| name |
Palo Alto Networks PA-220 Series, PA-400 Series, PA-800 Series, PA-3200 Series, PA-5200 Series, PA-5450, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS 10.1 |
IFX_CCI_00004Fh, IFX_CCI_000050h, IFX_CCI_000051h, IFX_CCI_000052h, IFX_CCI_000053h, IFX_CCI_000054h, IFX_CCI_000055h, IFX_CCI_000056h, IFX_CCI_000057h, IFX_CCI_000058h, IFX_CCI_00005Ch design step S11 with firmware 80.310.03.0 and 80.310.03.1, optional NRG™ SW 05.03.4097, optional HSL v3.52.9708, UMSLC lib v01.30.0564, optional SCL v2.15.000 and v2.11.003, optional ACL v3.33.003 and 3.35.001 and v3.02.000, optional RCL v1.10.007, optional HCL v1.13.002 and user guidance |
| category |
Network and Network-Related Devices and Systems |
ICs, Smart Cards and Smart Card-Related Devices and Systems |
| scheme |
US |
DE |
| status |
archived |
active |
| not_valid_after |
13.09.2024 |
09.09.2029 |
| not_valid_before |
31.08.2022 |
09.09.2024 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11284-ci.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1156V4c_pdf.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11284-vr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1156V4a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11284-st.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1156V4b_pdf.pdf |
| manufacturer |
Palo Alto Networks, Inc. |
Infineon Technologies AG |
| manufacturer_web |
https://www.paloaltonetworks.com/ |
https://www.infineon.com/ |
| security_level |
{} |
EAL6+, ALC_FLR.1 |
| dgst |
150bf4f0cdc34e0e |
c13bddb38caed8aa |
| heuristics/cert_id |
CCEVS-VR-VID-11284-2022 |
BSI-DSZ-CC-1156-V4-2024 |
| heuristics/cert_lab |
US |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ADV_FSP.1, ALC_CMC.1, AVA_VAN.1, ATE_IND.1, ALC_CMS.1 |
ASE_INT.1, ALC_DVS.2, ADV_TDS.5, ASE_ECD.1, ASE_TSS.1, ALC_FLR.1, ASE_SPD.1, ALC_CMS.5, AVA_VAN.5, ADV_COMP.1, ALC_DEL.1, ALC_LCD.1, ALC_TAT.3, ATE_FUN.2, ADV_FSP.5, AGD_OPE.1, AGD_PRE.1, ATE_DPT.3, ADV_ARC.1, ASE_OBJ.2, ADV_IMP.2, ALC_CMC.5, ASE_REQ.2, ADV_INT.3, ATE_IND.2, ASE_CCL.1, ATE_COV.3, ADV_SPM.1 |
| heuristics/extracted_versions |
10.1 |
1.10.007, 80.310.03.1, 3.35.001, 2.11.003, 3.52.9708, 01.30.0564, 05.03.4097, 80.310.03.0, 3.33.003, 3.02.000, 2.15.000, 1.13.002 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
BSI-DSZ-CC-1156-V3-2022 |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
BSI-DSZ-CC-1156-V2-2021, BSI-DSZ-CC-1156-V3-2022, BSI-DSZ-CC-1156-2021 |
| heuristics/scheme_data |
- category: Firewall, Network Device, Traffic Monitoring, Virtual Private Network
- certification_date: 31.08.2022
- evaluation_facility: Leidos Common Criteria Testing Laboratory
- expiration_date: 13.09.2024
- id: CCEVS-VR-VID11284
- product: Palo Alto Networks PA-220 Series, PA-400 Series, PA-800 Series, PA-3200 Series, PA-5200 Series, PA-5450, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS 10.1
- scheme: US
- url: https://www.niap-ccevs.org/product/11284
- vendor: Palo Alto Networks, Inc.
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
a4784f14919bdbe6, 89f2a255423f4a20 |
cf0f01bcd7be3e9c |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CFG_NDcPP-VPNGW_V1.2.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_ND_V2.2E.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0084b_pdf.pdf |
| pdf_data/cert_filename |
st_vid11284-ci.pdf |
1156V4c_pdf.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID11284-2022: 1
|
- DE:
- BSI-DSZ-CC-1156-V4-2024: 1
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
- EAL:
- EAL 2: 1
- EAL 5: 1
- EAL 6: 1
- EAL 6 augmented: 1
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
- Infineon:
- Infineon Technologies AG: 1
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /CreationDate: D:20220906175610-04'00'
- /ModDate: D:20220906175610-04'00'
- /Producer: iText 2.1.0 (by lowagie.com)
- pdf_file_size_bytes: 182730
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /Subject: IFX_CCI_00004Fh, IFX_CCI_000050h, IFX_CCI_000051h, IFX_CCI_000052h, IFX_CCI_000053h, IFX_CCI_000054h, IFX_CCI_000055h, IFX_CCI_000056h, IFX_CCI_000057h, IFX_CCI_000058h, IFX_CCI_00005Ch design step S11 with firmware 80.310.03.0 and 80.310.03.1, optional NRG™ SW 05.03.4097, optional HSL v3.52.9708, UMSLC lib v01.30.0564, optional SCL v2.15.000 and v2.11.003, optional ACL v3.33.003 and 3.35.001 and v3.02.000, optional RCL v1.10.007, optional HCL v1.13.002 and user guidance
- /Title: Certification Report BSI-DSZ-CC-1156V4-2024
- pdf_file_size_bytes: 237509
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
st_vid11284-vr.pdf |
1156V4a_pdf.pdf |
| pdf_data/report_frontpage |
- DE:
- US:
- cert_id: CCEVS-VR-VID11284-2022
- cert_item: for Palo Alto Networks PA-220 Series, PA-400 Series, PA- 800 Series, PA-3200 Series, PA-5200 Series, PA-5450, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS 10.1
- cert_lab: US NIAP
|
- DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 6 augmented by ALC_FLR.1 valid until: 8 September 2029
- cc_version: PP conformant Common Criteria Part 2 extended
- ref_protection_profiles: Security IC Platform Protection Profile with Augmentation Packages Version 1.0, 13 January 2014, BSI-CC-PP-0084-2014
- US:
|
| pdf_data/report_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID11284-2022: 1
|
- DE:
- BSI-DSZ-CC-1156-V3-2022: 3
- BSI-DSZ-CC-1156-V4-2024: 25
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
- BSI:
- BSI-CC-PP-0084-: 1
- BSI-CC-PP-0084-2014: 3
|
| pdf_data/report_keywords/cc_security_level |
|
- EAL:
- EAL 1: 1
- EAL 2: 3
- EAL 4: 1
- EAL 5: 4
- EAL 6: 4
- EAL 6 augmented: 3
- EAL5+: 1
- EAL6: 1
|
| pdf_data/report_keywords/cc_sar |
|
- ADV:
- AGD:
- ALC:
- ALC_CMC.5: 1
- ALC_CMS.5: 1
- ALC_DEL.1: 1
- ALC_DVS.2: 1
- ALC_FLR: 3
- ALC_FLR.1: 5
- ALC_LCD.1: 1
- ALC_TAT.3: 1
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
- Infineon:
- Infineon: 3
- Infineon Technologies AG: 23
|
| pdf_data/report_keywords/eval_facility |
|
- TUV:
- TÜV Informationstechnik: 6
|
| pdf_data/report_keywords/symmetric_crypto |
|
- AES_competition:
- DES:
- 3DES:
- TDEA: 1
- TDES: 4
- Triple-DES: 2
- constructions:
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
- SHA:
- SHA1:
- SHA2:
- SHA-224: 1
- SHA-256: 2
- SHA-384: 1
- SHA-512: 1
|
| pdf_data/report_keywords/crypto_scheme |
|
- KA:
- Key Agreement: 1
- Key agreement: 3
- KEX:
- MAC:
|
| pdf_data/report_keywords/crypto_protocol |
- IKE:
- IPsec:
- SSH:
- TLS:
- VPN:
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
- FI:
- SCA:
- DPA: 4
- SPA: 4
- physical probing: 1
|
| pdf_data/report_keywords/technical_report_id |
|
- BSI:
- BSI 7148: 1
- BSI TR-02102: 1
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
- BSI:
- AIS 1: 1
- AIS 14: 1
- AIS 19: 1
- AIS 20: 2
- AIS 23: 1
- AIS 25: 1
- AIS 26: 1
- AIS 27: 1
- AIS 31: 2
- AIS 32: 1
- AIS 34: 2
- AIS 35: 2
- AIS 36: 3
- AIS 37: 1
- AIS 38: 1
- AIS 41: 1
- AIS 46: 1
- AIS 47: 1
- AIS20: 3
- AIS31: 6
- FIPS:
- FIPS PUB 186-4: 1
- FIPS180-4: 7
- FIPS186-4: 13
- FIPS197: 3
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- PKCS:
- RFC:
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
- ConfidentialDocument:
- TÜV Informationstechnik GmbH, (confidential document) [8] Security IC Platform Protection Profile with Augmentation Packages Version 1.0, 13 January: 1
- 2,19 April 2021, Infineon Technologies AG (confidential document) [12] Hardware Reference Manual, Version 5.2, 2020-12-21, SLC36 32-bit Security Controller – V16: 1
- IFX_CCI_000057h, IFX_CCI_000058h, IFX_CCI_00005Ch, S11 Security Target, Infineon Technologies AG (confidential document) [7] Evaluation Technical Report, Version 1, 2024-08-22, EVALUATION TECHNICAL REPORT SUMMARY (ETR: 1
- Standards Compliance Verification”, Version 2, 5. July 2024, TÜV Informationstechnik GmbH (confidential document) 38 / 42 BSI-DSZ-CC-1156-V4-2024 Certification Report C. Excerpts from the Criteria For the: 1
- TECHNICAL REPORT FOR COMPOSITE EVALUATION (ETR for COMP)”, TÜV Informationstechnik GmbH (confidential document [11] Infineon Technologies AG Chipcard and Security Evaluation Documentation Life Cycle Support: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- OutOfScope:
- out of scope: 1
- secure iShare server Table 2: Deliverables of the TOE Please note that NRGTM and the toolbox are out of scope of this evaluation, hence no evaluated TOE guidance documentation applies. Except for the function: 1
|
| pdf_data/report_metadata |
- /CreationDate: D:20220906174944-04'00'
- /Creator: Microsoft® Word for Microsoft 365
- /ModDate: D:20220906174944-04'00'
- /Producer: Microsoft® Word for Microsoft 365
- pdf_file_size_bytes: 831523
- pdf_hyperlinks: http://www.niap-ccevs.org/
- pdf_is_encrypted: False
- pdf_number_of_pages: 41
|
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /Keywords: "Common Criteria, Certification, Zertifizierung, SmartCard, Infineon Technologies AG, PP-0084"
- /Subject: Common Criteria, Certification, Zertifizierung, SmartCard, Infineon Technologies AG, PP-0084
- /Title: Certification Report BSI-DSZ-CC-1156V4-2024
- pdf_file_size_bytes: 916775
- pdf_hyperlinks: https://www.sogis.eu/, https://www.bsi.bund.de/AIS, http://www.commoncriteriaportal.org/, https://www.iso.org/standard/72917.html, https://www.bsi.bund.de/, https://standards.iso.org/ittf/PubliclyAvailableStandards/index.html, https://www.commoncriteriaportal.org/, https://www.iso.org/standard/72891.html, https://www.bsi.bund.de/zertifizierung, https://www.iso.org/standard/72892.html, https://www.iso.org/standard/72906.html, https://www.bsi.bund.de/zertifizierungsreporte, https://www.iso.org/standard/72913.html, https://www.commoncriteriaportal.org/cc/index.cfm
- pdf_is_encrypted: False
- pdf_number_of_pages: 42
|
| pdf_data/st_filename |
st_vid11284-st.pdf |
1156V4b_pdf.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL 6: 2
- EAL 6 augmented: 2
- EAL5+: 1
- EAL6: 4
- EAL6 augmented: 2
- EAL6+: 2
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- AGD:
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL: 1
- ASE_ECD: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_REQ: 1
- ASE_SPD: 1
- ASE_TSS: 1
- ATE:
- AVA:
|
- ADV:
- ADV_ARC.1: 1
- ADV_COMP.1: 1
- ADV_FSP: 1
- ADV_FSP.4: 1
- ADV_FSP.5: 4
- ADV_IMP: 1
- ADV_IMP.2: 2
- ADV_INT.3: 1
- ADV_SPM.1: 1
- ADV_TDS.5: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC: 1
- ALC_CMC.5: 3
- ALC_CMS: 1
- ALC_CMS.4: 1
- ALC_CMS.5: 3
- ALC_DEL.1: 1
- ALC_DVS: 1
- ALC_DVS.2: 1
- ALC_FLR: 1
- ALC_FLR.1: 4
- ALC_LCD.1: 1
- ALC_TAT: 1
- ALC_TAT.3: 1
- ASE:
- ASE_CCL: 5
- ASE_CCL.1: 1
- ASE_ECD: 4
- ASE_ECD.1: 1
- ASE_INT: 16
- ASE_INT.1: 1
- ASE_OBJ: 6
- ASE_OBJ.2: 1
- ASE_REQ: 36
- ASE_REQ.2: 1
- ASE_SPD: 4
- ASE_SPD.1: 1
- ASE_TSS: 5
- ASE_TSS.1: 1
- ATE:
- ATE_COV: 1
- ATE_COV.3: 2
- ATE_DPT.3: 1
- ATE_FUN.2: 1
- ATE_IND.2: 1
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 5
- FAU_GEN.1: 5
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 2
- FAU_GEN.2: 3
- FAU_GEN.2.1: 1
- FAU_STG_EXT: 1
- FAU_STG_EXT.1: 3
- FAU_STG_EXT.1.1: 1
- FAU_STG_EXT.1.2: 1
- FAU_STG_EXT.1.3: 1
- FCS:
- FCS_CKM: 9
- FCS_CKM.1: 4
- FCS_CKM.1.1: 1
- FCS_CKM.2: 7
- FCS_CKM.2.1: 1
- FCS_CKM.4: 3
- FCS_CKM.4.1: 1
- FCS_COP: 14
- FCS_COP.1: 4
- FCS_NTP_EXT.1: 1
- FCS_NTP_EXT.1.4: 1
- FCS_RBG_EXT: 1
- FCS_RBG_EXT.1: 5
- FCS_RBG_EXT.1.1: 1
- FCS_RBG_EXT.1.2: 1
- FCS_SSHS_EXT: 1
- FCS_SSHS_EXT.1: 3
- FCS_SSHS_EXT.1.1: 1
- FCS_SSHS_EXT.1.2: 2
- FCS_SSHS_EXT.1.3: 1
- FCS_SSHS_EXT.1.4: 1
- FCS_SSHS_EXT.1.5: 1
- FCS_SSHS_EXT.1.6: 1
- FCS_SSHS_EXT.1.7: 1
- FCS_SSHS_EXT.1.8: 1
- FCS_TLSC_EXT: 2
- FCS_TLSC_EXT.1: 3
- FCS_TLSC_EXT.1.1: 1
- FCS_TLSC_EXT.1.2: 1
- FCS_TLSC_EXT.1.3: 1
- FCS_TLSC_EXT.1.4: 1
- FCS_TLSC_EXT.2: 2
- FCS_TLSC_EXT.2.1: 1
- FCS_TLSC_EXT.2.3: 1
- FCS_TLSS_EXT: 2
- FCS_TLSS_EXT.1: 4
- FCS_TLSS_EXT.1.1: 1
- FCS_TLSS_EXT.1.2: 1
- FCS_TLSS_EXT.1.3: 1
- FCS_TLSS_EXT.1.4: 1
- FCS_TLSS_EXT.2: 2
- FCS_TLSS_EXT.2.1: 1
- FCS_TLSS_EXT.2.2: 1
- FCS_TLSS_EXT.2.3: 1
- FDP:
- FIA:
- FIA_AFL: 1
- FIA_AFL.1: 9
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_PMG_EXT: 1
- FIA_PMG_EXT.1: 3
- FIA_PMG_EXT.1.1: 1
- FIA_UAU: 1
- FIA_UAU.7: 3
- FIA_UAU.7.1: 1
- FIA_UAU_EXT: 1
- FIA_UAU_EXT.2: 2
- FIA_UAU_EXT.2.1: 1
- FIA_UIA_EXT: 1
- FIA_UIA_EXT.1: 5
- FIA_UIA_EXT.1.1: 1
- FIA_UIA_EXT.1.2: 1
- FMT:
- FMT_MOF: 8
- FMT_MOF.1: 2
- FMT_MTD: 8
- FMT_MTD.1: 2
- FMT_SMF: 8
- FMT_SMF.1: 5
- FMT_SMF.1.1: 2
- FMT_SMR: 1
- FMT_SMR.2: 3
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
- FPT:
- FPT_APW_EXT: 1
- FPT_APW_EXT.1: 3
- FPT_APW_EXT.1.1: 1
- FPT_APW_EXT.1.2: 1
- FPT_FLS: 3
- FPT_FLS.1: 1
- FPT_SKP_EXT: 1
- FPT_SKP_EXT.1: 3
- FPT_SKP_EXT.1.1: 1
- FPT_STM_EXT: 1
- FPT_STM_EXT.1: 4
- FPT_STM_EXT.1.1: 1
- FPT_STM_EXT.1.2: 2
- FPT_TST_EXT: 3
- FPT_TST_EXT.1: 3
- FPT_TST_EXT.1.1: 1
- FPT_TST_EXT.3: 2
- FPT_TST_EXT.3.1: 1
- FPT_TST_EXT.3.2: 1
- FPT_TUD_EXT: 1
- FPT_TUD_EXT.1: 3
- FPT_TUD_EXT.1.1: 1
- FPT_TUD_EXT.1.2: 1
- FPT_TUD_EXT.1.3: 1
- FTA:
- FTA_SSL: 2
- FTA_SSL.3: 3
- FTA_SSL.3.1: 1
- FTA_SSL.4: 2
- FTA_SSL.4.1: 1
- FTA_SSL_EXT: 1
- FTA_SSL_EXT.1: 3
- FTA_SSL_EXT.1.1: 1
- FTA_TAB: 1
- FTA_TAB.1: 4
- FTA_TAB.1.1: 1
- FTP:
- FTP_ITC: 4
- FTP_ITC.1: 9
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP: 4
- FTP_TRP.1: 3
|
- FAU:
- FAU_GEN: 1
- FAU_SAS: 4
- FAU_SAS.1: 5
- FAU_SAS.1.1: 1
- FCS:
- FCS_CKM: 31
- FCS_CKM.1: 21
- FCS_CKM.2: 4
- FCS_CKM.4: 4
- FCS_CKM.5: 22
- FCS_CKM.6: 17
- FCS_CKM.6.1: 2
- FCS_COP: 37
- FCS_COP.1: 15
- FCS_RBG.1: 4
- FCS_RNG: 31
- FCS_RNG.1: 27
- FDP:
- FDP_ACC: 9
- FDP_ACC.1: 17
- FDP_ACC.1.1: 1
- FDP_ACF: 10
- FDP_ACF.1: 14
- FDP_ACF.1.1: 2
- FDP_ACF.1.2: 2
- FDP_ACF.1.3: 2
- FDP_ACF.1.4: 1
- FDP_IFC.1: 7
- FDP_ITC.1: 15
- FDP_ITC.2: 15
- FDP_ITT.1: 3
- FDP_SDC: 1
- FDP_SDC.1: 4
- FDP_SDC.1.1: 1
- FDP_SDI.1: 1
- FDP_SDI.2: 4
- FDP_SDI.2.1: 1
- FDP_SDI.2.2: 1
- FDP_UCT.1: 8
- FDP_UCT.1.1: 1
- FDP_UIT.1: 8
- FDP_UIT.1.1: 1
- FDP_UIT.1.2: 1
- FIA:
- FIA_API: 1
- FIA_API.1: 6
- FIA_API.1.1: 1
- FIA_UID: 7
- FIA_UID.1: 10
- FIA_UID.2: 3
- FMT:
- FMT_LIM: 14
- FMT_LIM.1: 13
- FMT_LIM.1.1: 1
- FMT_LIM.2: 9
- FMT_LIM.2.1: 1
- FMT_MSA.1: 7
- FMT_MSA.1.1: 1
- FMT_MSA.3: 10
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD: 10
- FMT_MTD.1: 1
- FMT_SMF: 8
- FMT_SMF.1: 10
- FMT_SMF.1.1: 1
- FMT_SMR: 8
- FMT_SMR.1: 15
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_FLS.1: 5
- FPT_ITT.1: 3
- FPT_PHP.3: 3
- FPT_TST: 5
- FPT_TST.1: 9
- FPT_TST.2: 28
- FPT_TST.2.1: 1
- FRU:
- FTP:
- FTP_ITC.1: 14
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP.1: 4
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.COMPONENTS_RUNNING: 1
- A.PHYSICAL_PROTECTION: 1
- OE:
- OE.ADMIN_CREDENTIALS_SECURE: 1
- OE.COMPONENTS_RUNNING: 1
- OE.CONNECTIONS: 1
- OE.NO_GENERAL_PURPOSE: 1
- OE.NO_THRU_TRAFFIC_PROTECTION: 1
- OE.PHYSICAL: 1
- OE.RESIDUAL_INFORMATION: 1
- OE.TRUSTED_ADMIN: 1
- OE.UPDATES: 1
- OE.VM_CONFIGURATION: 1
|
- O:
- O.AES: 2
- O.AES-TDES-MAC: 5
- O.ECC: 5
- O.HASH: 5
- O.RND: 1
- O.RSA: 5
- O.TDES: 2
- T:
|
| pdf_data/st_keywords/vendor |
|
- Infineon:
- Infineon: 3
- Infineon Technologies: 7
- Infineon Technologies AG: 13
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- AES:
- AES: 35
- AES-: 2
- AES-256: 5
- DES:
- constructions:
- MAC:
- HMAC: 13
- HMAC-SHA-256: 7
- HMAC-SHA-384: 4
- HMAC-SHA-512: 6
|
- AES_competition:
- DES:
- 3DES:
- TDEA: 1
- TDES: 16
- Triple-DES: 1
- DES:
- constructions:
- miscellaneous:
|
| pdf_data/st_keywords/asymmetric_crypto |
- ECC:
- FF:
- DH:
- DH: 32
- DHE: 3
- Diffie-Hellman: 8
- DSA:
- RSA:
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-256: 8
- SHA-384: 6
- SHA-512: 4
- SHA256: 4
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
- IKE:
- IKE: 30
- IKEv1: 15
- IKEv2: 13
- IPsec:
- SSH:
- TLS:
- DTLS:
- SSL:
- SSL: 6
- SSL 2.0: 3
- SSL 3.0: 3
- TLS:
- TLS: 90
- TLS 1.0: 3
- TLS 1.1: 3
- TLS 1.2: 4
- TLSv1.1: 2
- TLSv1.2: 6
- VPN:
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- NIST:
- P-256: 24
- P-384: 18
- P-521: 10
- secp256r1: 5
- secp384r1: 4
- secp521r1: 3
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 4
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 4
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 4
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 2
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 4
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 4
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 2
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 4
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 4
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 4
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 4
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 4
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
- FI:
- SCA:
- DPA: 2
- Leak-Inherent: 5
- Physical Probing: 2
- SPA: 1
- side channel: 1
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- FIPS:
- FIPS 186-4: 4
- FIPS PUB 186-4: 20
- ISO:
- ISO/IEC 14888-3: 2
- ISO/IEC 18031:2011: 5
- ISO/IEC 9796-2: 2
- NIST:
- NIST SP 800-56A: 2
- SP 800-135: 2
- SP 800-90A: 2
- PKCS:
- RFC:
- RFC 2460: 2
- RFC 2818: 3
- RFC 2986: 2
- RFC 3268: 8
- RFC 3447: 2
- RFC 3513: 2
- RFC 3526: 11
- RFC 35269: 1
- RFC 3602: 3
- RFC 3986: 2
- RFC 4106: 1
- RFC 4109: 1
- RFC 4253: 1
- RFC 4301: 2
- RFC 4303: 2
- RFC 4304: 1
- RFC 4346: 3
- RFC 4443: 1
- RFC 4492: 12
- RFC 4868: 1
- RFC 4945: 1
- RFC 5077: 3
- RFC 5114: 2
- RFC 5246: 8
- RFC 5280: 4
- RFC 5289: 28
- RFC 5735: 2
- RFC 5759: 1
- RFC 5996: 3
- RFC 6125: 4
- RFC 6598: 2
- RFC 6960: 1
- RFC 768: 2
- RFC 791: 2
- RFC 7919: 1
- RFC 792: 1
- RFC 793: 3
- RFC 959: 1
- RFC2409: 1
- RFC4945: 1
- X509:
|
- BSI:
- FIPS:
- ICAO:
- ISO:
- ISO/IEC 14443: 6
- ISO/IEC 14443-4: 1
- ISO/IEC 18092: 4
- ISO/IEC 7816-3: 1
- ISO/IEC14443-3: 1
- RFC:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- and URL Filtering security policies/profiles are not evaluated and therefore, these features are out of scope. API request over HTTP By default, the TOE supports API requests over HTTPS or HTTPS tunneled over: 1
- Policies The TLS and SSH decryption policies are not evaluated and therefore, these features are out of scope. Anti-Virus, Anti-Spyware, Anti- Malware Security Policies The Anti-Virus, Anti-Spyware: 1
- functional requirements: TLS, HTTPS, SSH, IKE/IPsec. The features below and Normal mode are out of scope. Table 2 Excluded Features Feature Description Telnet and HTTP Management Protocols Telnet and HTTP: 1
- is secured with TLS using FIPS-approved algorithms. The threat prevention signatures themselves are out of scope (i.e., not evaluated). Page 12 of 84 Management The next-generation firewall provides both direct: 1
- malformed, fragmented packets. The protection from viruses, worm, and spyware using signatures are out of scope (i.e., not evaluated). • DoS Protection – the firewall is designed to protect against flooding: 1
- out of scope: 6
- security policies (i.e., profiles) are not evaluated and therefore, there features are out of scope. File Blocking, DLP, and URL Filtering Security Policies The File Blocking, DLP (Data Loss: 1
|
|
| pdf_data/st_metadata |
|
|
| state/cert/convert_garbage |
True |
False |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
True |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |