National Information Assurance Partnership

Transcription

1 Natinal Infrmatin Assurance Partnership TM Cmmn Criteria Evaluatin and Validatin Scheme Validatin Reprt Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters Reprt Number: CCEVS-VR-VID Dated: 11 July 2008 Versin: 1.0 Natinal Institute f Standards and Technlgy Natinal Security Agency Infrmatin Technlgy Labratry Infrmatin Assurance Directrate 100 Bureau Drive 9800 Savage Rad STE 6757 Gaithersburg, MD Frt Gerge G. Meade, MD

2 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters ACKNOWLEDGEMENTS Validatin Team Dianne Hale Jerme Myers Cmmn Criteria Testing Labratry SAIC, Inc. Clumbia, Maryland ii

3 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters Table f Cntents 1 Executive Summary Interpretatins Threats t Security Identificatin Security Plicy Assumptins Clarificatin f Scpe Architectural Infrmatin Dcumentatin IT Prduct Testing Results f the Evaluatin Validatr Cmments/Recmmendatins Annexes Security Target Glssary...14 Bibligraphy...15 iii

4 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters 1

5 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters 1 Executive Summary The evaluatin f Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters was perfrmed by SAIC, in the United States and was cmpleted in May The evaluatin was carried ut in accrdance with the Cmmn Criteria Evaluatin and Validatin Scheme (CCEVS) prcess and scheme. The criteria against which the Fundry Netwrks TOE was judged are described in the Cmmn Criteria fr Infrmatin Technlgy Security Evaluatin, Versin 2.3 and Internatinal Interpretatins effective n 10, March The evaluatin methdlgy used by the evaluatin team t cnduct the evaluatin is the Cmmn Methdlgy fr Infrmatin Technlgy Security Evaluatin, Versin 1.0. Science Applicatins Internatinal Crpratin (SAIC) determined that the evaluatin assurance level (EAL) fr the prduct is EAL 2 family f assurance requirements augmented with ALC_FLR.1. The prduct, when cnfigured as specified in the installatin guides and user guides, satisfies all f the security functinal requirements stated in the Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters Security Target. This Validatin Reprt applies nly t the specific versin f the TOE as evaluated. The evaluatin has been cnducted in accrdance with the prvisins f the NIAP Cmmn Criteria Evaluatin and Validatin Scheme and the cnclusins f the testing labratry in the evaluatin technical reprt are cnsistent with the evidence adduced. This Validatin Reprt is nt an endrsement f the Tripwire prduct by any agency f the US Gvernment and n warranty f the prduct is either expressed r implied. The technical infrmatin included in this reprt was btained frm the Evaluatin Technical Reprt fr Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters (ETR) Parts 1 and 2 prduced by SAIC. Evaluatin Details Evaluated Prduct: Spnsr & Develper: CCTL: Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters: BigIrn RX family with IrnWare OS versin b, NetIrn XMR family with IrnWare OS versin a, NetIrn EdgeX family with IrnWare OS versin ; FastIrn SuperX series with IrnWare OS versin ; FastIrn MLX family with IrnWare OS versin a; FastIrn GS/LS Family with IrnWare OS versin a; FastIrn EdgeSwitch family with IrnWare OS versin a Fundry Netwrks, Inc 4980 Great America Parkway Santa Clara, CA Science Applicatins Internatinal Crpratin Cmmn Criteria Testing Labratry 7125 Clumbia Gateway Drive, Suite 300 Clumbia, MD

6 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters Cmpletin Date: May 2008 CC: Interpretatins: CEM: Evaluatin Class: Descriptin Cmmn Criteria fr Infrmatin Technlgy Security Evaluatin, Versin 2.3 There were n applicable interpretatins used fr this evaluatin. Cmmn Methdlgy fr Infrmatin Technlgy Security Evaluatin, Versin 2.3 EAL 2 augmented with ALC_FLR.1 The TOE is cmpsed f a hardware appliance with embedded sftware installed n the management prcessr f all ruters and switches. The hardware appliance is either a switch r a ruter and its sftware is a versin f Fundry Netwrks' prprietary IrnWare Operating System (IOS) and the sftware-based IrnShield Security Mdule. The Fundry IOS cntrls the switching and ruting f layer 2-3 and layer 4-7 netwrk frames and packets thrugh Fundry switch and ruter appliances. All switches and ruters are cnfigured at the factry with default parameters t allw immediate use f the system s basic features thrugh its Cmmand Line Interface (CLI). Hwever, the TOE shuld be cnfigured in accrdance with the evaluated cnfiguratin prir t being placed int peratin. The CLI is a text based interface which is accessible frm a directly cnnected terminal r via a remte terminal using SSH v2. The TOE cnsists f the fllwing prduct families f switches and ruters: FastIrn (Layer 2-3 Switches) NetIrn (IPv4/IPv6 and Multiprtcl Label Switching (MPLS)Ruters) BigIrn (Layer 3 Switches) The hardware platfrms that supprt the TOE have a number f cmmn hardware characteristics: Central prcessr that supprts all system peratins, i.e. PwerPC etc. Dynamic memry, used by the central prcessr fr all system peratins Flash memry, used t stre the perating system image Nn-vlatile memry, which stres cnfiguratin parameters used t initialize the system at system startup Multiple physical netwrk interfaces either fixed in cnfiguratin r remvable as in a chassis based prduct. 2

7 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters The basic peratin f the switches and ruters is as fllws: 1. At system startup the perating system is transferred frm flash memry t dynamic memry using a built-in hardware btstrap. 2. The perating system reads the cnfiguratin parameters frm the cnfiguratin file in nn-vlatile memry and then builds the necessary data structures in dynamic memry and begins peratin. During nrmal peratin, IP packets are sent t the management IP address r thrugh the appliance ver ne r mre f its physical netwrk interfaces, which prcesses them accrding t the system s cnfiguratin and state infrmatin dynamically maintained by the appliance. This prcessing typically results in the frames r packets being frwarded ut f the device ver anther interface, r drpped in accrdance with a cnfigured plicy. Disclaimer PP: Evaluatin Persnnel The infrmatin cntained in this Validatin Reprt is nt an endrsement f the Tripwire prduct by any agency f the U.S. Gvernment and n warranty f the Gatekeeper prduct is either expressed r implied. nne Shukrat Abbas Validatin Team: 1.1 Interpretatins The Evaluatin Team determined that there were n NIAP Interpretatins applicable t this evaluatin: 1.2 Threats t Security The fllwing are the threats that the evaluated prduct addresses: T.ACCESS An attacker may attempt t access the TOE thrugh an external interface in rder t alter the TOE cnfiguratin r therwise circumvent the TOE plicies s they can access netwrks/resurces fr which they are nt authrized. 3

8 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters T.AUDIT Attempts by external entities t vilate TOE security plicies may nt be detected. T.REMOTE Thrugh the interceptin f netwrk traffic, an attacker may attempt t btain r mdify TOE management/administratr secrets and cnfiguratin data that is either a parameter f TOE administrative cmmands, r part f a TOE administrative sessin, in rder t gain access t TOE management functins and/r cnfiguratin data fr the purpse f circumventing and/r altering TOE security plicy. 2 3 Identificatin The prduct being evaluated is Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters. Nte that the actual target f evaluatin is defined t be nly certain parts f the whle prduct. Security Plicy The fllwing security plicies are enfrced by the TOE: Security Audit: TOE generates audit recrds f user s actins that ccur n the TOE. The user actins include management actins, and attempts t lgin int the TOE. The TOE includes a limited strage buffer, but the recrds can be stred n a syslg server in the IT envirnment. Infrmatin Flw: The TOE uses ACLs t cntrl frwarding f netwrk data at specified prts n netwrk equipment t the netwrk and access t the management functins. There are tw types f ACLs that can be cnfigured, standard and extended. Standard ACLs permit r deny packets based n surce IP address nly. Extended ACLs take mre factrs int cnsideratin including IP prtcl infrmatin. The ACLs can be used t limit the hsts that can access the TOE and the netwrks, denying access t all ther hsts. Identificatin and Authenticatin: The TOE requires that all users are identified and authenticated befre any access t the management functins is permitted. The TOE prvides Authenticatin Methd lists, which are used t specify the rder in which the authenticatin mechanisms are emplyed whenever there are ne r mre authenticatin mechanisms available. Authenticatin mechanims are the lcal authenticatin and external authenticatin using RADIUS and TACACS/TACACS+ which is prvided by an external server in the IT envirnment. Security Management: The TOE includes a number f cmmand-line functins t manage its security plicies. These functins can be accessed using the Cmmand 4

9 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters Line Interface (CLI) (via a directly cnnected terminal r a remte SSH sessin). The security management functins are cntrlled thrugh the use f privileges assciated with rles that can be assigned t TOE users. Amng the available privileges, nly the Super User can actually manage the security plicies prvided by the TOE and the TOE ffers a cmplete set f functins t facilitate effective management. TSF prtectin: The TOE prtects itself frm tampering and bypass by ffering nly a limited and cntrlled set f functins at each f its physical interfaces t its envirnment. Cmmunicatin via thse interfaces is either directed at the TOE fr the purpse f administratin r is directed thrugh the TOE fr cmmunicatin amng netwrk devices. In bth cases the TOE implements a set f plicies t cntrl the services available and thse services are designed t prtect and ensure the secure peratin f the TOE. 4 Assumptins The fllwing assumptins are identified in the Security Target: A.EAUTH External authenticatin services will be available via RADIUS r TACACS/TACACS+. A.FLOW The TOE will be placed in a netwrk infrastructure such that infrmatin t be cntrlled will always flw thrugh the TOE. A.GOODADM An Authrized Administratr is nt careless, willfully negligent, nr hstile, and will fllw and abide by the instructins prvided by the Administratr dcumentatin. A.INSTALL The TOE has been delivered, installed, and setup in accrdance with dcumented delivery and installatin/setup prcedures. A.MANAGE There will be ne r mre cmpetent Authrized Administratr(s) assigned t manage the TOE and the security functins it perfrms. A.PHYSICAL The TOE will be apprpriately lcated within facilities prviding cntrlled access t prevent unauthrized physical access and t ensure that the TOE cntrls the applicable infrmatin flws. 5

10 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters 4.1 Clarificatin f Scpe All evaluatins (and all prducts) have limitatins, as well as ptential miscnceptins that need clarifying. This text cvers sme f the mre imprtant limitatins and clarificatins f this evaluatin. Nte that: As with any evaluatin, this evaluatin nly shws that the evaluated cnfiguratin meets the security claims made; and meets them with nly a certain level f assurance (EAL 2 augmented with ALC_FLR.1 in this case). As with all EAL 2 evaluatins, this evaluatin did nt specifically search fr vulnerabilities that were nt bvius (as this term is defined in the CC and CEM); seriusly attempt t find cunters t them; nr find vulnerabilities related t bjectives nt claimed in the ST. This evaluatin des nt verify all claims made in the prduct s end-user dcumentatin. The verificatin f the security claims is limited t thse claims made in the TOE SFRs and TOE Summary Specificatin (see ST sectins 5.1 and 6 respectively). The fllwing features must be disabled r restricted in the evaluated cnfiguratin: SNMP is assumed t be disabled in the evaluated cnfiguratin. Web Management Access is assumed t be disabled in the evaluated cnfiguratin. Telnet access is assumed t be used nly fr lcal, wired cnnectins (i.e., it is assumed t be disabled fr remte/netwrk access t the TOE). Strict Passwrd Enfrcement is assumed t be enabled in the evaluated cnfiguratin. The fllwing features were nt evaluated but can be used in the evaluated cnfiguratin: 802.1x Authenticatin, which is an authenticatin prtcl which allws users t be granted r refused access t a lcal area netwrk based n a set f credentials. In mst cases, 802.1x is used with a central RADIUS server. MAC authenticatin, which grants user access t a lcal area netwrk based n the PC s MAC address. BGP Guard, which is a security mechanism assciated with the BGP ruting prtcl. BGP Guard prtects yur BGP ruting tplgy by restricting the number f ruter hps the BGP sessin can traverse. 5 Architectural Infrmatin The TOE cnsists f the fllwing prduct families f switches and ruters: FastIrn (Layer 2-3 Switches) NetIrn (IPv4/IPv6 and Multiprtcl Label Switching (MPLS)Ruters) BigIrn (Layer 3 Switches) 6

11 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters The hardware platfrms that supprt the TOE have a number f cmmn hardware characteristics: Central prcessr that supprts all system peratins, i.e. PwerPC etc. Dynamic memry, used by the central prcessr fr all system peratins Flash memry, used t stre the perating system image Nn-vlatile memry, which stres cnfiguratin parameters used t initialize the system at system startup Multiple physical netwrk interfaces either fixed in cnfiguratin r remvable as in a chassis based prduct. The basic peratin f the switches and ruters is as fllws: 3. At system startup the perating system is transferred frm flash memry t dynamic memry using a built-in hardware btstrap. 4. The perating system reads the cnfiguratin parameters frm the cnfiguratin file in nnvlatile memry and then builds the necessary data structures in dynamic memry and begins peratin. During nrmal peratin, IP packets are sent t the management IP address r thrugh the appliance ver ne r mre f its physical netwrk interfaces, which prcesses them accrding t the system s cnfiguratin and state infrmatin dynamically maintained by the appliance. This prcessing typically results in the frames r packets being frwarded ut f the device ver anther interface, r drpped in accrdance with a cnfigured plicy. Each Irnshield Switch r Ruter frm ne f the Irnshield prduct families (BigIrn, NetIrn, and FastIrn) is a hardware appliance that runs a versin f Fundry Netwrks IrnWare Operating System (IOS) and the sftware-based IrnShield Security Mdule. In additin, each IrnShield Switch r Ruter has physical netwrk cnnectins t its envirnment t facilitate ruting and switching f netwrk traffic and can als be the destinatin f netwrk traffic, where it prvides interfaces fr its wn management. The TOE may be accessed and managed thrugh a PC r terminal in the envirnment which can be remte frm r directly cnnected t the TOE. The TOE can be cnfigured t frward its audit recrds t a syslg server in the envirnment. This is generally advisable given the limited audit lg strage space n the evaluated appliances. The TOE can als be cnfigured t use an external authenticatin service such as a RADIUS r TACACS/TACACS+ using an external server in the envirnment. The fllwing are mdels are the TOE: BigIrn: RX family with IrnWare OS versin b BI-RX-4-AC (4 slt device) BI-RX-8-AC (8 slt device) 7

12 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters BI-RX-16-AC (16 slt device) BI-RX-32-AC (32 slt device) NetIrn XMR family with IrnWare OS versin a NI-XMR-4-AC (4 slt device) NI-XMR-8-AC (8 slt device) NI-XMR-16-AC (16 slt device) NI-XMR-32-AC (32 slt device) MLX family with IrnWare OS versin a NI-MLX-4-AC (4 slt device) NI-MLX-8-AC (8 slt device) NI-MLX-16-AC (16 slt device) NI-MLX-32-AC (32 slt device) FastIrn SuperX series with IrnWare OS versin FI-SX1-AC (8 slt device with single management) FI-SX800-AC (8 slt device with redundant management) FI-SX1600-AC (16 slt device with redundant management) GS/LS Family with IrnWare OS versin a FLS624 (24 prt stackable) FLS648 (48 prt stackable) FGS624P (24 prt stackable) FGS624P-POE (24 prt stackable with Pwer ver Ethernet) FGS624XGP (24 prt stackable with integrated 10 Gig Interface) FGS624XGP-POE ( 24 prt stackable with integrated 10 Gig Interface with Pwer ver Ethernet) FGS648P (48 prt stackable) FGS648P-POE (48 prt stackable with Pwer ver Ethernet) 8

13 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters Edge X family with IrnWare OS versin FESX424 (24 prt stackable) FESX424-PREM (24 prt stackable with full L3 supprt) FESX424+1XG (24 prt stackable with ne prt 10 Gig Interface) FESX424+1XG-PREM (24 prt stackable with ne prt 10 Gig Interface with full L3 supprt) FESX424+2XG (24 prt stackable with tw prt 10 Gig Interface) FESX424+2XG-PREM (24 prt stackable with tw prt 10 Gig Interface with full L3 supprt) FESX448 (48 prt stackable) FESX448-PREM (48 prt stackable with full L3 supprt) FESX448+1XG (48 prt stackable with ne prt 10 Gig Interface) FESX448+1XG-PREM (48 prt stackable with ne prt 10 Gig Interface with full L3 supprt) FESX448+2XG (48 prt stackable with tw prt 10 Gig Interface) FESX448+2XG-PREM (48 prt stackable with tw prt 10 Gig Interface with full L3 supprt) FESX424HF (24 prt stackable (100FX/1000X)) FESX424HF-PREM (24 prt stackable (100FX/1000X) with full L3 supprt) FESX424HF+1XG (24 prt stackable (100FX/1000X) with ne 10 Gig Interface) FESX424HF+1XG-PREM (24 prt stackable (100FX/1000X) with ne 10 Gig Interface with full L3 supprt) FESX424HF+2XG (24 prt stackable (100FX/1000X) with tw 10 Gig Interface) FESX424HF+2XG-PREM (24 prt stackable (100FX/1000X) with tw 10 Gig Interface with full L3 supprt) FESX424-POE (24 prt stackable with Pwer ver Ethernet) FESX424-POE+1XG (24 prt stackable with ne prt 10 Gig Interface and Pwer ver Ethernet) FESX424-POE+2XG (24 prt stackable with tw prt 10 Gig Interface and Pwer ver Ethernet) FESX624 (24 prt stackable with hardware based IPv6 supprt) FESX624-PREM (24 prt stackable with hardware based IPv6 supprt and full L3 supprt) FESX624+2XG (24 prt stackable with hardware based IPv6 supprt and 2 10 Gig Interfaces) 9

14 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters FESX624+2XG-PREM (24 prt stackable with hardware based IPv6 supprt and 2 10 Gig Interfaces and full L3 supprt) FESX648 (48 prt stackable with hardware based IPv6 supprt) FESX648-PREM (48 prt stackable with hardware based IPv6 supprt and full L3 supprt) FESX648+2XG (48 prt stackable with hardware based IPv6 supprt and 2 10 Gig Interfaces) FESX648+2XG-PREM (48 prt stackable with hardware based IPv6 supprt and 2 10 Gig Interfaces and full L3 supprt) FESX624HF (24 prt stackable with hardware based IPv6 supprt (100FX/1000X)) FESX624HF-PREM (24 prt stackable with hardware based IPv6 supprt and full L3 supprt (100FX/1000X)) FESX624HF+2XG (24 prt stackable with hardware based IPv6 supprt and 2 10 Gig Interfaces (100FX/1000X)) FESX624HF+2XG-PREM (24 prt stackable with hardware based IPv6 supprt and 2 10 Gig Interfaces and full L3 supprt) Edge Switch family with IrnWare OS versin a FES2402 (24 prt stackable) FES2402-PREM (24 prt stackable with full L3 supprt) FES4802 (48 prt stackable) FES4802-PREM (48 prt stackable with full L3 supprt) FES9604 (96 prt stackable) FES9604-PREM (96 prt stackable with full L3 supprt) FES12GCF (12 prt stackable) FES12GCF-PREM (12 prt stackable with full L3 supprt) FES2402-POE (24 prt stackable with Pwer ver Ethernet) FES2402-POE-PREM (24 prt stackable with full L3 supprt and Pwer ver Ethernet) FES4802-POE (48 prt stackable with Pwer ver Ethernet) FES4802-POE-PREM (48 prt stackable with full L3 supprt and Pwer ver Ethernet) 10

15 6 VALIDATION REPORT Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters Dcumentatin Fllwing is a list f useful dcuments supplied by the develper when dwnlad frm the Fundry Netwrks website r shipped with the prduct. Evaluated: Fundry Switch and Ruter Cmmand Line Interface Reference, December 2007 Fundry Security Guide, December 2007 BigIrn: FastIrn Fundry BigIrn RX Series Installatin Guide, March 2008 Fundry BigIrn RX Series Cnfiguratin Guide, June 2008 Fundry Switch and Ruter Installatin and Basic Cnfiguratin Guide, December 2007 Fundry FastIrn Cmpact Switch Hardware Installatin Guide, December 2007 Fundry FastIrn Cnfiguratin Guide, June Fundry FastIrn GS Cmpact Layer 2 Switch POE and POE-Upgradeable Hardware Installatin Guide, December 2007 Fundry FastIrn LS Layer 2 Cmpact Switch Hardware Installatin Guide, December 2007 Fundry FastIrn X Series Chassis Hardware Installatin Guide, Nvember 2007 Fundry FastIrn Cmpact Switch Hardware Installatin Guide, December 2007 NetIrn: Fundry NetIrn MLX Series Installatin and Basic Cnfiguratin Guide, December 2007 Fundry NetIrn XMR Series Installatin and Basic Cnfiguratin Guide, December 2007 Fundry NetIrn XMR/MLX Cnfiguratin Guide, April 2008 Nt evaluated: Fundry Management Infrmatin Base Reference Release ntes Patch Release Ntes ReadMe MD5_Checksums The security target used is: Fundry Netwrks IrnShield (BigIrn, NetIrn, and FastIrn) Switches and Ruters Security Target, versin 0.92, July 10,

16 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters 7 IT Prduct Testing The evaluatin team applied each EAL 2 ATE CEM wrk unit. The evaluatin team ensured that the TOE perfrmed as described in the functinal specificatin and as stated in the TOE security functinal requirements. The evaluatin team perfrmed the vendr test suite, and devised an independent set f team test and penetratin tests. The vendr tests, team tests, and penetratin tests substantiated the security functinal requirements in the ST. The fllwing tasks were perfrmed by the evaluatin team: The develper test suite was examined and fund t prvide adequate cverage f the security functins. A selectin f the develper tests were run and the results fund t be cnsistent with the results generated by the develper. N vulnerabilities in the TOE were fund during a search f vulnerability databases. Tests devised frm pstulated vulnerabilities in the I&A mechanism revealed n prblems. The fllwing mdels were actually tested; NetIrn XMR Family (mdular) NI-XMR-4-AC (4 slt device) Cde Release IrnWare OS versin a NetIrn MLX Family (mdular) TOE-MLX NI-MLX-4-AC (4 slt device) Cde Release IrnWare OS versin a BigIrn RX Family (mdular) - hstname: TOE-RX BI-RX-4-AC (4 slt device) Cde Release IrnWare OS versin b FastIrn EdgeX Family (stackable -10/100/1000) FESX424HF-PREM (24 prt stackable (100FX/1000X) with full L3 supprt) Cde Release - IrnWare OS versin FastIrn EdgeSwitch Family (stackable-10/100) FES2402-PREM (24 prt stackable with full L3 supprt) Cde Release - IrnWare OS versin a 12

17 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters FastIrn SuperX Series (mdular) hstname: TOE-SX FI-SX1-AC (8 slt device with single management) Cde Release IrnWare OS versin FastIrn GS/LS Family (stackable-10/100/1000)* FGS624P (24 prt stackable) FLS648 (48 prt stackable) Cde Release IrnWare OS versin a The chsen mdels are a sample set f the mdels that are cnsidered the TOE. The set is deem adequate because the nly differences between the mdels with a given family is the number f interface slts available with the chassis and media type. The chassis sizes range frm 4, 8, 16, and 32 slts. Stackable devices prvide either 24 r 48 prts and are either cpper r fiber based. 8 9 Results f the Evaluatin The evaluatin team s assessment f the evaluatin evidence demnstrates that the claims in the ST are met. Additinally, the evaluatin team s perfrmance f a subset f the vendr tests suite, the independent tests, and the penetratin test als demnstrates the accuracy f the claims in the ST. Validatr Cmments/Recmmendatins The Validatrs fund that the evidence reviewed prir and during the Final Validatin Oversight Review (VOR) supprted the determinatin that the evaluatin and all f its activities were perfrmed in accrdance with the CC, the CEM, and CCEVS practices. Sme limitatins and clarificatins f the evaluated prduct are summarized in Sectin 4.1 f this dcument. In additin the fllwing prblem was identified by the CCTL during evaluatin. Errr with the cmmand used t change a user s passwrd. Existing usernames and passwrds cnfigured n a Fundry Device with specific privilege levels (super-user, read-nly, prt-cnfig) can be escalated t the super-user privilege level if the users passwrd is changed withut including the user s privilege level ptin in the syntax. The issue is dcumented in the NIAP-CCEVS Certificatin Appendix A t the Fundry Security Guide and in the Cnfiguratin Guides. 10 Annexes Nt applicable. 13

18 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters Security Target The security target fr this prduct s evaluatin is Fundry Netwrks IrnShield (BigIrn, NetIrn, and FastIrn) Switches and Ruters Security Target, versin 0.92, July 10, 2008 Glssary There were n definitins used ther than thse used in the CC r CEM. 14

19 Fundry Netwrks IrnShield (BigIrn, NetIrn, FastIrn, and FastIrn Edge) Switches and Ruters Bibligraphy The Validatin Team used the fllwing dcuments t prduce this Validatin Reprt: [1] Cmmn Criteria fr Infrmatin Technlgy Security Evaluatin Part 1: Intrductin and general mdel, dated August 2005, Versin 2.3. [2] Cmmn Criteria fr Infrmatin Technlgy Security Evaluatin Part 2: Security functinal requirements, dated August 2005, Versin 2.3. [3] Cmmn Criteria fr Infrmatin Technlgy Security Evaluatin Part 2: Annexes, dated August 1999, Versin 2.1. [4] Cmmn Criteria fr Infrmatin Technlgy Security Evaluatin Part 3: Security assurance requirements, dated August 2005, Versin 2.3. [5] Cmmn Evaluatin Methdlgy fr Infrmatin Technlgy Security Part 1: Intrductin and general mdel, dated 1 Nvember 1998, versin 0.6. [6] Cmmn Evaluatin Methdlgy fr Infrmatin Technlgy Security Part 2: Evaluatin Methdlgy, dated August 2005, versin 2.3. [7] Part 2: Evaluatin Methdlgy, Supplement: ALC_FLR - Flaw Remediatin, Versin 1.1, February 2002, CEM-2001/0015R [8] Evaluatin Technical Reprt fr Fundry Netwrks IrnShield (BigIrn, NetIrn, and FastIrn) Switches and Ruters Security Part II, versin 1.0 July 10, 2008 [9] Fundry Netwrks IrnShield (BigIrn, NetIrn, and FastIrn) Switches and Ruters Security Target, versin 0.92, July 10, [10] NIAP Cmmn Criteria Evaluatin and Validatin Scheme fr IT Security, Guidance t Cmmn Criteria Testing Labratries, Versin 1.0, March 20,