidance, Version 1.2, March 2022, document, satisfies all the security functional requirements stated in the Aruba Virtual Intranet Access (VIA) Client Version 4.3 Security Target, Version 1.0, August 23, 2022. The project underwent CCEVS Validator review. The evaluation was completed in August 2022. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11303-2022) prepared by CCEVS.
Each of the security functions provided by the TOE is summarized below.
The TOE includes a cryptographic library with NIST-validated algorithm implementations that is used to perform the cryptographic functions needed for IPsec. The TOE implements IPsec with support for either IKEv1 or IKEv2. Authentication is performed using X.509 certificates, and in the case of IKEv1, pre-shared keys can be used as well. VPN connection settings are configured by the environmental Mobility Controller gateway; the gateway configures the connection settings that the client must use, such as the ESP and IKE encryption algorithms, the Diffie-Hellman group, and the mechanism used for authentication. The TOE ensures the secure storage and destruction of key and credential data using a combination of its own mechanisms and reliance on appropriate platform functionality.
User Data Protection
The TOE leverages platform-provided functionality to encrypt sensitive data and allows network communications to be initiated by the user to connect to the VPN Gateway. The TOE can also provide always-on functionality for application-initiated network communication.
The TOE ensures that residual information is protected from potential reuse in accessible objects such as network packets.
Identification and Authentication
Pre-shared keys apply to IKEv1 only. Character limits and character set are not enforced programmatically; therefore, the administrative guidance includes instructions on setting strong pre-shared keys.
The TOE and its IPsec VPN are fully configurable by a combination of functions provided directly by the TOE and those available to the associated VPN gateway. The TOE is not provided with any default credentials or pre-shared keys. All external configuration comes from the Mobility Controller. The configuration options for the TOE consists of the URL of the gateway and the credentials used for the connection. The configuration options are stored and set using the mechanisms supported by the platform.
The TOE does not transmit personally identifiable information (PII) over a network.
Protection of the TSF
The TOE includes the use of only documented platform APIs.
For each platform, the application does not allocate any memory region with both write and execute permissions nor does the TOE request to map memory to an explicit address. The TOE does not write user-modifiable files to directories that contain executable files. The application is built with stack-based buffer overflow protection enabled.
Aruba provides a version control system for its software components. The TOE has a unique software versioning that identifies major versions and their subsequent maintenance releases.
The TOE platforms support loading updates by the administrator. For Windows and Linux platforms, the administrator obtains the update in the form of an installer through the Aruba Mobility Controller or the Aruba Support Portal. The update is verified using a RSA 2048 with SHA-1 digital signature. For Android versions, the application and signature are provided to and verified by the Google Play Store.
The TOE does not download, modify, replace, or update its own binary code. The application is packaged such that its removal results in the deletion of all traces of the application, except for configuration settings and output files.
The cryptography for the initial HTTPS connection is provided by the platform and is therefore outside the scope of the TOE. The IKE/IPsec transversal is secured using the TOE cryptography.
The TOE acts as a VPN client using IPsec to established secure channels to the corresponding VPN gateways.
Aruba, a Hewlett Packard Enterprise Company