Compliant Product - Infinera Corporation Transcend Network Management System Server 18.10.3
Certificate Date: 2022.12.12CC Certificate Security Target Validation Report
Validation Report Number: CCEVS-VR-VID11319-2022
Product Type: Application Software
Conformance Claim: Protection Profile Compliant
PP Identifier: Functional Package for SSH Version 1.0
Functional Package for TLS Version 1.1
Protection Profile for Application Software Version 1.4
CC Testing Lab: Gossamer Security Solutions
The Transcend Network Management System (TNMS) is designed to provide end-to-end network and service management across multiple technologies and equipment vendors. For purposes of this evaluation, the TNMS Server is a software application that accepts management instructions via secure communication with a TNMS Client and then securely transfers management instructions to configured network entities.
The Target of Evaluation (TOE) is Transcend Network Management System (TNMS) Server version 18.10.3. The TNMS Server is a pair of Java applications designed to run in the following operational environment:
· Red Hat Enterprise Linux (RHEL) 7.9 (64 bit) / CentOS 7.9 (64 bit) on a 64-bit Intel Xeon processor
· Amazon Corretto (OpenJDK) JDK/JRE 11.0.6
Security Evaluation Summary
The evaluation was carried out in accordance to the Common Criteria Evaluation and Validation Scheme (CCEVS) requirements and guidance. The evaluation demonstrated that the TOE meets the security requirements contained in the Security Target. The criteria against which the TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 5, April 2017. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Evaluation Methodology, Version 3.1, Revision 5, April 2017. The product, when delivered and configured as identified in the Infinera Transcend Network Management System Server 18.10.3 Administrative Guidance for Common Criteria, Version 1.1, December 6, 2022 document, satisfies all of the security functional requirements stated in the Infinera Corporation Transcend Network Management System Server 18.10.3 Security Target, Version 1.5, December 9, 2022. The project underwent CCEVS Validator review. The evaluation was completed in December 2022. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID11319-2022) prepared by CCEVS.
The logical boundaries of the Transcend Network Management System Server are realized in the security functions that it implements. Each of these security functions is summarized below.
The TOE uses Automated Cryptographic Validation Test System (ACVTS)-validated cryptographic algorithm implementations, provided by the Bouncy Castle cryptographic module installed with the TOE, to support asymmetric key generation, encryption/decryption, signature generation and verification and establishment of trusted channels to protect data in transit. The TOE implements a TLS server to securely communicate with a TNMS Client, implements a SSH client to securely communicate with managed network entities, and implements functionality to securely store key data related to secure communications. The TOE also relies on the underlying Java platform to generate entropy that is used as input data for the TOE’s deterministic random bit generator (DRBG).
User data protection:
The TOE does not access any hardware resources or sensitive information repositories other than network access. No sensitive data outside of secure credentials is stored in non-volatile memory. Inbound and outbound network communications are restricted to those that are TOE-initiated to configured network elements, responding to incoming TNMS Clients TLS connections for remote management, and checking for updates.
After installation, an administrator manages the TOE through a TNMS client, and the TOE stores administrator configurations in its database stored in the platform file system.
When configured with default credentials or no credentials, the TOE restricts its functionality and only allows the ability to set new credentials. By default, the TOE is configured with file permissions to protect itself and its data from unauthorized access.
The TOE does not transmit personally identifiable information (PII) over any network interfaces.
Protection of the TSF:
The TOE protects itself against exploitation by implementing address space layout randomization (ASLR) and by not allocating any memory region for both write and execute permission. The TOE uses standard platform APIs and includes a number of third party libraries used to perform its functions.
The TOE includes mechanisms to check for updates and to query the current version of the application software. TOE software is digitally signed and distributed using the platform-supported package manager. The TOE does not update its own binary code in any way and when removed, all traces of the TOE application software are deleted.
The TOE protects communications between itself and managed network entities using SSH and between itself and the TNMS Client using TLS.