This page was not yet optimized for use on mobile devices.

UTM / NG-Firewall Software Suite (4.3.12.2 (S, M, XL)) ( ANSSI-CC-2023/62 )

CSV information ?

Status	active
Valid from	28.12.2023
Valid until	08.12.2028
Scheme	🇫🇷 FR
Manufacturer	Stormshield
Category	ICs, Smart Cards and Smart Card-Related Devices and Systems
Security level	EAL4+, ALC_FLR.3

Heuristics summary ?

Certificate ID: ANSSI-CC-2023/62

Certificate ?

Certificate PDF TXT

Extracted keywords

Security level

EAL4, EAL2

Security Assurance Requirements (SAR)

ALC_FLR.3

Certificates

ANSSI-CC-2023/62

Evaluation facilities

OPPIDA

File metadata

Creation date	D:20240213165128+01'00'
Modification date	D:20240213165313+01'00'
Pages	2
Creator	Acrobat PDFMaker 23 pour Word
Producer	Adobe PDF Library 23.1.175

Certification report ?

Certification report PDF TXT

Extracted keywords

Symmetric Algorithms

DES

Security level

EAL4, EAL2, EAL4+, ITSEC E3 Elémentaire

Security Assurance Requirements (SAR)

ALC_FLR.3, ALC_FLR

Certificates

ANSSI-CC-2023/62

Evaluation facilities

CESTI, OPPIDA

Standards

CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003

File metadata

Creation date	D:20240213164647+01'00'
Modification date	D:20240213165310+01'00'
Pages	12
Creator	Acrobat PDFMaker 23 pour Word
Producer	Adobe PDF Library 23.1.175

Security target ?

Security target PDF TXT

Extracted keywords

Symmetric Algorithms

AES, CAST, DES, Blowfish, HMAC

Asymmetric Algorithms

RSA 2048, ECDH, ECDSA, ECC, Diffie-Hellman, DH, DSA

Hash functions

SHA-2, SHA2, MD5

Schemes

MAC, Key Exchange, Key Agreement

Protocols

SSH, SSL, TLS, TLS 1.2, TLS 1.3, IKE, IKEv2, IPsec, VPN

Libraries

OpenSSL

Elliptic Curves

secp256r1, secp384r1, secp521r1, SECP256r1

Block cipher modes

CBC, CTR, GCM

TLS cipher suites

TLS_DHE_RSA_WITH_AES_128_CBC_SHA

JavaCard API constants

SECP256R1

Vendor

Microsoft, Cisco

Security level

EAL4+, EAL4, EAL4 augmented

Claims

O.PCAOA, O.RESIST_AUTH_ADMIN, O.PCFI_FILTERING, O.PCFI_APPLICATION_CONTEXT, O.PCFI_ENCRYPTION, O.IPS_ATTACK_DETECTION, O.LAA_PCFI, O.CRYPTO, O.IPS_RFC_COMPLIANCE, O.LAA_IPS, O.LAA_PCAOA, O.BACKUP_RESTORATION, O.PROTECT_LOGS, O.PROTECT_ADMIN_SESSIONS, T.IP_SPOOFING, T.IMPROPER_USE, T.ILLEGAL_ADMIN, T.ADMIN_USURP, T.ILLEGAL_ADMIN_SESSION, T.AUDIT, OE.PROTECT_APPLIANCES, OE.SUPER_ADMIN, OE.PASSWORD, OE.GOOD_PCFI, OE.CRYPTO_EXT, OE.PERSONNEL, OE.INTERPOSITION, OE.STRICT_USAGE, OE.AUTONOMOUS, OE.PROTECT_WORKSTATIONS, OE.PROTECT_VPN_PEER, OE.PROTECT_VPN_CLIENTS, OE.TIMESTAMPS, OE.REVOCATION_LIST, OE.ENROLLMENT, OE.PROTECT_WORKSTATIO, SA

Security Assurance Requirements (SAR)

ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_FLR.3, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ALC_TAT.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.3, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1

Security Functional Requirements (SFR)

FAU_GEN.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_STG.3, FAU_SAA.4, FAU_GEN.2, FAU_GEN.2.1, FAU_SAR.1, FAU_SAR.1.1, FAU_SAR.1.2, FAU_STG.3.1, FAU_SAA.4.1, FAU_SAA.4.2, FAU_SAA.4.3, FAU_ARP.1, FAU_SAA.1, FAU_ARP, FAU_ARP.1.1, FAU_GEN, FCS_TLSC_EXT.1, FCS_TLSC_EXT.1.1, FCS_TLSC_EXT.1.2, FCS_TLSC_EXT.1.5, FCS_COP.1, FCS_CKM.1, FCS_CKM.4, FCS_CKM, FDP_IFC.2.1, FDP_IFC.2, FDP_IFC.2.2, FDP_IFF.1, FDP_IFC.1, FDP_IFC.1.1, FDP_UCT.1, FDP_UIT.1, FDP_UCT.1.1, FDP_UIT.1.1, FDP_UIT.1.2, FDP_ACC.2, FDP_ACC.2.1, FDP_ACC.2.2, FDP_ACC.1, FDP_ITC.1, FDP_ITC.2, FDP_IFF.1.1, FDP_IFF.1.2, FDP_IFF.1.3, FDP_IFF.1.4, FDP_IFF.1.5, FIA_UAU.5, FIA_UID.1, FIA_UAU.5.1, FIA_UAU.5.2, FMT_MTD, FMT_SMR.1, FMT_MOF.1, FMT_MTD.1, FMT_SMF.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_MOF.1.1, FMT_MTD.1.1, FMT_MSA.3, FMT_SMF, FPT_TDC.1, FPT_TDC.1.1, FPT_TDC.1.2, FPT_ITT.1, FPT_ITT.1.1, FPT_STM.1, FTP_TRP.1, FTP_ITT.1, FTP_ITC.1, FTP_TRP.1.1, FTP_TRP.1.2, FTP_TRP.1.3

Certificates

CC-01, CC-02, CC-03

Certification process

out of scope, protocol, the connection is set up by the web browser on the administration workstation which is out of scope. Likewise the TLS protocol itself is outside the scope of this evaluation. Rationale: the trusted

Standards

FIPS PUB 197, FIPS 180-1, FIPS 180-2, FIPS PUB 186-4, PKCS #1, RFC 1349, RFC 792, RFC 3376, RFC 768, RFC 793, RFC 2401, RFC 4303, RFC 3526, RFC 5903, RFC 6932, RFC 4754, RFC 7427, RFC 959, RFC 2577, RFC 2389, RFC 2428, RFC 2616, RFC 2518, RFC 3253, RFC 1034, RFC 1035, RFC 1058, RFC 2453, RFC 2474, RFC 3435, RFC 3261, RFC 3550, RFC 3605, RFC 5246, RFC 8446, RFC 3268, RFC 2631, RFC 5282, RFC 2104, RFC 5639, RFC 4960, RFC 7030, RFC 2986, RFC 5652, RFC 5273, RFC 2818, RFC 6125, RFC 2409, RFC 2246, RFC 3330, RFC 2385, RFC 2817, RFC 6455, RFC 5280, ISO/IEC 14888-3, X.509, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004

File metadata

Title	Stormshield Network Security
Subject	UTM / NG-Firewall Software Suite
Author	Stormshield
Creation date	D:20230808085705+02'00'
Modification date	D:20230808085705+02'00'
Pages	107
Creator	Microsoft® Word 2019
Producer	Microsoft® Word 2019

Heuristics ?

Certificate ID: ANSSI-CC-2023/62

Extracted SARs

ASE_CCL.1, ALC_DEL.1, ALC_CMC.4, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, ASE_TSS.1, ADV_TDS.3, ADV_ARC.1, AVA_VAN.3, ASE_SPD.1, ASE_REQ.2, ALC_CMS.4, ADV_IMP.1, ALC_TAT.1, ATE_COV.2, ALC_FLR.3, AGD_OPE.1, ALC_DVS.1, ASE_ECD.1, ADV_FSP.4, ASE_INT.1, AGD_PRE.1, ALC_LCD.1, ASE_OBJ.2

Similar certificates

Name	Certificate ID
ChipDoc v4 on JCOP 4.5 P71 in SSCD configuration (Version 4.0.1.52) (ANSSI-CC-2023/12-R01)	ANSSI-CC-2023/12-R01	Compare
IAS Classic V4.4.2 with MOC Server 1.1 on MultiApp V4.1 version IAS : 4.4.2.A, version MOC Server : 1.1.1A (ANSSI-CC-2023/57 )	ANSSI-CC-2023/57	Compare
eTravel v2.3 on MultiApp v4.1 platform, BAC and AA activated (version 2.3.0.1) (ANSSI-CC-2023/54)	ANSSI-CC-2023/54	Compare
eTravel v2.3 on MultiApp v4.1 platform, PACE, EAC and AA activated(version 2.3.0.1) ( ANSSI-CC-2023/55 )	ANSSI-CC-2023/55	Compare
eTravel v2.3 on MultiApp v4.1 platform, BAC, EAC and AA activated (version 2.3.0.1) (ANSSI-CC-2023/56)	ANSSI-CC-2023/56	Compare
ChipDoc v4.1 on JCOP 4.5 P71 in ICAO EAC(1&2) with PACE configuration Version 4.1.1.52 ( ANSSI-CC-2023/68)	ANSSI-CC-2023/68	Compare
ChipDoc v4 on JCOP 4.5 P71 in ICAO EAC(1&2) with PACE configuration (Version 4.0.1.52) (ANSSI-CC-2023/11-R01)	ANSSI-CC-2023/11-R01	Compare
Stormshield Network Security UTM / NG - Firewall Software Suite (Version 3.7.9)	ANSSI-CC-2020/39	Compare
Stormshield Network Security UTM / NG-Firewall Software Suite version 3.7.9	ANSSI-CC-2020/66	Compare
Plateforme ouverte Java Card MultiApp V4.1 en configuration ouverte masquée sur le composant S3FT9MH(Version 4.1.0.2) ( ANSSI-CC-2023/30 )	ANSSI-CC-2023/30	Compare
Produit IAS Classic v5.2.1 with MOC Server v3.1 on MultiApp V5.1 Version 5.2.1.A.C et 5.2.1.A.O ( ANSSI-CC-2023/42 )	ANSSI-CC-2023/42	Compare
eTravel 3.1 BAC on MultiApp V5.1 Version 3.1.0.0 ( ANSSI-CC-2023/34 )	ANSSI-CC-2023/34	Compare
eTravel 3.1 EAC on BAC on MultiApp V5.1 Version 3.1.0.0 ( ANSSI-CC-2023/35 )	ANSSI-CC-2023/35	Compare
eTravel 3.1 EAC on SAC on MultiApp V5.1 Version 3.1.0.0 ( ANSSI-CC-2023/36 )	ANSSI-CC-2023/36	Compare
ChipDoc v4.1 on JCOP 4.5 P71 in SSCD configuration Version 4.1.1.52 (ANSSI-CC-2023/69)	ANSSI-CC-2023/69	Compare
ChipDoc v4.1 on JCOP 4.5 P71 in ICAO BAC configuration Version 4.1.1.52 ( ANSSI-CC-2023/67)	ANSSI-CC-2023/67	Compare
Strong Customer Authentication for Apple Pay on Apple Watch with S8 running watchOS 9.4(watchOS 9.4 (build 20T253)) ( ANSSI-CC-2023/60)	ANSSI-CC-2023/60	Compare
Strong Customer Authentication for Apple Pay on iPhone SE (3rd generation) with A15 Bionic running iOS 16.4.1iOS 16.4.1 (build 20E252) (ANSSI-CC-2023/58)	ANSSI-CC-2023/58	Compare
Strong Customer Authentication for Apple Pay on iPhone 14 Pro with A16 Bionic running iOS 16.4.1Version iOS 16.4.1 (build 20E252) ( ANSSI-CC-2023/59)	ANSSI-CC-2023/59	Compare
Strong Customer Authentication for Apple Pay on Mac mini with M2 and Magic keyboard with Touch ID, running macOS Ventura 13.3.1 , macOS Ventura 13.3.1 (build 22E261) ( ANSSI-CC-2023/61)	ANSSI-CC-2023/61	Compare
ChipDoc v4 on JCOP 4.5 P71 in ICAO BAC configuration (Version 4.0.1.52) ( ANSSI-CC-2023/10-R01 )	ANSSI-CC-2023/10-R01	Compare
ChipDoc v2 on JCOP 3 P60 in SSCD configuration (v7b4_2) (ANSSI-CC-2023/38)	ANSSI-CC-2023/38	Compare

Showing 5 out of 22.

Scheme data ?

Enhanced
Product	UTM / NG-Firewall Software Suite version 4.3.12.2 (S, M, XL)
Url	https://cyber.gouv.fr/produits-certifies/utm-ng-firewall-software-suite-version-43122-s-m-xl
Description	Le produit évalué est « UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL » développé par STORMSHIELD et exécuté par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20. Ce produit permet d’interconnecter un ou plusieurs réseaux de confiance via un réseau non maitrisé sans dégrader le niveau de confia
Sponsor	STORMSHIELD
Developer	STORMSHIELD
Cert Id	ANSSI-CC-2023/62
Level	EAL4+
Expiration Date	08.12.2028
	Cert Id	ANSSI-CC-2023/62
	Certification Date	08.12.2023
	Expiration Date	08.12.2028
	Category	Produits réseau
	Cc Version	Critères Communs version 3.1r5
	Developer	STORMSHIELD
	Sponsor	STORMSHIELD
	Evaluation Facility	OPPIDA
	Level	EAL4+
	Protection Profile
	Mutual Recognition	CCRA SOG-IS
	Augmented	ALC_FLR.3
	Report Link	https://cyber.gouv.fr/sites/default/files/document_type/ANSSI-CC-2023_62fr.pdf
	Cert Link	https://cyber.gouv.fr/sites/default/files/document_type/certificat-CC-2023_62fr.pdf

References ?

No references are available for this certificate.

Updates ?

09.11.2024 The certificate data changed.
Certificate changed

The computed heuristics were updated.
- The scheme_data property was updated, with the {'description': 'Le produit évalué est « UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL » développé par STORMSHIELD et exécuté par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20. Ce produit permet d’interconnecter un ou plusieurs réseaux de confiance via un réseau non maitrisé sans dégrader le niveau de confia', 'expiration_date': '2028-12-08', 'enhanced': {'__update__': {'certification_date': '2023-12-08', 'expiration_date': '2028-12-08', 'mutual_recognition': 'CCRA SOG-IS'}}} data.
14.10.2024 The certificate data changed.
Certificate changed

The computed heuristics were updated.
- The scheme_data property was set to {'product': 'UTM / NG-Firewall Software Suite version 4.3.12.2 (S, M, XL)', 'url': 'https://cyber.gouv.fr/produits-certifies/utm-ng-firewall-software-suite-version-43122-s-m-xl', 'description': 'Le produit évalué est « UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL » développé par STORMSHIELD et exécuté par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20.\nCe produit permet d’interconnecter un ou plusieurs réseaux de confiance via un réseau non maitrisé sans dégrader le niveau de confia', 'sponsor': 'STORMSHIELD', 'developer': 'STORMSHIELD', 'cert_id': 'ANSSI-CC-2023/62', 'level': 'EAL4+', 'expiration_date': '8 Décembre 2028', 'enhanced': {'cert_id': 'ANSSI-CC-2023/62', 'certification_date': '08/12/2023', 'expiration_date': '08/12/2028', 'category': 'Produits réseau', 'cc_version': 'Critères Communs version 3.1r5', 'developer': 'STORMSHIELD', 'sponsor': 'STORMSHIELD', 'evaluation_facility': 'OPPIDA', 'level': 'EAL4+', 'protection_profile': '', 'mutual_recognition': 'CCRA\n SOG-IS', 'augmented': 'ALC_FLR.3', 'report_link': 'https://cyber.gouv.fr/sites/default/files/document_type/ANSSI-CC-2023_62fr.pdf', 'cert_link': 'https://cyber.gouv.fr/sites/default/files/document_type/certificat-CC-2023_62fr.pdf'}}.
02.09.2024 The certificate data changed.
Certificate changed

The computed heuristics were updated.
- The scheme_data property was set to None.
22.08.2024 The certificate data changed.
Certificate changed

The state of the certificate object was updated.
- The st property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'fa26554638022558de53c799e0bb03b7cafa6ff24fcd0de9d9fd352d2322de5d', 'txt_hash': 'dd6ddb4099b283081812eaf899ba6cd78ef66beca43778a780d267b716318cbe'} data.
- The cert property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '73901ace86a65e05980310126626f564e5d1208e0ab7a1fc6d51141dd2b992b4', 'txt_hash': '6b7c3a22ce5c56ff9a90aeb0c8a8abc3c3073a19399f1484bb34514272d38a7c'} data.
The PDF extraction data was updated.
- The st_metadata property was set to {'pdf_file_size_bytes': 2008885, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 107, '/Title': 'Stormshield Network Security', '/Author': 'Stormshield', '/Subject': 'UTM / NG-Firewall Software Suite', '/Creator': 'Microsoft® Word 2019', '/CreationDate': "D:20230808085705+02'00'", '/ModDate': "D:20230808085705+02'00'", '/Producer': 'Microsoft® Word 2019', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
- The cert_metadata property was set to {'pdf_file_size_bytes': 130702, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 2, '/CreationDate': "D:20240213165128+01'00'", '/Creator': 'Acrobat PDFMaker 23 pour Word', '/Keywords': '', '/ModDate': "D:20240213165313+01'00'", '/Producer': 'Adobe PDF Library 23.1.175', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
- The st_keywords property was set to {'cc_cert_id': {'NL': {'CC-01': 3, 'CC-02': 6, 'CC-03': 4}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4+': 2, 'EAL4': 28, 'EAL4 augmented': 2}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.4': 1, 'ADV_IMP.1': 1, 'ADV_TDS.3': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_FLR.3': 6, 'ALC_CMC.4': 1, 'ALC_CMS.4': 1, 'ALC_DEL.1': 1, 'ALC_DVS.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.1': 1}, 'ATE': {'ATE_COV.2': 1, 'ATE_DPT.1': 1, 'ATE_FUN.1': 1, 'ATE_IND.2': 1}, 'AVA': {'AVA_VAN.3': 1}, 'ASE': {'ASE_CCL.1': 1, 'ASE_ECD.1': 1, 'ASE_INT.1': 1, 'ASE_OBJ.2': 1, 'ASE_REQ.2': 3, 'ASE_SPD.1': 1, 'ASE_TSS.1': 1}}, 'cc_sfr': {'FAU': {'FAU_GEN.1': 6, 'FAU_GEN.1.1': 2, 'FAU_GEN.1.2': 4, 'FAU_STG.3': 7, 'FAU_SAA.4': 9, 'FAU_GEN.2': 6, 'FAU_GEN.2.1': 2, 'FAU_SAR.1': 7, 'FAU_SAR.1.1': 2, 'FAU_SAR.1.2': 2, 'FAU_STG.3.1': 2, 'FAU_SAA.4.1': 4, 'FAU_SAA.4.2': 2, 'FAU_SAA.4.3': 3, 'FAU_ARP.1': 7, 'FAU_SAA.1': 1, 'FAU_ARP': 2, 'FAU_ARP.1.1': 1, 'FAU_GEN': 4}, 'FCS': {'FCS_TLSC_EXT.1': 25, 'FCS_TLSC_EXT.1.1': 3, 'FCS_TLSC_EXT.1.2': 3, 'FCS_TLSC_EXT.1.5': 3, 'FCS_COP.1': 61, 'FCS_CKM.1': 24, 'FCS_CKM.4': 19, 'FCS_CKM': 1}, 'FDP': {'FDP_IFC.2.1': 3, 'FDP_IFC.2': 6, 'FDP_IFC.2.2': 2, 'FDP_IFF.1': 29, 'FDP_IFC.1': 10, 'FDP_IFC.1.1': 2, 'FDP_UCT.1': 12, 'FDP_UIT.1': 12, 'FDP_UCT.1.1': 2, 'FDP_UIT.1.1': 2, 'FDP_UIT.1.2': 2, 'FDP_ACC.2': 6, 'FDP_ACC.2.1': 2, 'FDP_ACC.2.2': 2, 'FDP_ACC.1': 2, 'FDP_ITC.1': 8, 'FDP_ITC.2': 8, 'FDP_IFF.1.1': 2, 'FDP_IFF.1.2': 2, 'FDP_IFF.1.3': 2, 'FDP_IFF.1.4': 2, 'FDP_IFF.1.5': 2}, 'FIA': {'FIA_UAU.5': 77, 'FIA_UID.1': 2, 'FIA_UAU.5.1': 5, 'FIA_UAU.5.2': 5}, 'FMT': {'FMT_MTD': 23, 'FMT_SMR.1': 8, 'FMT_MOF.1': 10, 'FMT_MTD.1': 11, 'FMT_SMF.1': 12, 'FMT_SMF.1.1': 2, 'FMT_SMR.1.1': 3, 'FMT_SMR.1.2': 4, 'FMT_MOF.1.1': 3, 'FMT_MTD.1.1': 3, 'FMT_MSA.3': 2, 'FMT_SMF': 1}, 'FPT': {'FPT_TDC.1': 8, 'FPT_TDC.1.1': 2, 'FPT_TDC.1.2': 2, 'FPT_ITT.1': 10, 'FPT_ITT.1.1': 2, 'FPT_STM.1': 1}, 'FTP': {'FTP_TRP.1': 74, 'FTP_ITT.1': 1, 'FTP_ITC.1': 2, 'FTP_TRP.1.1': 5, 'FTP_TRP.1.2': 5, 'FTP_TRP.1.3': 5}}, 'cc_claims': {'O': {'O.PCAOA': 13, 'O.RESIST_AUTH_ADMIN': 6, 'O.PCFI_FILTERING': 7, 'O.PCFI_APPLICATION_CONTEXT': 4, 'O.PCFI_ENCRYPTION': 18, 'O.IPS_ATTACK_DETECTION': 8, 'O.LAA_PCFI': 6, 'O.CRYPTO': 6, 'O.IPS_RFC_COMPLIANCE': 7, 'O.LAA_IPS': 8, 'O.LAA_PCAOA': 12, 'O.BACKUP_RESTORATION': 6, 'O.PROTECT_LOGS': 6, 'O.PROTECT_ADMIN_SESSIONS': 6}, 'T': {'T.IP_SPOOFING': 5, 'T.IMPROPER_USE': 11, 'T.ILLEGAL_ADMIN': 18, 'T.ADMIN_USURP': 3, 'T.ILLEGAL_ADMIN_SESSION': 4, 'T.AUDIT': 2}, 'OE': {'OE.PROTECT_APPLIANCES': 3, 'OE.SUPER_ADMIN': 3, 'OE.PASSWORD': 3, 'OE.GOOD_PCFI': 3, 'OE.CRYPTO_EXT': 4, 'OE.PERSONNEL': 3, 'OE.INTERPOSITION': 4, 'OE.STRICT_USAGE': 3, 'OE.AUTONOMOUS': 3, 'OE.PROTECT_WORKSTATIONS': 2, 'OE.PROTECT_VPN_PEER': 3, 'OE.PROTECT_VPN_CLIENTS': 3, 'OE.TIMESTAMPS': 4, 'OE.REVOCATION_LIST': 3, 'OE.ENROLLMENT': 3, 'OE.PROTECT_WORKSTATIO': 1}, 'SA': {'SA': 2}}, 'vendor': {'Microsoft': {'Microsoft': 2}, 'Cisco': {'Cisco': 1}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 18}, 'CAST': {'CAST': 1}}, 'DES': {'DES': {'DES': 2}}, 'miscellaneous': {'Blowfish': {'Blowfish': 1}}, 'constructions': {'MAC': {'HMAC': 4}}}, 'asymmetric_crypto': {'RSA': {'RSA 2048': 2}, 'ECC': {'ECDH': {'ECDH': 5}, 'ECDSA': {'ECDSA': 11}, 'ECC': {'ECC': 1}}, 'FF': {'DH': {'Diffie-Hellman': 11, 'DH': 6}, 'DSA': {'DSA': 4}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA-2': 2, 'SHA2': 9}}, 'MD': {'MD5': {'MD5': 1}}}, 'crypto_scheme': {'MAC': {'MAC': 1}, 'KEX': {'Key Exchange': 4}, 'KA': {'Key Agreement': 1}}, 'crypto_protocol': {'SSH': {'SSH': 2}, 'TLS': {'SSL': {'SSL': 2}, 'TLS': {'TLS': 65, 'TLS 1.2': 4, 'TLS 1.3': 5}}, 'IKE': {'IKE': 46, 'IKEv2': 11}, 'IPsec': {'IPsec': 1}, 'VPN': {'VPN': 98}}, 'randomness': {}, 'cipher_mode': {'CBC': {'CBC': 1}, 'CTR': {'CTR': 4}, 'GCM': {'GCM': 4}}, 'ecc_curve': {'NIST': {'secp256r1': 7, 'secp384r1': 7, 'secp521r1': 5, 'SECP256r1': 1}}, 'crypto_engine': {}, 'tls_cipher_suite': {'TLS': {'TLS_DHE_RSA_WITH_AES_128_CBC_SHA': 1}}, 'crypto_library': {'OpenSSL': {'OpenSSL': 1}}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS PUB 197': 1, 'FIPS 180-1': 1, 'FIPS 180-2': 1, 'FIPS PUB 186-4': 1}, 'PKCS': {'PKCS #1': 1}, 'RFC': {'RFC 1349': 1, 'RFC 792': 1, 'RFC 3376': 1, 'RFC 768': 1, 'RFC 793': 1, 'RFC 2401': 2, 'RFC 4303': 1, 'RFC 3526': 1, 'RFC 5903': 1, 'RFC 6932': 1, 'RFC 4754': 1, 'RFC 7427': 1, 'RFC 959': 1, 'RFC 2577': 1, 'RFC 2389': 1, 'RFC 2428': 1, 'RFC 2616': 1, 'RFC 2518': 1, 'RFC 3253': 1, 'RFC 1034': 1, 'RFC 1035': 1, 'RFC 1058': 1, 'RFC 2453': 1, 'RFC 2474': 1, 'RFC 3435': 1, 'RFC 3261': 1, 'RFC 3550': 1, 'RFC 3605': 1, 'RFC 5246': 6, 'RFC 8446': 5, 'RFC 3268': 1, 'RFC 2631': 1, 'RFC 5282': 1, 'RFC 2104': 1, 'RFC 5639': 1, 'RFC 4960': 1, 'RFC 7030': 17, 'RFC 2986': 4, 'RFC 5652': 1, 'RFC 5273': 1, 'RFC 2818': 5, 'RFC 6125': 3, 'RFC 2409': 2, 'RFC 2246': 1, 'RFC 3330': 1, 'RFC 2385': 1, 'RFC 2817': 1, 'RFC 6455': 1, 'RFC 5280': 1}, 'ISO': {'ISO/IEC 14888-3': 1}, 'X509': {'X.509': 27}, 'CC': {'CCMB-2017-04-001': 1, 'CCMB-2017-04-002': 1, 'CCMB-2017-04-003': 1, 'CCMB-2017-04-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {'curves': {'SECP256R1': 1}}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'protocol, the connection is set up by the web browser on the administration workstation which is out of scope. Likewise the TLS protocol itself is outside the scope of this evaluation. Rationale: the trusted': 1}}}.
- The cert_keywords property was set to {'cc_cert_id': {'FR': {'ANSSI-CC-2023/62': 2}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4': 1, 'EAL2': 1}}, 'cc_sar': {'ALC': {'ALC_FLR.3': 2}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {'OPPIDA': {'OPPIDA': 2}}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
- The st_filename property was set to ANSSI-cible-2023_62en.pdf.
- The cert_filename property was set to certificat-CC-2023_62fr.pdf.
The computed heuristics were updated.
- The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}]} values added.
17.08.2024 The certificate data changed.
Certificate changed

The report_link was updated.
- The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2023_62fr.pdf.
The st_link was updated.
- The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-cible-2023_62en.pdf.
The state of the certificate object was updated.
- The cert property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.
The PDF extraction data was updated.
- The cert_metadata property was set to None.
- The cert_keywords property was set to None.
- The cert_filename property was set to None.
12.08.2024 The certificate data changed.
Certificate changed

The state of the certificate object was updated.
- The st property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.
The PDF extraction data was updated.
- The st_metadata property was set to None.
- The st_keywords property was set to None.
- The st_filename property was set to None.
The computed heuristics were updated.
- The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}]} values discarded.
- The scheme_data property was set to {'product': 'UTM / NG-Firewall Software Suite version 4.3.12.2 (S, M, XL)', 'url': 'https://cyber.gouv.fr/produits-certifies/utm-ng-firewall-software-suite-version-43122-s-m-xl', 'description': 'Le produit évalué est « UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL » développé par STORMSHIELD et exécuté par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20.\nCe produit permet d’interconnecter un ou plusieurs réseaux de confiance via un réseau non maitrisé sans dégrader le niveau de confia', 'sponsor': 'STORMSHIELD', 'developer': 'STORMSHIELD', 'cert_id': 'ANSSI-CC-2023/62', 'level': 'EAL4+', 'expiration_date': '8 Décembre 2028', 'enhanced': {'cert_id': 'ANSSI-CC-2023/62', 'certification_date': '08/12/2023', 'expiration_date': '08/12/2028', 'category': 'Produits réseau', 'cc_version': 'Critères Communs version 3.1r5', 'developer': 'STORMSHIELD', 'sponsor': 'STORMSHIELD', 'evaluation_facility': 'OPPIDA', 'level': 'EAL4+', 'protection_profile': '', 'mutual_recognition': 'CCRA\n SOG-IS', 'augmented': 'ALC_FLR.3', 'report_link': 'https://cyber.gouv.fr/sites/default/files/document_type/ANSSI-CC-2023_62fr.pdf', 'cert_link': 'https://cyber.gouv.fr/sites/default/files/document_type/certificat-CC-2023_62fr.pdf'}}.
31.07.2024 The certificate data changed.
Certificate changed

The computed heuristics were updated.
- The scheme_data property was set to None.
23.07.2024 The certificate was first processed.

New certificate

A new Common Criteria certificate with the product name UTM / NG-Firewall Software Suite (4.3.12.2 (S, M, XL)) ( ANSSI-CC-2023/62 ) was processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
  "cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/certificat-CC-2023_62fr.pdf",
  "dgst": "91aa10edaf1efbcf",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "annotated_references": null,
    "cert_id": "ANSSI-CC-2023/62",
    "cert_lab": null,
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_IMP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_COV",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_TDS",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_TSS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_OBJ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_ECD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_REQ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_ARC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DEL",
          "level": 1
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "4.3.12.2"
      ]
    },
    "indirect_transitive_cves": null,
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "scheme_data": {
      "cert_id": "ANSSI-CC-2023/62",
      "description": "Le produit \u00e9valu\u00e9 est \u00ab UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL \u00bb d\u00e9velopp\u00e9 par STORMSHIELD et ex\u00e9cut\u00e9 par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20. Ce produit permet d\u2019interconnecter un ou plusieurs r\u00e9seaux de confiance via un r\u00e9seau non maitris\u00e9 sans d\u00e9grader le niveau de confia",
      "developer": "STORMSHIELD",
      "enhanced": {
        "augmented": "ALC_FLR.3",
        "category": "Produits r\u00e9seau",
        "cc_version": "Crit\u00e8res Communs version 3.1r5",
        "cert_id": "ANSSI-CC-2023/62",
        "cert_link": "https://cyber.gouv.fr/sites/default/files/document_type/certificat-CC-2023_62fr.pdf",
        "certification_date": "2023-12-08",
        "developer": "STORMSHIELD",
        "evaluation_facility": "OPPIDA",
        "expiration_date": "2028-12-08",
        "level": "EAL4+",
        "mutual_recognition": "CCRA SOG-IS",
        "protection_profile": "",
        "report_link": "https://cyber.gouv.fr/sites/default/files/document_type/ANSSI-CC-2023_62fr.pdf",
        "sponsor": "STORMSHIELD"
      },
      "expiration_date": "2028-12-08",
      "level": "EAL4+",
      "product": "UTM / NG-Firewall Software Suite version 4.3.12.2 (S, M, XL)",
      "sponsor": "STORMSHIELD",
      "url": "https://cyber.gouv.fr/produits-certifies/utm-ng-firewall-software-suite-version-43122-s-m-xl"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "Stormshield",
  "manufacturer_web": "https://www.stormshield.eu/",
  "name": "UTM / NG-Firewall Software Suite (4.3.12.2 (S, M, XL)) ( ANSSI-CC-2023/62 )",
  "not_valid_after": "2028-12-08",
  "not_valid_before": "2023-12-28",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "cert_filename": "certificat-CC-2023_62fr.pdf",
    "cert_frontpage": null,
    "cert_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "FR": {
          "ANSSI-CC-2023/62": 2
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_FLR.3": 2
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL2": 1,
          "EAL4": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "OPPIDA": {
          "OPPIDA": 2
        }
      },
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {},
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "cert_metadata": {
      "/CreationDate": "D:20240213165128+01\u002700\u0027",
      "/Creator": "Acrobat PDFMaker 23 pour Word",
      "/Keywords": "",
      "/ModDate": "D:20240213165313+01\u002700\u0027",
      "/Producer": "Adobe PDF Library 23.1.175",
      "pdf_file_size_bytes": 130702,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 2
    },
    "report_filename": "ANSSI-CC-2023_62fr.pdf",
    "report_frontpage": {
      "FR": {}
    },
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "FR": {
          "ANSSI-CC-2023/62": 2
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_FLR": 1,
          "ALC_FLR.3": 3
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL2": 3,
          "EAL4": 2,
          "EAL4+": 1
        },
        "ITSEC": {
          "ITSEC E3 El\u00e9mentaire": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "CESTI": {
          "CESTI": 1
        },
        "OPPIDA": {
          "OPPIDA": 1
        }
      },
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "CC": {
          "CCMB-2017-04-001": 1,
          "CCMB-2017-04-002": 1,
          "CCMB-2017-04-003": 1
        }
      },
      "symmetric_crypto": {
        "DES": {
          "DES": {
            "DES": 1
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/CreationDate": "D:20240213164647+01\u002700\u0027",
      "/Creator": "Acrobat PDFMaker 23 pour Word",
      "/Keywords": "",
      "/ModDate": "D:20240213165310+01\u002700\u0027",
      "/Producer": "Adobe PDF Library 23.1.175",
      "pdf_file_size_bytes": 328180,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.sogis.eu/",
          "mailto:[email protected]",
          "http://www.ssi.gouv.fr/",
          "http://www.commoncriteriaportal.org/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 12
    },
    "st_filename": "ANSSI-cible-2023_62en.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 1
          },
          "ECDH": {
            "ECDH": 5
          },
          "ECDSA": {
            "ECDSA": 11
          }
        },
        "FF": {
          "DH": {
            "DH": 6,
            "Diffie-Hellman": 11
          },
          "DSA": {
            "DSA": 4
          }
        },
        "RSA": {
          "RSA 2048": 2
        }
      },
      "cc_cert_id": {
        "NL": {
          "CC-01": 3,
          "CC-02": 6,
          "CC-03": 4
        }
      },
      "cc_claims": {
        "O": {
          "O.BACKUP_RESTORATION": 6,
          "O.CRYPTO": 6,
          "O.IPS_ATTACK_DETECTION": 8,
          "O.IPS_RFC_COMPLIANCE": 7,
          "O.LAA_IPS": 8,
          "O.LAA_PCAOA": 12,
          "O.LAA_PCFI": 6,
          "O.PCAOA": 13,
          "O.PCFI_APPLICATION_CONTEXT": 4,
          "O.PCFI_ENCRYPTION": 18,
          "O.PCFI_FILTERING": 7,
          "O.PROTECT_ADMIN_SESSIONS": 6,
          "O.PROTECT_LOGS": 6,
          "O.RESIST_AUTH_ADMIN": 6
        },
        "OE": {
          "OE.AUTONOMOUS": 3,
          "OE.CRYPTO_EXT": 4,
          "OE.ENROLLMENT": 3,
          "OE.GOOD_PCFI": 3,
          "OE.INTERPOSITION": 4,
          "OE.PASSWORD": 3,
          "OE.PERSONNEL": 3,
          "OE.PROTECT_APPLIANCES": 3,
          "OE.PROTECT_VPN_CLIENTS": 3,
          "OE.PROTECT_VPN_PEER": 3,
          "OE.PROTECT_WORKSTATIO": 1,
          "OE.PROTECT_WORKSTATIONS": 2,
          "OE.REVOCATION_LIST": 3,
          "OE.STRICT_USAGE": 3,
          "OE.SUPER_ADMIN": 3,
          "OE.TIMESTAMPS": 4
        },
        "SA": {
          "SA": 2
        },
        "T": {
          "T.ADMIN_USURP": 3,
          "T.AUDIT": 2,
          "T.ILLEGAL_ADMIN": 18,
          "T.ILLEGAL_ADMIN_SESSION": 4,
          "T.IMPROPER_USE": 11,
          "T.IP_SPOOFING": 5
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_ARC.1": 1,
          "ADV_FSP.4": 1,
          "ADV_IMP.1": 1,
          "ADV_TDS.3": 1
        },
        "AGD": {
          "AGD_OPE.1": 1,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_CMC.4": 1,
          "ALC_CMS.4": 1,
          "ALC_DEL.1": 1,
          "ALC_DVS.1": 1,
          "ALC_FLR.3": 6,
          "ALC_LCD.1": 1,
          "ALC_TAT.1": 1
        },
        "ASE": {
          "ASE_CCL.1": 1,
          "ASE_ECD.1": 1,
          "ASE_INT.1": 1,
          "ASE_OBJ.2": 1,
          "ASE_REQ.2": 3,
          "ASE_SPD.1": 1,
          "ASE_TSS.1": 1
        },
        "ATE": {
          "ATE_COV.2": 1,
          "ATE_DPT.1": 1,
          "ATE_FUN.1": 1,
          "ATE_IND.2": 1
        },
        "AVA": {
          "AVA_VAN.3": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL4": 28,
          "EAL4 augmented": 2,
          "EAL4+": 2
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_ARP": 2,
          "FAU_ARP.1": 7,
          "FAU_ARP.1.1": 1,
          "FAU_GEN": 4,
          "FAU_GEN.1": 6,
          "FAU_GEN.1.1": 2,
          "FAU_GEN.1.2": 4,
          "FAU_GEN.2": 6,
          "FAU_GEN.2.1": 2,
          "FAU_SAA.1": 1,
          "FAU_SAA.4": 9,
          "FAU_SAA.4.1": 4,
          "FAU_SAA.4.2": 2,
          "FAU_SAA.4.3": 3,
          "FAU_SAR.1": 7,
          "FAU_SAR.1.1": 2,
          "FAU_SAR.1.2": 2,
          "FAU_STG.3": 7,
          "FAU_STG.3.1": 2
        },
        "FCS": {
          "FCS_CKM": 1,
          "FCS_CKM.1": 24,
          "FCS_CKM.4": 19,
          "FCS_COP.1": 61,
          "FCS_TLSC_EXT.1": 25,
          "FCS_TLSC_EXT.1.1": 3,
          "FCS_TLSC_EXT.1.2": 3,
          "FCS_TLSC_EXT.1.5": 3
        },
        "FDP": {
          "FDP_ACC.1": 2,
          "FDP_ACC.2": 6,
          "FDP_ACC.2.1": 2,
          "FDP_ACC.2.2": 2,
          "FDP_IFC.1": 10,
          "FDP_IFC.1.1": 2,
          "FDP_IFC.2": 6,
          "FDP_IFC.2.1": 3,
          "FDP_IFC.2.2": 2,
          "FDP_IFF.1": 29,
          "FDP_IFF.1.1": 2,
          "FDP_IFF.1.2": 2,
          "FDP_IFF.1.3": 2,
          "FDP_IFF.1.4": 2,
          "FDP_IFF.1.5": 2,
          "FDP_ITC.1": 8,
          "FDP_ITC.2": 8,
          "FDP_UCT.1": 12,
          "FDP_UCT.1.1": 2,
          "FDP_UIT.1": 12,
          "FDP_UIT.1.1": 2,
          "FDP_UIT.1.2": 2
        },
        "FIA": {
          "FIA_UAU.5": 77,
          "FIA_UAU.5.1": 5,
          "FIA_UAU.5.2": 5,
          "FIA_UID.1": 2
        },
        "FMT": {
          "FMT_MOF.1": 10,
          "FMT_MOF.1.1": 3,
          "FMT_MSA.3": 2,
          "FMT_MTD": 23,
          "FMT_MTD.1": 11,
          "FMT_MTD.1.1": 3,
          "FMT_SMF": 1,
          "FMT_SMF.1": 12,
          "FMT_SMF.1.1": 2,
          "FMT_SMR.1": 8,
          "FMT_SMR.1.1": 3,
          "FMT_SMR.1.2": 4
        },
        "FPT": {
          "FPT_ITT.1": 10,
          "FPT_ITT.1.1": 2,
          "FPT_STM.1": 1,
          "FPT_TDC.1": 8,
          "FPT_TDC.1.1": 2,
          "FPT_TDC.1.2": 2
        },
        "FTP": {
          "FTP_ITC.1": 2,
          "FTP_ITT.1": 1,
          "FTP_TRP.1": 74,
          "FTP_TRP.1.1": 5,
          "FTP_TRP.1.2": 5,
          "FTP_TRP.1.3": 5
        }
      },
      "certification_process": {
        "OutOfScope": {
          "out of scope": 1,
          "protocol, the connection is set up by the web browser on the administration workstation which is out of scope. Likewise the TLS protocol itself is outside the scope of this evaluation. Rationale: the trusted": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 1
        },
        "CTR": {
          "CTR": 4
        },
        "GCM": {
          "GCM": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 1
        }
      },
      "crypto_protocol": {
        "IKE": {
          "IKE": 46,
          "IKEv2": 11
        },
        "IPsec": {
          "IPsec": 1
        },
        "SSH": {
          "SSH": 2
        },
        "TLS": {
          "SSL": {
            "SSL": 2
          },
          "TLS": {
            "TLS": 65,
            "TLS 1.2": 4,
            "TLS 1.3": 5
          }
        },
        "VPN": {
          "VPN": 98
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1
        },
        "KEX": {
          "Key Exchange": 4
        },
        "MAC": {
          "MAC": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "SECP256r1": 1,
          "secp256r1": 7,
          "secp384r1": 7,
          "secp521r1": 5
        }
      },
      "eval_facility": {},
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 1
          }
        },
        "SHA": {
          "SHA2": {
            "SHA-2": 2,
            "SHA2": 9
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {
        "curves": {
          "SECP256R1": 1
        }
      },
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "CC": {
          "CCMB-2017-04-001": 1,
          "CCMB-2017-04-002": 1,
          "CCMB-2017-04-003": 1,
          "CCMB-2017-04-004": 1
        },
        "FIPS": {
          "FIPS 180-1": 1,
          "FIPS 180-2": 1,
          "FIPS PUB 186-4": 1,
          "FIPS PUB 197": 1
        },
        "ISO": {
          "ISO/IEC 14888-3": 1
        },
        "PKCS": {
          "PKCS #1": 1
        },
        "RFC": {
          "RFC 1034": 1,
          "RFC 1035": 1,
          "RFC 1058": 1,
          "RFC 1349": 1,
          "RFC 2104": 1,
          "RFC 2246": 1,
          "RFC 2385": 1,
          "RFC 2389": 1,
          "RFC 2401": 2,
          "RFC 2409": 2,
          "RFC 2428": 1,
          "RFC 2453": 1,
          "RFC 2474": 1,
          "RFC 2518": 1,
          "RFC 2577": 1,
          "RFC 2616": 1,
          "RFC 2631": 1,
          "RFC 2817": 1,
          "RFC 2818": 5,
          "RFC 2986": 4,
          "RFC 3253": 1,
          "RFC 3261": 1,
          "RFC 3268": 1,
          "RFC 3330": 1,
          "RFC 3376": 1,
          "RFC 3435": 1,
          "RFC 3526": 1,
          "RFC 3550": 1,
          "RFC 3605": 1,
          "RFC 4303": 1,
          "RFC 4754": 1,
          "RFC 4960": 1,
          "RFC 5246": 6,
          "RFC 5273": 1,
          "RFC 5280": 1,
          "RFC 5282": 1,
          "RFC 5639": 1,
          "RFC 5652": 1,
          "RFC 5903": 1,
          "RFC 6125": 3,
          "RFC 6455": 1,
          "RFC 6932": 1,
          "RFC 7030": 17,
          "RFC 7427": 1,
          "RFC 768": 1,
          "RFC 792": 1,
          "RFC 793": 1,
          "RFC 8446": 5,
          "RFC 959": 1
        },
        "X509": {
          "X.509": 27
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 18
          },
          "CAST": {
            "CAST": 1
          }
        },
        "DES": {
          "DES": {
            "DES": 2
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 4
          }
        },
        "miscellaneous": {
          "Blowfish": {
            "Blowfish": 1
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {
        "TLS": {
          "TLS_DHE_RSA_WITH_AES_128_CBC_SHA": 1
        }
      },
      "vendor": {
        "Cisco": {
          "Cisco": 1
        },
        "Microsoft": {
          "Microsoft": 2
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "Stormshield",
      "/CreationDate": "D:20230808085705+02\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2019",
      "/ModDate": "D:20230808085705+02\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2019",
      "/Subject": "UTM / NG-Firewall Software Suite",
      "/Title": "Stormshield Network Security",
      "pdf_file_size_bytes": 2008885,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 107
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": []
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2023_62fr.pdf",
  "scheme": "FR",
  "security_level": {
    "_type": "Set",
    "elements": [
      "ALC_FLR.3",
      "EAL4+"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-cible-2023_62en.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "cert": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "73901ace86a65e05980310126626f564e5d1208e0ab7a1fc6d51141dd2b992b4",
      "txt_hash": "6b7c3a22ce5c56ff9a90aeb0c8a8abc3c3073a19399f1484bb34514272d38a7c"
    },
    "report": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "3cc4ebccb92d30dc45d2a88f9b8cb39e48c6ed156030e8994ddd5d6dd8cebc47",
      "txt_hash": "c2577c96633024b322ed06ebb20251341c85032f92317e5f7593f9f8bc2d36a1"
    },
    "st": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "fa26554638022558de53c799e0bb03b7cafa6ff24fcd0de9d9fd352d2322de5d",
      "txt_hash": "dd6ddb4099b283081812eaf899ba6cd78ef66beca43778a780d267b716318cbe"
    }
  },
  "status": "active"
}

UTM / NG-Firewall Software Suite (4.3.12.2 (S, M, XL)) ( ANSSI-CC-2023/62 )

CSV information ?

Heuristics summary ?

Certificate ?

Extracted keywords

Common Criteria

Security level

Security Assurance Requirements (SAR)

Certificates

Evaluation facilities

File metadata

Certification report ?

Extracted keywords

Cryptography

Symmetric Algorithms

Common Criteria

Security level

Security Assurance Requirements (SAR)

Certificates

Evaluation facilities

Other

Standards

File metadata

Security target ?

Extracted keywords

Cryptography

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Libraries

Elliptic Curves

Block cipher modes

TLS cipher suites

Device

JavaCard API constants

Vendor

Common Criteria

Security level

Claims

Security Assurance Requirements (SAR)

Security Functional Requirements (SFR)

Certificates

Security

Certification process

Other

Standards

File metadata

Heuristics ?

Extracted SARs

Similar certificates

Scheme data ?

References ?

Updates ?

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

New certificate

Raw data