Security Target Juniper Networks JUNOS 9.3 for J Target: Juniper Networks JUNOS 9.3 for J-Series and

  • View
    213

  • Download
    0

Embed Size (px)

Text of Security Target Juniper Networks JUNOS 9.3 for J Target: Juniper Networks JUNOS 9.3 for J-Series and

  • Security Target: Juniper Networks JUNOS 9.3 for J-Series and SRX-Series Platforms

    Document Version 1.6 Juniper Networks Page 1 of 58 This document may be freely reproduced and

    distributed whole and intact including this copyright notice.

    Security Target

    Juniper Networks JUNOS 9.3 for J-Series and SRX-Series

    Platforms

    ST Version 1.6

    Document number 530-029019-01

    June 29, 2009

  • Security Target: Juniper Networks JUNOS 9.3 for J-Series and SRX-Series Platforms

    Document Version 1.6 Juniper Networks Page 2 of 58 This document may be freely reproduced and

    distributed whole and intact including this copyright notice.

    Prepared For:

    Prepared By:

    Juniper Networks, Inc.

    1194 North Mathilda Avenue

    Sunnyvale, CA 94089

    www.juniper.net

    Apex Assurance Group, LLC

    5448 Apex Peakway Drive, Ste. 101

    Apex, NC 27502

    www.apexassurance.com

    Abstract

    This document provides the basis for an evaluation of a specific Target of Evaluation (TOE), the JUNOS

    9.3 for J-Series and SRX-Series Platforms. This Security Target (ST) defines a set of assumptions about the

    aspects of the environment, a list of threats that the product intends to counter, a set of security

    objectives, a set of security requirements and the IT security functions provided by the TOE which meet

    the set of requirements.

    http://www.juniper.net/http://www.apexassurance.com/

  • Security Target: Juniper Networks JUNOS 9.3 for J-Series and SRX-Series Platforms

    Document Version 1.6 Juniper Networks Page 3 of 58 This document may be freely reproduced and

    distributed whole and intact including this copyright notice.

    Table of Contents

    1 Introduction .................................................................................................................................................. 6

    1.1 ST Reference ................................................................................................................................................. 6

    1.2 TOE Reference .............................................................................................................................................. 6

    1.3 Document Organization ............................................................................................................................... 6

    1.4 Document Conventions ................................................................................................................................ 7

    1.5 Document Terminology ................................................................................................................................ 7

    1.6 TOE Overview ............................................................................................................................................... 8

    1.7 TOE Description ............................................................................................................................................ 9

    1.7.1 Overview .................................................................................................................................................. 9

    1.7.2 Physical Boundary .................................................................................................................................. 10

    1.7.3 Logical Boundary .................................................................................................................................... 14

    2 Conformance Claims .................................................................................................................................... 16

    2.1 CC Conformance Claim ............................................................................................................................... 16

    2.2 PP Claim ..................................................................................................................................................... 16

    2.3 Package Claim ............................................................................................................................................ 16

    2.4 Conformance Rationale .............................................................................................................................. 16

    3 Security Problem Definition ........................................................................................................................ 17

    3.1 Threats ....................................................................................................................................................... 17

    3.2 Organizational Security Policies ................................................................................................................. 18

    3.3 Assumptions ............................................................................................................................................... 18

    4 Security Objectives ...................................................................................................................................... 19

    4.1 Security Objectives for the TOE .................................................................................................................. 19

    4.2 Security Objectives for the Operational Environment ................................................................................ 19

    4.3 Security Objectives Rationale ..................................................................................................................... 20

    5 Extended Components Definition ................................................................................................................ 24

    5.1 Definition of Extended Components ........................................................................................................... 24

    6 Security Requirements ................................................................................................................................ 26

    6.1 Security Functional Requirements .............................................................................................................. 26

    6.1.1 Security Audit (FAU) ............................................................................................................................... 27

    6.1.2 Communication (FCO) ............................................................................................................................ 28

    6.1.3 Cryptographic Support (FCS) .................................................................................................................. 29

    6.1.4 Information Flow Control (FDP) ............................................................................................................. 30

    6.1.5 Identification and Authentication (FIA) ................................................................................................. 33

    6.2 Security Management (FMT)...................................................................................................................... 34

    6.2.2 Protection of the TSF (FPT) .................................................................................................................... 36

    6.2.3 TOE Access (FTA) .................................................................................................................................... 36

    6.2.4 Trusted Path/Channels (FTP) ................................................................................................................. 36

    6.3 Security Functional Requirements for the IT Environment ......................................................................... 37

    6.3.1 Identification and Authentication (FIA) ................................................................................................. 37

    6.4 Security Assurance Requirements .............................................................................................................. 37

    6.5 Security Requirements Rationale ............................................................................................................... 37

  • Security Target: Juniper Networks JUNOS 9.3 for J-Series and SRX-Series Platforms

    Document Version 1.6 Juniper Networks Page 4 of 58 This document may be freely reproduced and

    distributed whole and intact including this copyright notice.

    6.5.1 Security Functional Requirements ......................................................................................................... 37

    6.5.2 Sufficiency of Security Requirements .................................................................................................... 38

    6.5.3 Security Assurance Requirements ......................................................................................................... 49

    6.5.4 Security Assurance Requirements Rationale ......................................................................................... 50

    6.5.5 Security Assurance Requirements Evidence .......................................................................................... 50

    7 TOE Summary Specification ......................................................................................................................... 51

    7.1 TOE Security Functions ............................................................................................................................... 51

    7.2 Audit .........................................................................................................................