| name |
Junos OS 20.2R1-S1 for QFX5120-48T, QFX5120-48Y, QFX5120-32C, QFX5210-64C, EX4650-48Y and QFX5200-48Y |
Arbit Data Diode 10 GbE v1.00 |
| category |
Network and Network-Related Devices and Systems |
Boundary Protection Devices and Systems |
| scheme |
AU |
DE |
| status |
active |
active |
| not_valid_after |
15.02.2026 |
07.04.2026 |
| not_valid_before |
15.02.2021 |
07.04.2021 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/EFT-T017%20Cert%202021_135%20OS.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1096c_pdf.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/T0017-Certification_Report_V1.0.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1096a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Juniper%20QFX5120,%20QFX5200,%20QFX5210,%20EX4650%20Junos%2020.2R1%20ST%20v1.3.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1096b_pdf.pdf |
| manufacturer |
Juniper Networks, Inc. |
Arbit Cyber Defence Systems ApS |
| manufacturer_web |
https://www.juniper.net/ |
https://arbitcds.com |
| security_level |
{} |
ALC_FLR.1, EAL7+ |
| dgst |
07bffc2fb1a2fbc4 |
1c667ea8ba56a5db |
| heuristics/cert_id |
Certificate Number: 2021/135 |
BSI-DSZ-CC-1096-2021 |
| heuristics/cert_lab |
[] |
BSI |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ASE_TSS.1, ADV_FSP.1, ALC_CMC.1, ASE_INT.1, ASE_SPD.1, ASE_OBJ.1, AVA_VAN.1, ATE_IND.1, ALC_CMS.1, AGD_OPE.1, ASE_REQ.1, ASE_CCL.1, ASE_ECD.1, AGD_PRE.1 |
ALC_LCD.2, ALC_FLR.1, ALC_CMS.5, ALC_DEL.1, ALC_DVS.2, ALC_TAT.3, ALC_CMC.5 |
| heuristics/extracted_versions |
20.2 |
1.00 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_ND_V2.1.pdf |
{} |
| pdf_data/cert_filename |
EFT-T017 Cert 2021_135 OS.pdf |
1096c_pdf.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
- EAL:
- EAL 2: 1
- EAL 4: 1
- EAL 5: 1
- EAL 7: 1
- EAL 7 augmented: 1
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /CreationDate: D:20210217171814+10'00'
- /Creator: ACA75941.dpe.protected.mil.au
- /ModDate: D:20210217171814+10'00'
- /Producer: KONICA MINOLTA bizhub C308
- /Title: SACA75941.d21021717171
- pdf_file_size_bytes: 108210
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20210414123708+02'00'
- /Creator: Writer
- /Keywords: Common Criteria, Certification, Zertifizierung, Arbit, Data Diode, EAL7
- /ModDate: D:20210414123809+02'00'
- /Producer: LibreOffice 6.3
- /Subject: Common Criteria Certification
- /Title: Certification Report BSI-DSZ-CC-1096-2021
- pdf_file_size_bytes: 237483
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
T0017-Certification_Report_V1.0.pdf |
1096a_pdf.pdf |
| pdf_data/report_frontpage |
|
- DE:
- cert_id: BSI-DSZ-CC-1096-2021
- cert_item: Arbit Data Diode 10 GbE
- cert_lab: BSI
- developer: Arbit Cyber Defence Systems ApS
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
|
| pdf_data/report_keywords/cc_cert_id |
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
- EAL:
- EAL 1: 1
- EAL 2: 2
- EAL 2+: 1
- EAL 4: 5
- EAL 5: 4
- EAL 7: 4
- EAL 7 augmented: 3
|
| pdf_data/report_keywords/cc_sar |
|
- ADV:
- ADV_FSP: 1
- ADV_IMP: 1
- ADV_TDS: 1
- ALC:
- ALC_CMC.5: 1
- ALC_CMS: 1
- ALC_CMS.5: 1
- ALC_DEL.1: 1
- ALC_DVS.2: 1
- ALC_FLR: 3
- ALC_FLR.1: 4
- ALC_LCD.2: 1
- ALC_TAT.3: 1
|
| pdf_data/report_keywords/cc_sfr |
|
- FDP:
- FDP_IFC.2: 2
- FDP_IFF.1: 2
|
| pdf_data/report_keywords/cc_claims |
|
- A:
- A.INTEGRATOR: 1
- A.PHYSICAL: 1
- A.POWER: 1
- OE:
- OE.INTEGRATOR: 1
- OE.PHYSICAL: 1
- OE.POWER: 1
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
- TUV:
- TÜV Informationstechnik: 3
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
- BSI:
- AIS 1: 1
- AIS 14: 5
- AIS 35: 1
- AIS 45: 1
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
- ConfidentialDocument:
- Informationstechnik GmbH, (confidential document) [8] (reference not used) 7 See section 9.1 for details on used AIS. 18 / 22 BSI-DSZ-CC-1096-2021: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- list for the TOE, Version 0.42, 2020-12-10, “Arbit Data Diode 10GbE - Configuration List” (confidential document) [11] “Arbit Data Diode 10GbE – Integration Guide”, Version 1.08, 2021-10-21, Confiware ApS and: 1
- “Arbit Data Diode 10GbE - Security Target”, Confiware ApS and Arbit Cyber Defence Systems ApS (confidential document) [7] Evaluation Technical Report, Version 2, 2021-01-20, “ETR Summary V2 – Arbit Data Diode 1.00: 1
|
| pdf_data/report_metadata |
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20210414122548+02'00'
- /Creator: Writer
- /Keywords: Common Criteria, Certification, Zertifizierung, Arbit, Data Diode, EAL7
- /ModDate: D:20210414123834+02'00'
- /Producer: LibreOffice 6.3
- /Subject: Common Criteria Certification
- /Title: Certification Report BSI-DSZ-CC-1096-2021
- pdf_file_size_bytes: 526938
- pdf_hyperlinks: http://www.commoncriteriaportal.org/cc/, https://www.sogis.eu/, https://www.bsi.bund.de/AIS, http://www.commoncriteriaportal.org/, https://www.bsi.bund.de/zertifizierung, https://www.bsi.bund.de/zertifizierungsreporte, https://www.bsi.bund.de/
- pdf_is_encrypted: False
- pdf_number_of_pages: 22
|
| pdf_data/st_filename |
Juniper QFX5120, QFX5200, QFX5210, EX4650 Junos 20.2R1 ST v1.3.pdf |
1096b_pdf.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.1: 1
- ASE_REQ.1: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- AVA:
|
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 2
- FAU_GEN.1: 10
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 5
- FAU_GEN.2.1: 1
- FAU_STG: 1
- FAU_STG.1: 4
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FAU_STG_EXT: 2
- FAU_STG_EXT.1: 5
- FAU_STG_EXT.1.1: 1
- FAU_STG_EXT.1.2: 1
- FAU_STG_EXT.1.3: 1
- FCS:
- FCS_CKM: 2
- FCS_CKM.1: 17
- FCS_CKM.1.1: 1
- FCS_CKM.2: 10
- FCS_CKM.2.1: 1
- FCS_CKM.4: 11
- FCS_CKM.4.1: 1
- FCS_COP: 28
- FCS_COP.1: 6
- FCS_NTP_EXT.1.4: 1
- FCS_RBG_EXT: 2
- FCS_RBG_EXT.1: 7
- FCS_RBG_EXT.1.1: 2
- FCS_RBG_EXT.1.2: 1
- FCS_SSHC_EXT.1.5: 1
- FCS_SSHS_EXT: 1
- FCS_SSHS_EXT.1: 6
- FCS_SSHS_EXT.1.1: 1
- FCS_SSHS_EXT.1.2: 1
- FCS_SSHS_EXT.1.3: 1
- FCS_SSHS_EXT.1.4: 1
- FCS_SSHS_EXT.1.5: 2
- FCS_SSHS_EXT.1.6: 1
- FCS_SSHS_EXT.1.7: 1
- FCS_SSHS_EXT.1.8: 1
- FCS_TLSC_EXT.1.1: 2
- FIA:
- FIA_AFL: 2
- FIA_AFL.1: 9
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_PMG_EXT: 2
- FIA_PMG_EXT.1: 5
- FIA_PMG_EXT.1.1: 1
- FIA_UAU: 2
- FIA_UAU.7: 5
- FIA_UAU.7.1: 1
- FIA_UAU_EXT: 2
- FIA_UAU_EXT.2: 5
- FIA_UAU_EXT.2.1: 1
- FIA_UIA_EXT: 2
- FIA_UIA_EXT.1: 11
- FIA_UIA_EXT.1.1: 1
- FIA_UIA_EXT.1.2: 1
- FIA_UID.1: 3
- FMT:
- FMT_MOF: 19
- FMT_MOF.1: 3
- FMT_MTD: 14
- FMT_MTD.1: 2
- FMT_SMF: 2
- FMT_SMF.1: 13
- FMT_SMF.1.1: 1
- FMT_SMR: 2
- FMT_SMR.1: 5
- FMT_SMR.2: 12
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
- FPT:
- FPT_APW_EXT: 2
- FPT_APW_EXT.1: 6
- FPT_APW_EXT.1.1: 1
- FPT_APW_EXT.1.2: 1
- FPT_SKP_EXT: 2
- FPT_SKP_EXT.1: 5
- FPT_SKP_EXT.1.1: 1
- FPT_STM: 3
- FPT_STM.1: 3
- FPT_STM_EXT: 2
- FPT_STM_EXT.1: 2
- FPT_STM_EXT.1.1: 1
- FPT_STM_EXT.1.2: 1
- FPT_TST_EXT: 2
- FPT_TST_EXT.1: 6
- FPT_TST_EXT.1.1: 1
- FPT_TUD_EXT: 2
- FPT_TUD_EXT.1: 7
- FPT_TUD_EXT.1.1: 1
- FPT_TUD_EXT.1.2: 1
- FPT_TUD_EXT.1.3: 1
- FTA:
- FTA_SSL: 2
- FTA_SSL.3: 8
- FTA_SSL.4: 6
- FTA_SSL_EXT: 2
- FTA_SSL_EXT.1: 7
- FTA_SSL_EXT.1.1: 1
- FTA_TAB: 2
- FTA_TAB.1: 9
- FTP:
- FTP_ITC: 2
- FTP_ITC.1: 22
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_ITC.2: 6
- FTP_TRP: 8
- FTP_TRP.1: 3
- FTP_TUD.1: 1
|
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.ADMIN_CREDENTIALS_SECURE: 1
- A.LIMITED_FUNCTIONALITY: 1
- A.NO_THRU_TRAFFIC_PROTECTION: 1
- A.PHYSICAL_PROTECTION: 1
- A.REGULAR_UPDATES: 1
- A.RESIDUAL_INFORMATION: 1
- A.TRUSTED_ADMINSTRATOR: 1
- OE:
- OE.ADMIN_CREDENTIALS_SECURE: 1
- OE.NO_GENERAL_PURPOSE: 1
- OE.NO_THRU_TRAFFIC_PROTECTION: 1
- OE.PHYSICAL: 1
- OE.RESIDUAL_INFORMATION: 1
- OE.TRUSTED_ADMIN: 1
- OE.UPDATES: 1
- T:
- T.PASSWORD_CRACKING: 1
- T.SECURITY_FUNCTIONALITY_COMPROMISE: 1
- T.SECURITY_FUNCTIONALITY_FAILURE: 1
- T.UNAUTHORIZED_ADMINISTRATOR_ACCESS: 1
- T.UNDETECTED_ACTIVITY: 1
- T.UNTRUSTED_COMMUNICATION_CHANNELS: 1
- T.UPDATE_COMPROMISE: 1
- T.WEAK_AUTHENTICATION_ENDPOINTS: 1
- T.WEAK_CRYPTOGRAPHY: 1
|
- A:
- A.INTEGRATOR: 3
- A.PHYSICAL: 3
- A.POWER: 3
- O:
- OE:
- OE.INTEGRATOR: 4
- OE.PHYSICAL: 4
- OE.POWER: 4
- T:
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- constructions:
- MAC:
- HMAC: 1
- HMAC-SHA-256: 3
- HMAC-SHA-512: 2
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-256: 3
- SHA-384: 4
- SHA-512: 2
|
|
| pdf_data/st_keywords/crypto_scheme |
- KEX:
- Key Exchange: 3
- Key exchange: 1
- MAC:
|
|
| pdf_data/st_keywords/crypto_protocol |
- SSH:
- TLS:
- SSL:
- TLS:
- TLS: 7
- TLS1.1: 1
- TLS1.2: 1
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- NIST:
- P-256: 8
- P-384: 6
- P-521: 6
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2012-09-004: 1
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- FIPS:
- FIPS 180-4: 3
- FIPS 186-4: 2
- FIPS 197: 2
- FIPS 198-1: 3
- FIPS PUB 186-4: 6
- ISO:
- ISO/IEC 14888-3: 1
- ISO/IEC 18031:2011: 2
- ISO/IEC 9796-2: 1
- PKCS:
- RFC:
- RFC 3526: 2
- RFC 4251: 2
- RFC 4252: 1
- RFC 4253: 3
- RFC 4254: 1
- RFC 5656: 1
- RFC 6668: 1
- RFC3526: 1
- RFC5656: 1
- X509:
|
- CC:
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- It first provides a descriptive overview of the TOE and then summarises the items which are out of scope of the TOE. 1.5.1 Overview 5. The Target of Evaluation (TOE) is Juniper Networks, Inc. Junos OS 20: 1
- out of scope: 1
|
|
| pdf_data/st_metadata |
|
- /Author: Arne Stig Peters (Confiware ApS), Rasmus Borch (Arbit Cyber Defence Systems ApS)
- /CreationDate: D:20201210124819+01'00'
- /Creator: pdflatex
- /Keywords: Common Criteria, EAL7, Arbit Cyber Defence Systems, Cross Domain, Data Diode, Unidirectional, Network, Cyber Defence, Optical
- /ModDate: D:20201210124819+01'00'
- /PTEX.Fullbanner: This is MiKTeX-pdfTeX 4.0.1 (1.40.21)
- /Producer: Latex
- /Subject:
- /Title: Arbit Data Diode 10GbE - Security Target Lite
- /Trapped: /False
- pdf_file_size_bytes: 332201
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 16
|
| state/cert/convert_garbage |
True |
False |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
True |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |