Security Target for Juniper Networks EX3200 and EX4200 2010-09-03¢  Security Target for Juniper Networks

  • View
    0

  • Download
    0

Embed Size (px)

Text of Security Target for Juniper Networks EX3200 and EX4200 2010-09-03¢  Security Target for...

  • Security Target for Juniper Networks EX3200 and EX4200 Switches running JUNOS 9.3R2

    Version 1.0 January 30, 2009

    Prepared for: Juniper Networks 1194 North Mathilda Avenue Sunnyvale California 94089 USA Prepared by: IconSecurity Ltd

  • © 2009 Juniper Inc. Page 2 of 38 All Rights Reserved

    Contents 1 ST Introduction............................................................................................................................. 4

    1.1 ST and TOE Reference Identification .................................................................................... 4 1.2 TOE Overview ........................................................................................................................ 4

    1.2.1 Usage and major features of the TOE........................................................................... 4 1.3 References ............................................................................................................................. 4

    1.3.1 TOE Type ...................................................................................................................... 5 1.3.2 Required non-TOE hardware/software/firmware........................................................... 5

    1.4 TOE Description ..................................................................................................................... 5 1.4.1 EX Switch ...................................................................................................................... 5

    1.5 TOE Boundaries ..................................................................................................................... 6 2 CC Conformance ......................................................................................................................... 9 3 Security Problem Definition........................................................................................................ 10

    3.1 Threats ................................................................................................................................. 10 3.2 Organizational Security Policies........................................................................................... 11 3.3 Assumptions......................................................................................................................... 11

    3.3.1 Physical Assumptions.................................................................................................. 11 3.3.2 Personnel Assumptions............................................................................................... 11 3.3.3 IT Environment Assumptions....................................................................................... 11

    4 Security Objectives .................................................................................................................... 12 4.1 Security Objectives for the TOE........................................................................................... 12 4.2 Security Objectives for the Environment .............................................................................. 12

    5 Extended Component Definition ................................................................................................ 13 6 IT Security Requirements........................................................................................................... 14

    6.1 Conventions.......................................................................................................................... 14 6.2 Security Functional Requirements ....................................................................................... 14

    6.2.1 Audit (FAU) .................................................................................................................. 15 6.2.2 User data protection (FDP).......................................................................................... 16 6.2.3 Identification and authentication (FIA) ......................................................................... 17 6.2.4 Security management (FMT)....................................................................................... 18 6.2.5 Protection of the TOE security functions (FPT)........................................................... 19 6.2.6 TOE access (FTA) ....................................................................................................... 20

    6.3 Security Assurance Requirements....................................................................................... 20 7 TOE Summary Specification ...................................................................................................... 22

    7.1 TOE Security Functions ....................................................................................................... 22 7.1.1 Information flow function.............................................................................................. 22 7.1.2 Identification and authentication function .................................................................... 22 7.1.3 Security management function .................................................................................... 24 7.1.4 Protection function ....................................................................................................... 25 7.1.5 Audit function ............................................................................................................... 25 7.1.6 TOE access function.................................................................................................... 26 7.1.7 Clock function .............................................................................................................. 26

    8 Rationale .................................................................................................................................... 28 8.1 Rationale for Security Objectives ......................................................................................... 28

    8.1.1 Rationale for Security Objectives for the TOE............................................................. 28 8.1.2 Rationale for Security Objectives for the Environment................................................ 29

    8.2 Rationale for Security Requirements ................................................................................... 30 8.2.1 Rationale for TOE security functional requirements.................................................... 30 8.2.2 Rationale for TOE Environment Security Functional requirements............................. 33 8.2.3 Rationale for Security Assurance Requirements (SAR).............................................. 33 8.2.4 Dependencies Rationale ............................................................................................. 34

    8.3 TOE Summary Specification Rationale................................................................................ 34 8.4 IT security functions mutually supportive ............................................................................. 37

    9 Acronyms ................................................................................................................................... 38

  • © 2009 Juniper Inc. Page 3 of 38 All Rights Reserved

    List of tables Table 6-1 Security Functional Components ...................................................................................... 15 Table 6-2 TOE Assurance Components ........................................................................................... 21 Table 8-1 TOE Security Objectives Rationale................................................................................... 28 Table 8-2 Environment Security Objectives Rationale...................................................................... 29 Table 8-3 Security Functional Requirements Rationale.................................................................... 31 Table 8-4 Security Functions Rationale ............................................................................................ 35

  • © 2009 Juniper Inc. Page 4 of 38 All Rights Reserved

    1 ST Introduction

    1.1 ST and TOE Reference Identification TOE Reference: Juniper Networks EX3200 and EX4200 switches running JUNOS 9.3R2.8. ST Reference: Security Target for Juniper Networks EX3200 and EX4200 Switches running JUNOS 9.3R2. ST Version: Version 1.0. ST Date: January 30, 2009. Assurance Level: Evaluation Assurance Level (EAL) 3 augmented with ALC_FLR.3. ST Author: IconSecurity Ltd Keywords: Router, IP, Service Manager

    1.2 TOE Overview

    1.2.1 Usage and major features of the TOE

    The TOE is an EX3200 and EX4200 switch providing a wide variety of services to the user. The switch routes IP traffic over any type of network, with increasing scalability of the traffic volume with each switch model. All packets on the monitored network are scanned and then compared against a set of rules to determine where the traffic should be routed, and then passed to the appropriate destination.

    1.3 References [CC1] Common Criteria for Information Technology Security Evaluation, Part 1:

    Introduction and General Model, Version 3.1 Revision 1, September 2006, CCMB-2006-09-001.

    [CC2] Common Criteria for Information Technology Security Evaluation, Part 2: Security Functional Components, Version 3.1 Revision 2, September 2007, CCMB-2007-09-002.

    [CC3] Common Criteria for Information Technology Security Evaluation, Part 3: Security Assurance Components, Version 3.1 Revision 2, September 2007, CCMB-2007-09-003.

Recommended

View more >