ASSURANCE CONTINUITY MAINTENANCE REPORT FOR IAS Router

Transcription

1 ASSURANCE CONTINUITY MAINTENANCE REPORT FOR Maintenance Update of Maintenance Report Number: CCEVS-VR-VID a Date of Activity: 18 January 2017 References: Common Criteria document CCIMB Assurance Continuity: CCRA Requirements, version, February 2004; Impact Report for Documentation Updated: Security Target V2.5 VPN Gateway Guidance Document v2.0 Assurance Continuity Maintenance Report: The vendor for the submitted an IAR to CCEVS in November 2016 for approval of adding five new appliances to certified Target of Evaluation (TOE). The original TOE was evaluated against the NDPP and the associated VPN Gateway EP in December 2015 as VID The IAR is intended to satisfy requirements outlined in Common Criteria document CCIMB , Assurance Continuity: CCRA Requirements, version, February In accordance with those requirements, the IAR describes the changes made to the certified TOE, the evidence updated as a result of the changes and the security impact of the changes. Changes to TOE: The original TOE consist of the following appliances shown in Table 1. Table 1 Configuration of Appliances in Original TOE Original Appliances Hardware Software Crypto Implementation Comment IAS STEW Rev. (Router with non-toe VPN GW functionality) version IAS KG-RU Rev. (Router with non-toe VPN GW functionality) version Micro Rev., version

2 Table 2 list the configurations of the 3 original appliances that the vendor has updated. Table 2 Configuration of the Updated Appliances Original Appliances IAS STEW Rev. (Router with non-toe VPN GW functionality) IAS KG-RU Rev. (Router with non-toe VPN GW functionality) Micro Rev., Hardware Software Crypto Implementation Comment but embedded but embedded but embedded The only change to the original devices was to found as a vulnerability analysis. These updates were the result of normal product maintenance when bugs and CVEs were discovered. This activity is expected and necessary. The validators judge the updates to the software/firmware should be considered minor.

3 Table 3 list the configurations of five new appliances the vendor wants to add. Table 3 Configuration of the New Appliances New Appliances Hardware Software IAS VPN Gateway Module COMPACT Rev. VPN NANO PLUS Rev IAS VPN Gateway Module NANO Rev. Crypto Implementation Comment embeddable module used in original IAS Router MICRO Change is to add device identical to MICRO but the enclosure is absent and carrier functionality is on a non-toe module This router module uses the same processor, software, and crypto module as the The change is that this device uses a high density board to board connector to interface to a carrier PCB (not on the TOE, in order to present the evaluated interfaces, that are present in the high density connectors, to industry standard RJ-45, USB, serial, console connectors. This device has no enclosure. embeddable module. Only difference from the NANO Plus in that is the number of cores and power consumption.

4 PICO Rev appliance that uses the same processor, software, and crypto module as the The only difference between the IAS Router PICO and the MICRO ( CC certified) is the number of RJ45 Ethernet ports, USB ports and physical form factor. GRAPHITE Rev appliance that uses the same processor, software, and crypto module as the The only difference between the IAS Router GRAPHITE and the MICRO is the use of an VPN NANO, instead of the VPN COMPACT, and the number of RJ45 Ethernet ports, USB ports and physical form factor. Three of the new devices are embedded modules rather than appliances like the devices from the original evaluation. The equivalency argument is that the new device modules use the same hardware processor, minor updates to the software/firmware, and minor updates to crypto modules as the evaluated routers down to the device driver level of granularity. The changes are: 1. The new embedded devices use a high density board to board connector to interface to a carrier PCB, not on the TOE, in order to present the evaluated interfaces, that are present in the high density connectors, to industry standard RJ-45, USB, serial, console connectors. The new embedded devices also have no enclosures. Since the modules are identical to evaluated devices down to device drivers, the validators judge these changes to be minor. 2. The validators judge the updates to the software/firmware should be considered minor. These updates were the result of normal product maintenance when bugs and CVEs were discovered. This activity is expected and necessary.

5 The two other new devices, PICO Rev and GRAPHITE Rev, are small form factor appliances that use the same hardware processor, minor updates to the software/firmware, and minor updates to crypto modules as the evaluated routers. 1. One difference between the PICO and the MICRO ( CC certified) is the number of RJ45 Ethernet ports, USB ports and physical form factor. The validators judge these changes to be minor. 2. The validators judge the updates to the software/firmware should be considered minor. These updates were the result of normal product maintenance when bugs and CVEs were discovered. This activity is expected and necessary. The vendor performed a search of public information ( and to determine if known vulnerabilities existed in network infrastructure devices, the embedded software packages utilized in Firmware, the cryptographic library, and the implemented communication protocols in general, as well as those that pertain to the particular TOEs. CVEs were discovered in three embedded software packages within the ) software. As a result of finding these CVEs, the identified software modules were updated to the latest releases of the identified software modules. The ) software package, with the updated embedded software modules, was relabeled as. Regression Testing The vendor performed regression testing of the TOEs and confirmed that the TOEs exhibited no changes in the way they operated, and that the TOEs performed as expected. CAVP Cert The validators did an analysis of the CAVP certs listed in the ST. All certs were valid. CCEVS confirmed that the certs were valid. Conclusion: CCEVS reviewed the description of the changes and the analysis of the impact upon security, and found it to be minor. Therefore, CCEVS agrees that the original assurance is maintained for the above-cited version of the product.