Certification Report: SERTIT

Certification Report: SERTIT
Sertifiseringsmyndigheten for IT-sikkerhet Norwegian Certification Authority for IT Security
SERTIT-061 CR Certification Report
Issue 1.0 4 June 2015
Huawei NetEngine5000E Core Router V800R006 build C00SPC200
CERTIFICATION REPORT - SERTIT STANDARD REPORT TEMPLATE SD 009 VERSION 2.1 11.11.2011
SERTIT, Postboks 814, 1306 Sandvika, NORWAY
Phone: +47 67 86 40 00 Fax: +47 67 86 40 09 E-mail: [email protected] Internet: www.sertit.no
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
ARRANGEMENT ON THE RECOGNITION OF COMMON CRITERIA CERTIFICATES IN
THE FIELD OF INFORM ATION TECHNOLOGY SECURITY
SERTIT, the Norwegian Certification Authority for IT Sec urity, is a member of the
above Arrangement and as such this confirms that the Common Criteria certificate
has been issued by or under the authority of a Party to this Arrangement and is the
Party’s cla im that the certificate has been issued in accordance with the terms of
this Arrangement
The judgements contained in the cert ificate and Cert ification Report are those of
SERTIT which issued it and the Norwegian evaluation facility (EVIT) which carried
out the evaluation. There is no implication of acceptance by other Members of the
Agreement Group of liability in respect of those judgements or for loss sustained as
a result of reliance pla ced upon those judgements by a third party.
The Common Criteria Recognition Arrangement logo printed on the certificate
indicates that this certificat ion is recognised under the terms of the CCRA May 23 r d
2000. The recognition under the CCRA is limited to EAL 4 and ALC_FLR CC part 3
components.
MUTUAL RECOGNITION AGREEMENT OF INF ORMATION TECHNOLOGY SECURITY
EVALUATION CERTIFICATES (SOGIS M RA)
SERTIT, the Norwegian Certification Authority for IT Security, is a member of the
above Agreement and as such this confirms that the Common Criteria certificate
has been issued by or under the authority of a Party to this Agreement and is the
Party’s cla im that the certificate has been issued in accordance with the terms of
this Agreement
The judgements contained in the cert ificate and Cert ification Report are those of
SERTIT which issued it and the Norwegian evaluation facility (EV IT) which carried
out the evaluation. There is no implication of acceptance by other Members of the
Agreement Group of liability in respect of those judgements or for loss sustained as
a result of reliance pla ced upon thos e judgements by a third party. **
** Mutual Recognition under the SOGIS MRA recognition agreement applies to EAL 3
Page 2 of 22
SERTIT-061 CR Issue 1.0
4 June 2015
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
Contents
1
Certification Statement
5
2
Abbreviations
6
3
References
8
4
4.1
4.2
4.3
4.4
4.5
4.6
4.7
4.8
4.9
4.10
4.11
4.12
4.13
4.14
4.15
4.16
4.17
Executive Summary
Introduction
Evaluated Product
TOE scope
Protection Profile Conformance
Assurance Level
Security Policy
Security Claims
Threats Countered
Threats Countered by the TOE’s environment
Threats and Attacks not Countered
Environmental Assumptions and Dependencies
IT Security Objectives
Non-IT Security Objectives
Security Functional Requirements
Security Function Policy
Evaluation Conduct
General Points
9
9
9
9
9
10
10
10
10
11
11
11
11
12
12
13
14
14
5
5.1
5.2
5.3
5.4
5.5
5.6
5.7
Evaluation Findings
Introduction
Delivery
Installation and Guidance Documenta tion
Misuse
Vulnerability Analysis
Developer’s Tests
Evaluators’ Tests
15
16
16
16
16
16
17
17
6
6.1
6.2
Evaluation Outcome
Certifica tion Result
Recommendations
18
18
18
Annex A: Evaluated Configuration
TOE Identification
TOE Documenta tion
TOE Configuration
Environmental Configuration
SERTIT-061 CR Issue 1.0
4 June 2015
19
19
21
21
21
Page 3 of 22
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
Page 4 of 22
EAL 3 +
SERTIT-061 CR Issue 1.0
4 June 2015
Huawei NetEngine5000E Core Router
Version V800R006 build COOSPC200
. . . . .., - .. ,....
. ...
,.
.. .. -. ..
, . ,
,
.. ,_
EAL 3 +
,.
•
0....
•••••
•
,
•••••
0
• _ ......•.
•
"0
•••••••
'"
•
•
••••
0­
..
"
,
•
.
eo'
. , •••
Certifi'cation Statement
1
Huawei Technologies Huawei NetEngine5000E Core Router is a core router developed
to meet the requirement of carrier-class reliability.
Huawei NetEngine5000E Core Router version V800R006 build COOSPC200 has been
evaluated under the terms of the Norwegian Certification Scheme for IT Security and
has met the Common Criteria Part 3 (ISO/IEC 15408) conformant requirements of
Evaluation Assurance Level EAL 3 augmented with ALC_CMC.4 for the specified
Common Criteria Part 2 (ISO/IEC 15408) conformant functionality in the specified
r
environment when running on the platforms specified in Annex A.
va Ii
r-----r~~ar::;i:: ~g er K 5S~ ~JV"--1-.
..
-.------------------1
g
d ~J{ ~O()
u
lh 0
!ArneH0 y eRa e
IQualityAssurance
I
Quality Assurance
I f'ystein
IAPproved
I,'.
I
Date a pp rove d
L
SERTIT -061 CR Issue 1.0
4June2015
i
--'
Hol-e- -
Head of SERTIT
.
-
l V-
t ( ~
-----1
---­
JIJ
.ftJ"-t
~-u-n-e-2-0-1-5-----."L-----·_--------j
---'-
.
_
Page 5 of 22
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
2
EAL 3 +
Abbreviations
AES
Advanced Encrypt ion Standard
CC
Common Criteria for Information Technology Security Evaluat ion
(ISO/IEC 15408)
CCC
Cluster Centra l Chassis
CCRA
Arrangement on the Recognition of Common Criteria Cert ificates in the
Field of Information Technology Securit y
CEM
Common Methodology for Information Technology Securit y Evaluation
CF
Compact Flash
CLC
Cluster Line -card Chassis
CLI
Command Line Interface
DSA
Digital Signature Algorithm
EAL
Evaluation Assurance Level
EOR
Evaluation Observation Report
ETH
Ethernet
ETR
Evaluation Technica l Report
EVIT
Evaluation Facility under the Norwegian Certification Scheme for IT
Security
EWP
Evaluation Work Plan
GUI
Graphical User Interface
IS-IS
Intermediate System t o Intermediate System
LMT
Loca l Maintenance Terminal
LPU
Line Process Unit
MD5
Message -Digest Algorit hm 5
MPU
Main Process Unit
NE
NetEngine
NMS
Network Mana gement Sub -system
OFC
Optical Flexible Card
POC
Point of Contact
PP
Protect ion Profile
QP
Qualified Participant
Page 6 of 22
SERTIT-061 CR Issue 1.0
4 June 2015
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
RMT
Remote Maintenance Terminal
RSA
Rivest Shamir Adleman
SERTIT
Norwegian Certification Authority for IT Security
SFE
Switch Fabric Extend unit
SFR
Security Functional Requirement
SFU
Switching Fabric Unit
SPM
Security Policy Model
SPU
Service Process Unit
ST
Security Target
TOE
Target of Evaluation
TSF
TOE Security Functions
TSP
TOE Security Policy
SERTIT-061 CR Issue 1.0
4 June 2015
EAL 3 +
Page 7 of 22
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
3
EAL 3 +
References
[1]
Huawei NetEngine5000E Core Router V800R006 Security Target, version
1.6, 28 August 2014 .
[2]
Common Criteria Part 1, CCMB -2012-09-001, Version 3.1 R4, September
2012.
[3]
Common Criteria Part 2, CCMB -2012-09-002, Version 3.1 R4, September
2012.
[4]
Common Criteria Part 3, CCMB -2012-09-003, Version 3.1 R4, September
2012.
[5]
The Norwegian Cert ification Scheme, SD001E, Version 8.0, 20 August 2010 .
[6]
Common Methodology for Information Technology Securit y Evaluation,
Evaluation Methodology, CCMB -2012-09-004, Version 3.1 R4, September
2012.
[7]
Evaluation Technica l Report Common Criteria EAL3+ Evaluation of t he
Huawei NetE ngine5000E Core Router V800R006, version 1.1, 25 August
2014
[8]
NE5000E V800R006C00 Product Manua l, v1.0 , 15 t h April, 2014
[9]
Common Criteria Security Evaluation – Certified Configuration, v1.3 , 5 t h
June 2014
Page 8 of 22
SERTIT-061 CR Issue 1.0
4 June 2015
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
4
EAL 3 +
Executive Summary
4.1 Introduction
This Cert ification Report states the outcome of the Common Criteria securit y
evaluation of Huawei NetEngine5000E Core Router version V800R006 build
C00SPC200 to the Sponsor, Huawei Technologies , and is intended t o assist
prospective c onsumers when judging the suita bility of the IT security of the product
for their particular requirements.
Prospective consumers are advised to rea d this report in conjunct ion with the
Security Target [1] which specifies the functional, environmental and assurance
evaluation requirement s.
4.2 Evaluated Product
The version of the product evaluated was Hua wei NetEngine500 0E Core Router and
version V800R006 build C00SPC200 .
This product is a lso described in this report a s the Target of Evaluation ( TOE). The
developer was Huawei Technologies .
Huawei NetEngine5000E Core Router V800R006, which has large capacity and high
performance, is developed to meet the requirement of carrier -class reliability. Based
on the powerful versatile routing platform (VRP), the NE5000E provides strong
switching capabilit ies, dense ports, and high reliabilit y. NE5000Es mainly serve as
super -core nodes on ca rriers' backbone networks, core nodes on met ropolitan area
networks (MANs), egresses in large -scale Internet data centres (IDCs), or core nodes
on large-scale enterprise netw orks. NE5000E clusters are posit ioned as super -core
nodes on ba ckbone net works, support ing Layer 3 rout ing and Multiprotocol Label
Switching (MPLS) forwarding. The TOE consists of both hardware and software.
At the core of each chassis is the Versatile Routing Platform (VRP), the software for
managing and running the router’s networking funct iona lity. VRP provides extensive
securit y features. These features include assigning different privileges to
administration users with different privilege levels; en forcing authentications prior
to establishment of administrative sessions with the TOE; auditing of security relevant management activit ies; as well as t he correct enforcement of routing
decisions to ensure tha t network traffic gets forwarded to the correc t interfaces.
Details of the evaluated configuration, including the TOE’s supporting guidance
documentation, are given in Annex A.
4.3 TOE scope
The TOE scope is described in the ST [1], chapt er 1.4.2 and 1.4.3.
4.4 Protection Profile Conformance
The Security Target [1] did not claim conforma nce to any protection profile.
SERTIT-061 CR Issue 1.0
4 June 2015
Page 9 of 22
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
4.5 Assurance Level
The assurance incorporated predefined evalua tion assurance level EAL 3, augmented
by ALC_CMC.4. Common Criteria Part 3 [4] describes the scale of assurance given by
predefined assurance levels EAL1 to EAL7. An overview of CC is given in CC Part 1 [2].
4.6 Security Policy
There are no Organizat ional Security Policies or rules with which the TOE must
comply.
4.7 Security Claims
The Security Target [1] fully specifies the TOE’s securi ty objectives, t he threats which
these objectives meet and security functional requirements and security functions to
elaborate the objectives. All of the SFR’s are t aken from CC Part 2 [3]; use of this
standard facilitates comparison with other evaluated products.
4.8 Threats Countered
T.UnwantedNetworkTra ffic
Unwanted network traffic sent to the TOE will not only consume the TOE’s
processing ca pacity for incoming network traffic thus fails to process traffic
expected t o be processed, but an internal traffic jam might happen when those
traffic are sent to MPU from LPU within the TOE. This ma y cause denial of
service of TOE.
This may further cause the TOE fails to respond t o system control a nd security
management operations.
Routing information exchanged between the TOE and peer routes ma y also be
affected due to the tra ffic overload.
T.UnwantedNetworkTra ffic
A user who is not a user of the TOE gains a ccess to the TOE.
T.UnauthorizedAccess
A user of the TOE authorized t o perform certa in actions and a ccess certain
information gains access to commands or information he is not authorized for.
This threat also includes data leakage to non -intended person or device
T.Eavesdrop
An eavesdropper (remote attacker) in the management network served by the
TOE is able to intercept , and potent ially modify or re -use informat ion assets
that are exchanged bet ween TOE and LMT/RMT.
Page 10 of 22
SERTIT-061 CR Issue 1.0
4 June 2015
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
4.9 Threats Countered by the TOE’s environment
There are no thre ats countered by the TOE’s environment .
4.10 Threats and Attacks not Countered
No threats or attacks t hat are not countered are described.
4.11 Environmental Assumptions and Dependencies
It is assumed that the TOE (including any console attached, access of CF card) is
protected against unauthorized physica l access.
The environment is supposed to provide supporting mechanism to the TOE:
A Radius server or TACACS+ server for external authentication/authorization
decisions;
NMS, logging server and alarm server used fo r administration of the TOE
In addit ion, it is a ssumed the Radius server, and TACACS+ server, and the NMS are all
trusted and will not be used to attack the TO E.
Peer router(s) for the exchange of dynamic routing information;
A remote ent ities ( PCs) used for administration of the TOE.
It is assumed that the ETH interface on MPU in the TOE will be accessed only through
sub-network where the TOE hosts. The sub -network is separate from the application
(or, public) networks where the interfaces on LPU in the TOE are accessible.
The authorized users will be competent, and not careless or willfully negligent or
hostile, and will follow and abide by t he inst ructions provided by the TOE
documentation.
4.12 IT Security Objectives
The following objectives must be met by the TOE:
O.DeviceAvail
The TOE shall ensure its own availabilit y.
O.UserAvail
The TOE shall ensure a uthorized users can access network resources through
the TOE.
O.DataFilter
The TOE shall ensure that only allowed traffic goes through the TOE.
O.Communicat ion
The TOE must implement logical protection measures for network
communication between the TOE and LMT/RMT from the operational
environment.
SERTIT-061 CR Issue 1.0
4 June 2015
Page 11 of 22
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
O.Authorization
The TOE shall implement different authorizat ion levels that can be assigned to
administrators in order to restrict the functionality that is availa ble to
individual administrators.
O.Authentication
The TOE must authenticate users of its user a ccess.
O.Audit
The TOE shall provide functionalit y to generate audit records for security relevant administ rator actions.
4.13 Non-IT Security Objectives
OE.NetworkElements The operational environment shall provide securely and
correctly working network devices as resources that the TOE needs t o
cooperate with. Behaviors of such network devices provided by operation al
environment shall be a lso secure and correct. For example, other routers for
the exchange of routing information, PCs used for TOE administration, and
Radius and TACACS+ servers for obtaining authentication and authorization
decisions.
OE.Physical The TOE (i.e., the complete system including attached
peripherals, such as a console, and CF card inserted in the MPU) sha ll be
protected against unauthorized physica l access.
OE.NetworkSegregation
The operational environment shall provide
segregation by deploying the Ethernet interfa ce on MPU in TOE into a local
sub-network, compared to the interfa ces on LPU in TOE serving the application
(or public) network.
OE.Person
Personnel working as authorized a dministrators shall be carefully
selected for trustwor thiness and trained for proper operat ion of the TOE.
4.14 Security Functional Requirements
FAU_GEN.1 Audit data generation
FAU_GEN.2 User ident ity associat ion
FAU_SAR.1 Audit review
FAU_SAR.3 Selectable audit review
FAU_STG.1
Protected audit tra il st orage
FAU_STG.3
Action in case of possible audit data loss
FCS_COP.1/AES
Cryptogra phic operation
FCS_COP.1/3DES
Cryptogra phic operation
FCS_COP.1/RSA
Cryptogra phic operation
FCS_COP.1/MD5
Cryptogra phic operation
FCS_COP.1/HMAC -MD5
Cryptogra phic operation
FCS_COP.1/DHKeyExchange
Cryptogra phic operation
FCS_COP.1/DSA
Cryptogra phic operation
FCS_CKM.1/AE S
Cryptogra phic key generation
FCS_CKM.1/3DES
Cryptogra phic key generation
FCS_CKM.1/RSA
Cryptogra phic key generation
Page 12 of 22
SERTIT-061 CR Issue 1.0
4 June 2015
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
FCS_CKM.1/HMAC_MD5
Cryptogra phic key gen eration
FCS_CKM.1/DHKey Cryptogra phic key generation
FCS_CKM.1/DSA
Cryptogra phic key generation
FCS_CKM.4/3DES -AE S
Cryptogra phic key dest ruction
FCS_CKM.4/RSA
Cryptogra phic key dest ruction
FCS_CKM.4/HMAC_MD5
Cryptogra phic key dest ruction
FCS_CKM.4/DHK ey Cryptogra phic key dest ruction
FCS_CKM.4/DSA
Cryptogra phic key dest ruction
FDP_ACC.1
Subset access control
FDP_ACF.1
Security attribute based access control
FDP_DAU.1 Basic Data Authenticat ion
FDP_IFC.1(1) Subset information flow control - CPU-defend
FDP_IFC.1(2) Subset information flow control - Data plane traffic control
FDP_IFF.1(1) Simple security attributes - CPU-defend
FDP_IFF.1(2) Simple security attributes – Data plane traffic control
FIA_AFL.1
Authentication fa ilure handling
FIA_ATD.1
User attribute definition
FIA_SOS.1
Verification of secrets
FIA_UAU.1
Timing of authent ication –Administrator Aut hentication
FIA_UAU.5
Multiple authent ication mechanisms
FIA_UID.1
Timing of ident ification – Administrator Identification
FMT_MOF.1 Management of securit y funct ions behaviour
FMT_MSA.1 Management of securit y attributes
FMT_MSA.3 Static attribute initialization
FMT_SMF.1 Specification of Mana gement Funct ions
FMT_SMR.1 Security roles
FPT_STM.1
Relia ble t ime stamps
FTA_SSL.3
TSF-initiated termi nation
FTA_TSE.1
TOE session establishment
FTP_TRP.1
Trusted path
FTP_ITC.1
Trusted channel
4.15 Security Function Policy
At the core of each chassis is the Versatile Routing Platform (VRP), the software for
managing and running the router’s networking funct iona lity. VRP provides extensive
securit y features. These features include assigning different privileges to
administrat ion users with different privilege levels; enforcing authentications prior
to establishment of administrative sessions with the TOE; auditing of security relevant management activit ies; as well as t he correct enforcement of routing
decisions to ensure tha t network traffic gets forwarded to the correct interfaces.
The Main Processing Units (MPU) integrate the main control unit and the system
maintenance unit. The MPU controls and manages the system in a centralized way
and is responsible for data exchange.
SERTIT-061 CR Issue 1.0
4 June 2015
Page 13 of 22
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
The Line Processing Units (LPU) are the actual hardware providing network traffic
processing ca pacity. Network traffic is processed and forwarded according to routing
decisions downloaded from VRP.
Besides the MPUs and LPUs, there are other t ypes of boards on TOE, such as Switch
Fabric Unit (SFU), Swit ch Fabric Extend unit ( SFE), ICU, ECU and OFC. Only MPU and
LPU are securit y relevant.
4.16 Evaluation Conduct
The eva luation was carried out in accordance with the requirements of the
Norwegian Certification Schem e for IT Security as described in SERTIT Document
SD001[5]. The Scheme is managed by the Norwegian Certification Authorit y for IT
Security (SERTIT). As st ated on pag e 2 of this Certification Report, SERTIT is a
member of the Arrangement on the Recognition of Common Criteria Certificates in
the Field of Information Technology Securit y (CCRA), and the Senior Officia ls Group
Information Systems Security (SOGIS) and the evaluation was conducted in
accordance with the terms of this Arrangement.
The purpose of the eva luation wa s to provide assurance about the effectiveness of
the TOE in meet ing its Security Target [1], which prospective consumers are advised t o
read. To ensure that the Security Target [1] gave an appropriate baseline for a CC
evaluation, it was first itself evaluated. The TOE was then evaluated against this
baseline. Both parts of the evaluation were performed in accordance with CC Part
3[4] and the Common Evaluation Methodology (CEM) [6]. [Note any significant use of
Interpretations [7]].
SERTIT monitored the evaluation which was carried out by the Brightsight B.V.
Commercial Evaluation Facility ( CLEF/EVIT). The evaluation was completed when the
EVIT submitted the E valuation Technical Report (ETR) [7] to SERTIT in 25 August 2014 .
SERTIT then produced t his Certification Report.
4.17 General Points
The eva luation a ddressed the security funct ionality claimed in the Security Target [1]
with reference to the a ssumed operating environment specified by the Security
Target[1]. The eva luated configuration was that specified in Annex A. Prospect ive
consumers are advised to check that this matches their identified requirements and
give due consideration to the recommendations and caveats of this report.
Certification does not guarantee that the IT product is free from security
vulnera bilities. This Certif ication Report and the belonging Certifica te only reflect
the view of SE RTIT at t he time of cert ification. It is furthermore the responsibility of
users (both exist ing and prospective) to check whether any security vulnera bilities
have been discovered sinc e the date shown in this report. This Certification Report is
not an endorsement of the IT product by SERTIT or any other organization that
recognizes or gives effect to this Cert ification Report, and no warra nty of the IT
product by SE RTIT or any other or ganizat ion t hat recognizes or gives effect to this
Certification Report is either expressed or implied.
Page 14 of 22
SERTIT-061 CR Issue 1.0
4 June 2015
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
5
EAL 3 +
Evaluation Findings
The eva luators examined the following assurance classes and components taken from
CC Part 3[4]. These cla sses comprise the E AL 3 assurance package a ugmented with
ALC_CMC.4.
Assurance class
Development
Guidance documents
Life -cycle support
Security Target
evaluation
Tests
Vulnerabilit y
assessment
Assurance components
ADV_ARC.1
Security architecture description
ADV_FSP.3
Functional specification with complete summary
ADV_TDS.2
Architectural design
AGD_OPE.1
Operational user guida nce
AGD_PRE.1
Preparative procedures
ALC_CMC.4
Production support, acceptance procedures and
automation
ALC_CMS.3
Problem tracking CM coverage
ALC_DEL.1
Delivery procedures
ALC_DVS.1
Identification of security measures
ALC_LCD.1
Developer defined life -cycle model
ASE_CCL.1
Conformance cla ims
ASE_ECD.1
Extended components definition
ASE_INT.1
ST introduct ion
ASE_REQ.2
Derived security requirements
ASE_SPD.1
Security problem definition
ASE_OBJ.2
Security objectives
ASE_TSS.1
TOE summary specifica tion
ATE_COV.2
Analysis of coverage
ATE_DPT.1
Testing: basic design
ATE_FUN.1
Functional test ing
ATE_IND.2
Independent testing - sample
AVA_VAN.2
Vulnerabilit y analysis
All assurance classes were found to be satisfa ctory and were awarded an overall
“pass” verdict.
SERTIT-061 CR Issue 1.0
4 June 2015
Page 15 of 22
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
5.1 Introduction
The eva luation a ddressed the requirements specified in the Securit y Target [1]. The
results of this work were reported in the ETR [7] under the CC Part 3 [4] headings. The
following sections not e considerations that a re of part icular relevance to either
consumers or those involved with subsequent assurance ma intenance and re evaluation of the TOE.
5.2 Delivery
On receipt of the TOE, the consumer is recommended t o check that t he evaluated
version has been supplied, and to check that the security of the TOE has not been
compromised in delivery.
5.3 Installation and Guidance Documentation
Installation of the TOE must be performed completely in accordance with the
guidance listed in the ST[1] chapter 1.4.2 and Preparative Procedures documents [8]
provided by the develop er. The Common Criteria Security E valuation – Certified
Configuration [9] describes all necessary steps to configure the TOE in the cert ified
configuration.
These documents are a collection of all security relevant operations and settings that
must be observed t o ensure that the TOE operates in a secure manner.
5.4 Misuse
There is always a risk of intentional and unint entional misconfigurations that could
possibly compromise confidential information. The user should always follow the
guidance for the TOE in order to ensure that the TOE operates in a secure manner.
The guidance documents adequately describe the mode of operation of the TOE, all
assumptions a bout the inte nded environment and all requirements for external
securit y. Sufficient guidance is provided for t he consumer t o effect ively use the TOE’s
securit y functions.
5.5 Vulnerability Analysis
The Evaluators’ vulnera bility analysis was based on both public domain sou rces and
the visibilit y of the TO E given by the evaluation process.
The eva luators assessed which potential vulnerabilities were alrea dy tested by the
developer and assessed the results.
The rema ining potentia l vulnerabilit ies were tested by Brightsight on the final
version of the TOE.
Page 16 of 22
SERTIT-061 CR Issue 1.0
4 June 2015
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
5.6
EAL 3 +
Developer’s Tests
The Developer Test Plan consists of 12 different categories of tests of 1 -25 tests. The
categories are based on major groupings of security funct iona lity, a nd, in
combination cover a ll SFRs and TSFIs.
5.7 Evaluators’ Tests
Since t he evaluator ha s evaluated similar devices from the same developer three
times before under supervision of SERTIT, the test plan of the developer has
considera bly improved and covered a ll SFRs/TSFIs, and also included all the
penetration tests the evaluator has performed for m the previous TOE s. As a result,
the limited number of the general security functiona lity tests (such as
authentication, authorization, managing) has been sampled, and several penetration
tests also ha s been sam pled to ensure the developer performed them correctly. The
evaluator also analysed the Developer Test Plan to see where a ddit ional ATE tests
could be performed, and selected 3 addit ional tests .
All of these tests were performed at the Huawei premises in Be ijing in end May 2014.
SERTIT-061 CR Issue 1.0
4 June 2015
Page 17 of 22
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
6
EAL 3 +
Evaluation Outcome
6.1 Certification Result
After due consideration of the ETR [7], produced by the E valuators, and the conduct
of the evaluation, as witnessed by the Cert ifier, SERTIT has determined that Huawei
NetEngine5000E Core Router version V800R006 build C00SPC200 meets the Common
Criteria Part 3 conformant requirements of Evaluation Assurance Level EAL 3
augmented with ALC_CMC.4 for the specified Common Criteria Part 2 conformant
functionalit y, in t he specified environment, when running on platforms specified in
Annex A.
6.2 Recommendations
Prospective consumers of Huawei NetEngine5000E Core Router version V800R006
build C00SPC200 should understand the specific scope of the certification by reading
this report in conjunction with the Securi ty Target [1]. The TOE should be used in
accordance with a number of environmental considerations as specified in the
Security Target.
Only the evaluated TOE configur at ion should be installed. This is specified in Annex A
with further relevant information given above under Section 4.3 “TOE Scope” and
Section 5 “Evaluation Findings”.
The TOE should be used in accordance with the supporting guidance documentation
included in the evaluat ed configuration.
Page 18 of 22
SERTIT-061 CR Issue 1.0
4 June 2015
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
Annex A: Evaluated Configuration
TOE Identification
The TOE consists of:
Hardware:
Product
Name
Board Name for Order
NE5000E
CLC
CR52K-BKPC-36U-8KW
Feil! Hyperkoblingsreferansen er
ugyldig.
CR52-MPUB
Main Processing Unit B
CR5DSFEBA06B
Feil! Hyperkoblingsreferansen er
ugyldig.
NE5000E
CCC
NE5000E
CCC-A
CR55C-BKPA/CR55C-BKPB Feil! Hyperkoblingsreferansen er
ugyldig.
CR5D0MPUA450
Feil! Hyperkoblingsreferansen er
ugyldig.
CR55C-MPUA
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5DSFUIA050
Feil! Hyperkoblingsreferansen er
ugyldig.
CR55C-ICUA
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5DECUFA050
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5D0OFCA060
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5D0MPUB550
Main Processing Unit B550
CR5D00ICUB50
Internal Communication Unit B50
CR5DSFUFK050
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5M0OFCK050
Optical Flexible Card
CR5B0BKPCD50
NE5000E-CCC-A Integrated Chassis
Components DC
CR5B0BKPCA50
NE5000E-CCC-A Integrated Chassis
Components DC
SERTIT-061 CR Issue 1.0
4 June 2015
Description
Page 19 of 22
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
NE5000EX16
NE5000EX16A
NE5000EX16B
EAL 3 +
CR5B0BKP1660
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5D0MPUB461
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5DSFUFA06B
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5D0SFUK06B
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5B0BKP166A
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5B0BKP166B
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5D0MPUB560
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5DSFUFA06C
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5DSFUIK06A
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5DSFUIK06B
400G Switch Fabric Unit A for
Cluster Chassis Access
CR5BBKP6BD60
NE5000E-X16B Integrated Chassis
Components DC
CR5BBKP6BA60
NE5000E-X16B Integrated Chassis
Components AC
CR5D0MPUB560
Feil! Hyperkoblingsreferansen er
ugyldig.
CR5DSFUIT060
1T Switch Fabric Unit A for Single
Chassis
CR5D00EFMB60
1T 24*40Gbps QSFP+ Interface Board
CR5D00E8NC60
1T 8*100Gbps CFP2 Interface Board
Software:
Type
Software
Name
Version
Product software
V800R006 build C00SPC200
VRP
Version 8 Release8 build C00SPC200
Linux
Version:
WRlinux4.1.0.0(CR5D0MPUA450,
Page 20 of 22
SERTIT-061 CR Issue 1.0
4 June 2015
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
CR5D0MPUB550,CR5D0MPUB461,
CR5D0MPUB560)
/WRlinux3.0.3.0(CR52-MPUB,
CR55C-MPUA)
TOE Documentation
The supporting guidance documents evaluated were:
[a]
NE5000E V800R006C00 Product Manua l , V1.0
[b]
Common Criteria Security Evaluation – Certified Configuration , V1.3
Further discussion of t he supporting guidance material is given in Section 5.3
“Installation and Guida nce Documentation”.
TOE Configuration
ITEM
IDENTIFIER
HARDWARE
NE5000E-X16A
NE5000E-X16
NE5000E CCC-2 with 2 CCCs and four CLCs
The LPU used are


48-port 10GBase LAN/WAN – SFP Integrated Line Process Unit
(NE5000E LPUI – 480)
10-port 10GBase LAN/WAN – XFP Integrated Line Processing
Unit (NE5000E LPUI – 100)
SOFTWARE
NE5000E V800R006C00SPC200T1 and other software (VRP, Linux) listed in
section “TOE Identification” configured according to [b].
MANUAL
The appropriate guidance document in section “TOE Documentation”
Environmental Configuration
The following configuration was used for test ing:
The TOE is tested main ly in the following test set -up:
1
The suffix “T” indicates it is the testing version. “T” is removed and the final release version is “V800R006C00SPC200”
SERTIT-061 CR Issue 1.0
4 June 2015
Page 21 of 22
Huawei NetEngine5000E Core Router
Version V800R006 build C00SPC200
EAL 3 +
The tester is the Spirent Test centre.
Page 22 of 22
SERTIT-061 CR Issue 1.0
4 June 2015
Certificate
Product Manufacturer:
Product Name:
NetEngine 5000E Core Router
Type of Product:
Build:
Huawei Technologies
Router
COOS PC200
Assurance Package:
EAL 3 augmented with ALC_ CMCA
Quality Assurance
SERTIT
NOlweglan Certificotion Autho,I,y ro, IT SccufIly
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement