National Information Assurance Partnership
Cisco Optical Networking Solution
(ONS)
Validation Report
Report Number: CCEVS-VR-VID10561-2014
Dated: 12 September 2014
Version: 1.0
National Institute of Standards and Technology National Security Agency
Information Technology Laboratory Information Assurance Directorate
100 Bureau Drive 9800 Savage Road STE 6940
Gaithersburg, MD 20899 Fort George G. Meade, MD 20755-6940
®
TM
Cisco Optical Networking Solution September 2014
ii
ACKNOWLEDGEMENTS
Validation Team
Mike Allen (Lead Validator)
Jandria S. Alexander (Senior Validator)
Aerospace Corporation
Columbia, Maryland
Common Criteria Testing Laboratory
Leidos Common Criteria Testing Laboratory
Columbia, Maryland 21046-2587
Cisco Optical Networking Solution September 2014
iii
Table of Contents
1 Executive Summary 1
2 Identification 3
2.1 Applicable Interpretations 4
3 Security Policy 5
3.1 Audit 5
3.2 Cryptographic Support 5
3.3 Full Residual Information Protection 5
3.4 Identification and Authentication 5
3.5 Security Management 6
3.6 Protection of the TSF 6
3.7 TOE Access 7
3.8 Trusted Path/Channels 7
4 Assumptions and Clarification of Scope 8
4.1 Assumptions 8
4.2 Clarification of Scope 8
5 Architectural Information 9
5.1 Physical Boundaries 10
5.2 Hardware 10
5.3 Software 10
5.4 Appliances 11
5.5 Configurations 11
6 Documentation 13
7 IT Product Testing 14
8 Evaluated Configuration 15
9 Results of the Evaluation 16
10 Validator Comments/Recommendations 17
11 Security Target 19
12 Glossary 20
13 Bibliography 21
Cisco Optical Networking Solution September 2014
1
1 Executive Summary
This report is intended to assist the end-user of this product and any security certification Agent
for that end-user in determining the suitability of this Information Technology (IT) product in
their environment. End-users should review both the Security Target (ST), which is where
specific security claims are made, in conjunction with this Validation Report (VR), which
describes how those security claims were tested and evaluated and any restrictions on the
evaluated configuration. Prospective users should carefully read the Assumptions and
Clarification of Scope in Section 4 and the Validator Comments in Section 10 where any
restrictions are highlighted.
This report documents the National Information Assurance Partnership (NIAP) assessment of the
evaluation of the Cisco Optical Networking Solution (hereafter referenced as Cisco ONS). It
presents the evaluation results, their justifications, and the conformance results. This Validation
Report is not an endorsement of the Target of Evaluation (TOE) by any agency of the U.S.
Government and no warranty of the TOE is either expressed or implied. This Validation Report
applies only to the specific version and configuration of the product as evaluated and
documented in the Security Target.
The evaluation of Cisco ONS was performed by Leidos formerly known as SAIC, in the United
States and was completed in August 2014. The evaluation was carried out in accordance with
the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and scheme. The
criteria against which the Cisco ONS TOE was judged are described in the Common Criteria for
Information Technology Security Evaluation, Version 3.1, Revision 4. The evaluation
methodology used by the evaluation team to conduct the evaluation was available in the
Common Methodology for Information Technology Security Evaluation Versions 3.1, Revision
4.
The information in this report is largely derived from the ST, Evaluation Technical Report
(ETR), the Assurance Activities Report (AAR) and associated test report. The ST was written
by Cisco. The ETR, AAR and test report used in developing this validation report were written
by Leidos. The product, when configured as specified in the installation guides, user guides, and
ST satisfies all of the security functional requirements stated in the Cisco ONS Security Target,
version 1.0 dated August 11, 2014 and the Protection Profile for Network Devices (NDPP).
The Cisco ONS TOE is the Multiservice Transport Platform (MSTP) that provides dense
wavelength-division multiplexing (DWDM) and time-division multiplexing (TDM) solutions. The
Optical Encryption Line Card provides the secure transport capability of the TOE. The card provides
data confidentiality and data integrity over a fiber optic communication channel through the
combination of cryptography and product architecture. The services include service transparency,
flexible topology, completely reconfigurable traffic pattern, and simplified operations. The platform
supports a variety of modules to enable wide deployment scenarios including access, metro, regional,
and ultra-long-haul networks. The traditional transport services such as Ethernet and IP are also
supported by the TOE. The TOE includes the hardware models as defined in Section 5.
Cisco Optical Networking Solution September 2014
2
A validation team from NIAP monitored the activities of the evaluation team, examined
evaluation evidence, provided guidance on technical issues and evaluation processes, and
reviewed the individual work units and verdicts of the ETR. The team found that the evaluation
showed that the product satisfies all of the security functional and assurance requirements stated
in the ST. The evaluation also showed that the product met all the security requirements and
Assurance Activities contained in the NDPP. Therefore the team concludes that the testing
laboratory’s findings are accurate, the conclusions justified, and the conformance results are
correct. The conclusions of the testing laboratory in the evaluation technical report are consistent
with the evidence produced.
Cisco Optical Networking Solution September 2014
3
2 Identification
The CCEVS is a joint National Security Agency (NSA) and National Institute of Standards and
Technology (NIST) effort to establish commercial facilities to perform trusted product
evaluations. Under this program, commercial testing laboratories called Common Criteria
Testing Laboratories (CCTLs) use the Common Evaluation Methodology (CEM) for evaluations
in accordance with National Voluntary Laboratory Assessment Program (NVLAP) accreditation
conduct security evaluations.
The NIAP Validation Body assigns Validators to monitor the CCTLs to ensure quality and
consistency across evaluations. Developers of information technology (IT) products, desiring a
security evaluation, contract with a CCTL and pay a fee for their product’s evaluation. Upon
successful completion of the evaluation, the product is added to NIAP’s Product Compliant List.
Table 1 provides information needed to completely identify the product, including:
• The Target of Evaluation (TOE): the fully qualified identifier of the product as evaluated;
• The Security Target (ST), describing the security features, claims, and assurances of the product;
• The conformance result of the evaluation;
• The Protection Profile to which the product is conformant (if any); and
• The organizations and individuals participating in the evaluation.
Table 1: Evaluation Identifiers
Item Identifier
Evaluation Scheme United States NIAP Common Criteria Evaluation and Validation Scheme
Target of Evaluation Cisco Optical Networking Solution
Protection Profiles
U.S. Government Security Requirements for Network Devices
(pp_nd_v1.1) version 1.1, 8 June 2012
Security Requirements for Network Devices, Errata #2, 13 January 2014
Security Target
Cisco Optical Networking Solution Security Target, Version 1.0, August 11,
2014
Dates of evaluation January 2014 through August 2014
Evaluation Technical Report
Proprietary Evaluation Technical Report for Cisco Optical Networking Solution
Version 9.8.1.2, Version 1.0, 25 July 2014
Assurance Activities Report
Assurance Activities Report for Cisco Optical Networking Solution Version
9.8.1.2, Version 2.0, 8 May 2014.
Common Criteria version Common Criteria for Information Technology Security Evaluation Version
3.1R4, September 2012
Common Evaluation
Methodology (CEM)
CEM version 3.1R4 dated September 2012and all applicable NIAP
Sponsor Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134
Developer Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134
Common Criteria Testing Lab
Leidos Common Criteria Testing Laboratory, 6841 Benjamin Franklin Drive,
Columbia, MD 21046
Evaluators Kevin Micciche and Greg Beaver
Validation Team Jandria S. Alexander and Mike Allen of the Aerospace Corporation
Cisco Optical Networking Solution September 2014
4
2.1 Applicable Interpretations
The following NIAP and International Interpretations were determined to be applicable when the
evaluation started.
NIAP Interpretations
None
International Interpretations
None
Cisco Optical Networking Solution September 2014
5
3 Security Policy
The security requirements enforced by the Cisco ONS were designed based on the following
overarching security policies:
3.1 Audit
The Cisco Optical Networking Solution provides extensive auditing capabilities. The TOE can
audit events related to cryptographic functionality, identification and authentication, and
administrative actions. The Cisco Optical Networking Solution generates an audit record for
each auditable event. Each security relevant audit event has the date, timestamp, event
description, and subject identity. Auditing is always on to audit all events and therefore the
administrator is only required to manage the audit data storage and archive of the log files. The
TOE provides the administrator with a circular audit trail with a configurable audit trail threshold
to track the storage capacity of the audit trail. Audit logs are manually archived over a secure
HTTPS/TLS connection to an external audit server.
3.2 Cryptographic Support
ONS is a FIPS validated product. The CAVP certificates are listed within the Security Target.
The TOE also provides cryptography in support of other Cisco ONS security functionality. This
cryptography has been validated for conformance to the requirements of FIPS 140-2 Level.
The TOE provides HTTPS, as specified in RFC 2818, to provide a secure interactive interface
for remote administrative functions and to support secure exchange of user authentication
parameters during login. HTTPS uses TLS to securely establish the encrypted remote session.
The TOE provides TLS 1.0, conformant to RFC 2246. The TOE only supports standard
extensions, methods, and characteristics.
3.3 Full Residual Information Protection
The TOE ensures that all information flows from the TOE do not contain residual information
from previous traffic. Packets are padded with zeros. Residual data is never transmitted from
the TOE.
3.4 Identification and Authentication
The TOE provides authentication services for administrative users to connect to the TOEs GUI
administrator interface. The TOE requires Authorized Administrators to be successfully
identified and authenticated prior to being granted access to any of the management
functionality. The TOE can be configured to require a minimum password length of 15
characters, password expiration as well as mandatory password complexity rules. The TOE
provides administrator authentication against a local user database using the GUI interface
accessed via secure HTTPS connection.
Cisco Optical Networking Solution September 2014
6
3.5 Security Management
The TOE provides secure administrative services for management of general TOE configuration
and the security functionality provided by the TOE. All TOE administration occurs either
through a secure HTTPS session or via a local console connection. The Cisco Transport
Controller (CTC) is the only administrator interface permitted to manage the ONS in the
evaluated configuration. The TOE provides the ability to securely manage:
• All TOE administrative users;
• All identification and authentication;
• All audit functionality of the TOE;
• All TOE cryptographic functionality;
• The timestamps maintained by the TOE; and
• Updates to the TOE.
Administrative users can be assigned one of the following security levels:
• Retrieve-Users can retrieve and view CTC information but cannot set or modify
parameters.
• Maintenance-Users can access only the ONS 15454 maintenance options.
• Provisioning-Users can access provisioning and maintenance options.
• Superuser-Users can perform all of the functions of the other security levels as well as set
names, passwords, and security levels for other users. Superusers can also provision
security policies on the TOE. These security policies include idle user timeouts,
password changes, password aging, and user lockout parameters.
3.6 Protection of the TSF
The TOE protects against interference and tampering by untrusted subjects by implementing
identification, authentication, and access controls to limit configuration to Authorized
Administrators. The TOE prevents reading of cryptographic keys and passwords. Additionally,
Cisco ONS is not a general-purpose operating system and access to Cisco ONS memory space is
restricted to only Cisco ONS functions.
The TOE internally maintains the date and time. This date and time is used as the timestamp that
is applied to audit records generated by the TOE.
Cisco Optical Networking Solution September 2014
7
The TOE performs testing to verify correct operation of the system itself and that of the
cryptographic module.
Finally, the TOE is able to verify any software updates prior to the software updates being
installed on the TOE to avoid the installation of unauthorized software.
3.7 TOE Access
The TOE can terminate inactive sessions after an Authorized Administrator configurable time-
period. Once a session has been terminated the TOE requires the user to re-authenticate to
establish a new session.
The TOE can also be configured to display an Authorized Administrator specified banner on the
GUI management interface prior to accessing the TOE.
3.8 Trusted Path/Channels
The TOE allows trusted paths to be established to itself from remote administrators over HTTPS
and initiates secure HTTPS connections to transmit audit messages to remote syslog servers.
Cisco Optical Networking Solution September 2014
8
4 Assumptions and Clarification of Scope
All Threats to the TOE, Assumptions, and Organization Security Polices are consistent with
those contained in: [NDPPv1.1].
.
4.1 Assumptions
The following assumptions were made during the evaluation of the Optical Networking Solution.
• It is assumed that there are no general-purpose computing capabilities (e.g., compilers or
user applications available on the TOE, other than those services necessary for the
operation, administration and support of the TOE.
• Physical security, commensurate with the value of the TOE and the data it contains, is
assumed to be provided by the environment.
• TOE Administrators are trusted to follow and apply all administrator guidance and
maintain the TOE in its evaluated configuration.
The TOE includes all the code that enforces the policies identified.
4.2 Clarification of Scope
All evaluations (and all products) have limitations, as well as potential misconceptions that need
clarifying. This text covers some of the more important limitations and clarifications of this
evaluation and how the TOE needs to be configured to ensure it operates in the evaluated
configuration.
The TOE claims exact compliance to the Protection Profile for Network Devices, Version 1.1, 08
June, 2012 and Security Requirements for Network Devices Errata #2, 13 January, 2014. Exact
compliance indicates that the TOE implements the security functions exactly as specified by the
PP; however, functions not described in the Security Target may be used, but were not tested as
part of this evaluation.
The evaluation was conducted against the specific devices and software version as identified
herein. As with any evaluation, this evaluation only shows that the evaluated configuration
meets the security claims with a certain level of assurance. The level of assurance for this
evaluation is defined within the Protection Profile, including any Errata, to which this evaluation
claimed compliance.
Communications to and from the TOE is via a trusted path that is part of the environment and not
part of this evaluation. Users must ensure the proper level of security is employed on this path.
The administrator is responsible for updating all patches and security updates.
The process to track flaws and updates may require purchase of a Service Level Agreement (See
the Validator’s Comments, Section 10 below, for further details).
Cisco Optical Networking Solution September 2014
9
5 Architectural Information
The TOE consists of one or more physical devices; the Optical Networking Solution (ONS) with
Cisco IOS software. All of the ONS systems run the same version of the Universal Cisco
Internet Operating System (IOS) software image Release 9.8.1.2 software which enforces the
security functions being claimed regardless of the model.
The Cisco IOS configuration determines how packets are handled to and from the routers’
network interfaces. The router configuration will determine how traffic flows received on an
interface will be handled. Typically, packet flows are passed through the internetworking device
and forwarded to their configured destination.
The TOE can optionally connect to an NTP server on its internal network for time services. Also,
if the Optical Networking Solution (ONS) is to be remotely administered, then the management
station must be connected to an internal network, HTTPS must be used to connect to the router.
A syslog server can also be used to store audit records. A remote authentication server can also
be used for centralized authentication. If these servers are used, they must be attached to the
internal (trusted) network. The internal (trusted) network is meant to be separated effectively
from unauthorized individuals and user traffic; one that is in a controlled environment where
implementation of security policies can be enforced.
The following figure provides a visual depiction of an example TOE deployment.
Figure 1: TOE Deployment Example
ONS 15454 MSTP External
Network
Internal
Network
Syslog
Server
Remote
Admin
Console
Cisco Optical Networking Solution September 2014
10
5.1 Physical Boundaries
The TOE is a hardware and software solution that makes up the router models as follows: Cisco
ONS 15454 M2 or ONS 15454 M6 DWDM.
The network on which they reside is considered part of the environment. The software is
comprised of the Universal Cisco Internet Operating System (IOS) software image Release
9.8.1.2.
5.2 Hardware
The hardware is comprised of the following:
Cisco ONS 15454 M2, ONS 15454 M6 DWDM
Controller Card
15454-M-TNC-K9
15454-M-TSC-K9
15454-M-TNCE-K9
15454-M-TSCE-K9
Encryption Card
15454-M-WSE-K9
The network, on which they reside, is considered part of the environment. The software is
comprised of the Universal Cisco IOS software image Release ONS 9.8.1.2.
The validated platforms consist of the following components:
Chassis (one or more):
15454-M2-SA
15454-M6-SA
Controller (Management) Cards (one or more):
15454-M-TNC-K9
15454-M-TSC-K9
15454-M-TNCE-K9
15454-M-TSCE-K9
Encryption (Traffic Data) Card:
15454-M-WSE-K9
5.3 Software
ONS 9.8.1.2
Cisco Optical Networking Solution September 2014
11
5.4 Appliances
The TOE hardware includes the following appliances:
Hardware Picture Interoperability Size Power Interfaces
Cisco ONS
15454 M2
Multiservice
Transport
Platform (with
and without
covers)
N/A 3.46 x
17.18
x
11.02
in.
100-
240V
One slot for
the control
card and
two slots
for service
cards.
USB port,
Cisco ONS
15454 M6
Multiservice
Transport
Platform (with
and without
front cover)
N/A 10.45
x
17.45
x
11.02
in.
100-
240V
2 slots for
redundant
control
cards and 6
slots for
service
cards.
5.5 Configurations
Permitted Configurations:
Chassis Controller Cards Encryption Card
15454-M2-SA Single
15454-M-TNC-K9
Up to two (2)
15454-M-WSE-K9
Single
15454-M-TSC-K9
Up to two (2)
15454-M-WSE-K9
Single
15454-M-TNCE-K9
Up to two (2)
15454-M-WSE-K9
Single
15454-M-TSCE-K9
Up to two (2)
15454-M-WSE-K9
15454-M6-SA Single
15454-M-TNC-K9
Up to six (6)
15454-M-WSE-K9
Single
15454-M-TSC-K9
Up to six (6)
15454-M-WSE-K9
Single
15454-M-TNCE-K9
Up to six (6)
15454-M-WSE-K9
Single
15454-M-TSCE-K9
Up to six (6)
15454-M-WSE-K9
Dual
15454-M-TNC-K9
Up to six (6)
15454-M-WSE-K9
Cisco Optical Networking Solution September 2014
12
Chassis Controller Cards Encryption Card
Dual
15454-M-TSC-K9
Up to six (6)
15454-M-WSE-K9
Dual
15454-M-TNCE-K9
Up to six (6)
15454-M-WSE-K9
Dual
15454-M-TSCE-K9
Up to six (6)
15454-M-WSE-K9
Cisco Optical Networking Solution September 2014
13
6 Documentation
Cisco offers a number of guidance documents along with a CC-specific supplemental document
describing the installation process for the TOE as well as guidance for subsequent use and
administration of the applicable security features.
The documentation for the TOE is:
Cisco Optical Networking Solution Common Criteria Configuration Guide
Cisco ONS 15454 DWDM Configuration Guide, Release 9.8
Cisco ONS 15454 Series Multiservice Transport Platforms
Cisco ONS 15454 Series Multiservice Transport Platforms Security Reference
Cisco ONS 15454 Series Multiservice Transport Platforms Connect the PC and Log into the GUI
Cisco IOS Command Reference
The security target used is:
Cisco Optical Networking Solution Security Target, 1.0, August 11, 2014.
Cisco Optical Networking Solution September 2014
14
7 IT Product Testing
The purpose of this activity was to determine whether the TOE behaves as specified in the design
documentation and in accordance with the TOE security functional requirements specified in the
ST for an NDPPv1.1.
Independent testing took place at the CCTL location in Columbia, Maryland in May 2014.
The evaluators received the TOE in the form that normal customers would receive it, installed
and configured the TOE (in three distinct but representative configurations) in accordance with
the provided guidance and exercised the Team Test Plan on equipment configured in the testing
laboratory.
This effort involved installing and configuring the Cisco Optical Networking Solution
components. Subsequently, the evaluators exercised all the tests cases. The tests were selected in
order to ensure that each of the test assertions defined by the NDPPv1.1 were covered.
Also, the evaluators devised independent tests to ensure that start-up and shut down operations
were audited, to verify the claimed methods of audit storage, to verify that administrator actions
were audited, to verify that users are identified and authenticated, to verify use and restrictions of
the management functions, to verify protected communication between the TOE and the trusted
components of the operational environment, to verify trusted path and to verify protected update
of the TOE software.
Given the complete set of test results from the test procedures exercised by the evaluators, the
testing requirements for NDPPv1.1 are fulfilled.
Cisco Optical Networking Solution September 2014
15
8 Evaluated Configuration
The TOE is the Cisco Optical Networking Solution installed and configured according to the
Cisco Optical Networking Solution Common Criteria Configuration Guide as well as the
Installation Guide for the respective Cisco Optical Networking Solution models included in the
TOE.
Cisco Optical Networking Solution September 2014
16
9 Results of the Evaluation
The Evaluation Team conducted the evaluation in accordance with the CC, the CEM, the
NDPPv1.1, and the CCEVS.
The details of the evaluation results are recorded in the Evaluation Technical Report
(proprietary) and Test Summary Report provided by the CCTL. A verdict for an assurance
component is determined by the resulting verdicts assigned to the corresponding evaluator action
elements. The evaluation was conducted based upon version 3.1 R4 of the CC and the CEM.
Additionally the evaluators performed the assurance activities specified in the Network Devices
Protection Profile (NDPP). The evaluation determined the Cisco Optical Networking Solution
TOE to be Part 2 extended, and meets the SARs contained the PP. All assurance activities and
work units received a passing verdict.
Cisco Optical Networking Solution September 2014
17
10 Validator Comments/Recommendations
The validation team’s observations support the evaluation team’s conclusion that the Cisco
Optical Networking Solution meets the claims stated in the Security Target. The validation team
also wishes to add the following clarification about the use of the product.
• Pay particular attention to the evaluated configuration of the devices as stated in the
Security Target and Common Criteria Configuration Guide.
• NON-FIPS 140 mode of operation is excluded from the evaluation. This mode is to be
disabled in the evaluated configuration. The exclusion of this functionality does not affect
compliance to the U.S. Government Protection Profile for Security Requirements for
Network Devices version 1.1.
• The use of the local console for administration is specifically excluded from use once the
device has been placed into the evaluated configuration.
• Please note that the evaluated functionality was scoped exclusively to the security
functional requirements as specified in the Security Target. Any other functionality
included in the product was not assessed as part of this evaluation.
• Note that certain network related functionality is excluded from the approved
configuration and that some networking functions relative to the devices were not tested,
nor can any claims be made relative to their security. The following features are not
included in the evaluated configuration:
– RS-232 local console
– Telnet
– FTP
– HTTP
– SNMP
– SSH
– SSL (pre-TLS)
• The following features and functions were not evaluated and should not be used in the
evaluated configuration. No further conclusions can be drawn as to their effectiveness:
– Synchronous Optical Networking (SONET)
– Synchronous Digital Hierarchy (SDH)
Cisco Optical Networking Solution September 2014
18
– Synchronous Ethernet (SyncE)
– Reconfigurable Optical Add/Drop Multiplexers (ROADMs)
– Building Integrated Timing Supply (BITS)
– IEEE 1588v2 Precision Timing Protocol (PTP)
– OSI Layer 2 protocols such as CDP, VLAN protocols, Ethernet encapsulation
protocols, etc.
– Routing protocols such as OSPF, BGP, etc.
– Protocol inspection engines (enabled with the “inspect” commands)
Cisco Optical Networking Solution September 2014
19
11 Security Target
Cisco Optical Networking Solution Security Target, Version 1.0, August 11, 2014.
Cisco Optical Networking Solution September 2014
20
12 Glossary
The following abbreviations and definitions are used throughout this document:
CC Common Criteria
CCTL CC Testing Laboratory
CI Configuration Item
CM Configuration Management
CMP Configuration Management Plan
CVE Common Vulnerabilities and Exposures
CVS Concurrent Versioning System
DoD Department of Defense
FSP Functional Specification
GUI Graphical User Interface
HLD High-level Design
ID Identity/Identification
IP Internet Protocol
IT Information Technology
NIAP National Information Assurance Partnership
NIST National Institute of Standards and Technology
NSA National Security Agency
OS Operating System
PP Protection Profile
SAR Security Assurance Requirement
SFR Security Functional Requirement
ST Security Target
TOE Target of Evaluation
TSF TOE Security Functions
TSS TOE Summary Specification
Cisco Optical Networking Solution September 2014
21
13 Bibliography
The Validation Team used the following documents to produce this Validation Report:
• Common Criteria Project Sponsoring Organisations. Common Criteria for Information
Technology Security Evaluation: Part 1: Introduction and General Model, Version 3.1
R4, September 2012.
• Common Criteria Project Sponsoring Organisations. Common Criteria for Information
Technology Security Evaluation: Part 2: Security Functional Requirements, Version 3.1
R4, September 2012.
• Common Criteria Project Sponsoring Organisations. Common Criteria for Information
Technology Security Evaluation: Part 3: Security Assurance Requirements, Version 3.1
R4, September 2012.
• Common Criteria Project Sponsoring Organisations. Common Evaluation Methodology
for Information Technology Security – Part 1, Version 3.1 R4, September 2012.
• Common Criteria Project Sponsoring Organisations. Common Evaluation Methodology
for Information Technology Security – Part 2: Evaluation Methodology, Version 3.1 R4,
September 2012.
• Cisco Optical Networking Solution Security Target, Version 1.0, August 11, 2014
• Evaluation Technical Report For Cisco Optical Networking Solution, parts 1 and 2,
version 1.0, July 21, 2014.
• Assurance Activities Report For Cisco Optical Networking Solution Version 9.8.1.2,
Version 2.0, May 8, 2014.