| name |
ZonePoint version 3.0, build 330 |
Palo Alto Networks Panorama 10.1 |
| category |
Data Protection |
Network and Network-Related Devices and Systems |
| scheme |
FR |
US |
| status |
archived |
active |
| not_valid_after |
01.09.2019 |
16.05.2025 |
| not_valid_before |
22.04.2014 |
04.08.2022 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11285-ci.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/rapport.%202014-36.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11285-vr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/PRIMX-ZonePoint%203.0%20Cible%20de%20sécurité%20(PX128371r9).pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11285-st.pdf |
| manufacturer |
PrimX Technologies |
Palo Alto Networks, Inc. |
| manufacturer_web |
https://www.primx.eu/en/index.aspx |
https://www.paloaltonetworks.com/ |
| security_level |
EAL3+, AVA_VAN.3, ALC_FLR.3 |
{} |
| dgst |
7f2507d1e1ff6907 |
cc0f706a935c08bc |
| heuristics/cert_id |
ANSSI-CC-2014/36 |
CCEVS-VR-VID-11285-2022 |
| heuristics/cert_lab |
AMOSSYS |
US |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
AVA_VAN.3, ALC_FLR.3 |
ADV_FSP.1, ALC_CMC.1, AVA_VAN.1, ATE_IND.1, ALC_CMS.1, AGD_OPE.1, AGD_PRE.1 |
| heuristics/extracted_versions |
3.0 |
10.1 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
89f2a255423f4a20 |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_ND_V2.2E.pdf |
| pdf_data/cert_filename |
|
st_vid11285-ci.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
- US:
- CCEVS-VR-VID11285-2022: 1
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
- /CreationDate: D:20220805182522-04'00'
- /ModDate: D:20220805182522-04'00'
- /Producer: iText 2.1.0 (by lowagie.com)
- pdf_file_size_bytes: 179276
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
rapport. 2014-36.pdf |
st_vid11285-vr.pdf |
| pdf_data/report_frontpage |
- FR:
- cc_security_level: EAL 3 augmenté ALC_FLR.3, AVA_VAN.3
- cc_version: Critères Communs version 3.1 révision 4
- cert_id: ANSSI-CC-2014/36
- cert_item: ZonePoint
- cert_item_version: version 3.0, build 330
- cert_lab: Amossys 4 bis allée du bâtiment, 35000 Rennes, France
- developer: Prim'X Technologies 10 place Charles Béraudier, 69428 Lyon Cedex 03, France Commanditaire Prim'X Technologies 10 place Charles Béraudier, 69428 Lyon Cedex 03, France
- match_rules: ['Référence du rapport de certification(.+)Nom du produit(.+)Référence/version du produit(.+)Conformité à un profil de protection(.+)Critères d’évaluation et version(.+)Niveau d’évaluation(.+)Développeur (.+)Centre d’évaluation(.+)Accords de reconnaissance applicables']
- ref_protection_profiles: Néant
- US:
|
- FR:
- US:
- cert_id: CCEVS-VR-VID11285-2022
- cert_item: for Palo Alto Networks Panorama v10.1
- cert_lab: US NIAP
|
| pdf_data/report_keywords/cc_cert_id |
|
- US:
- CCEVS-VR-VID11285-2022: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 1
- EAL 3: 3
- EAL 5: 1
- EAL 7: 1
- EAL3+: 2
- EAL4: 2
- ITSEC:
|
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- ADV_ARC: 1
- ADV_FSP: 1
- ADV_IMP: 1
- ADV_INT: 1
- ADV_SPM: 1
- ADV_TDS: 1
- AGD:
- ALC:
- ALC_CMC: 1
- ALC_CMS: 1
- ALC_DEL: 1
- ALC_DVS: 1
- ALC_FLR: 2
- ALC_FLR.3: 2
- ALC_LCD: 1
- ALC_TAT: 1
- ASE:
- ASE_CCL: 1
- ASE_ECD: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_REQ: 1
- ASE_SPD: 1
- ASE_TSS: 1
- ATE:
- ATE_COV: 1
- ATE_DPT: 1
- ATE_FUN: 1
- ATE_IND: 1
- AVA:
|
- ADV:
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ATE:
- AVA:
|
| pdf_data/report_keywords/cc_sfr |
|
- FCS:
- FCS_CKM.1: 2
- FCS_CKM.2: 2
- FCS_COP: 6
- FCS_RBG_EXT.1: 2
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
- AES_competition:
- constructions:
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCMB-2012-09-001: 1
- CCMB-2012-09-002: 1
- CCMB-2012-09-003: 1
- CCMB-2012-09-004: 1
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
- OutOfScope:
- e., stateful inspection filtering, IPsec VPN gateway, IPS/IDS threat prevention) are not evaluated (out of scope). Only the secure communication channels from Panorama to firewalls and Wildfires are claimed. The: 1
- out of scope: 1
|
| pdf_data/report_metadata |
- /Author:
- /CreationDate:
- /Creator: PDFCreator Version 1.2.1
- /Keywords:
- /ModDate:
- /Producer: GPL Ghostscript 9.02
- /Subject:
- /Title: rapport. 2014-36
- pdf_file_size_bytes: 142163
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 15
|
|
| pdf_data/st_filename |
|
st_vid11285-st.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
|
| pdf_data/st_keywords/cc_sar |
|
- ADV:
- AGD:
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL: 1
- ASE_ECD: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_REQ: 1
- ASE_SPD: 1
- ASE_TSS: 1
- ATE:
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
|
- FAU:
- FAU_GEN: 2
- FAU_GEN.1: 3
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 2
- FAU_GEN.2: 3
- FAU_GEN.2.1: 1
- FAU_STG_EXT: 1
- FAU_STG_EXT.1: 3
- FAU_STG_EXT.1.1: 1
- FAU_STG_EXT.1.2: 1
- FAU_STG_EXT.1.3: 1
- FCS:
- FCS_CKM: 5
- FCS_CKM.1: 5
- FCS_CKM.1.1: 1
- FCS_CKM.2: 6
- FCS_CKM.2.1: 1
- FCS_CKM.4: 3
- FCS_CKM.4.1: 1
- FCS_COP: 19
- FCS_COP.1: 4
- FCS_NTP_EXT.1: 1
- FCS_NTP_EXT.1.4: 1
- FCS_RBG_EXT: 1
- FCS_RBG_EXT.1: 5
- FCS_RBG_EXT.1.1: 1
- FCS_RBG_EXT.1.2: 1
- FCS_SSHS_EXT: 1
- FCS_SSHS_EXT.1: 3
- FCS_SSHS_EXT.1.1: 1
- FCS_SSHS_EXT.1.2: 2
- FCS_SSHS_EXT.1.3: 1
- FCS_SSHS_EXT.1.4: 1
- FCS_SSHS_EXT.1.5: 1
- FCS_SSHS_EXT.1.6: 1
- FCS_SSHS_EXT.1.7: 1
- FCS_SSHS_EXT.1.8: 1
- FCS_TLSC_EXT: 2
- FCS_TLSC_EXT.1: 3
- FCS_TLSC_EXT.1.1: 1
- FCS_TLSC_EXT.1.2: 1
- FCS_TLSC_EXT.1.3: 1
- FCS_TLSC_EXT.1.4: 1
- FCS_TLSC_EXT.2: 2
- FCS_TLSC_EXT.2.1: 1
- FCS_TLSC_EXT.2.3: 1
- FCS_TLSS_EXT: 1
- FCS_TLSS_EXT.1: 9
- FCS_TLSS_EXT.1.1: 2
- FCS_TLSS_EXT.1.2: 2
- FCS_TLSS_EXT.1.3: 2
- FCS_TLSS_EXT.1.4: 2
- FCS_TLSS_EXT.2: 3
- FCS_TLSS_EXT.2.1: 1
- FCS_TLSS_EXT.2.2: 1
- FCS_TLSS_EXT.2.3: 1
- FIA:
- FIA_AFL: 1
- FIA_AFL.1: 9
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_PMG_EXT: 1
- FIA_PMG_EXT.1: 3
- FIA_PMG_EXT.1.1: 1
- FIA_UAU: 1
- FIA_UAU.7: 3
- FIA_UAU.7.1: 1
- FIA_UAU_EXT: 1
- FIA_UAU_EXT.2: 2
- FIA_UAU_EXT.2.1: 1
- FIA_UIA_EXT: 1
- FIA_UIA_EXT.1: 5
- FIA_UIA_EXT.1.1: 1
- FIA_UIA_EXT.1.2: 1
- FMT:
- FMT_MOF: 4
- FMT_MOF.1: 1
- FMT_MTD: 4
- FMT_MTD.1: 1
- FMT_SMF: 1
- FMT_SMF.1: 3
- FMT_SMF.1.1: 2
- FMT_SMR: 1
- FMT_SMR.2: 3
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
- FPT:
- FPT_APW_EXT: 1
- FPT_APW_EXT.1: 3
- FPT_APW_EXT.1.1: 1
- FPT_APW_EXT.1.2: 1
- FPT_SKP_EXT: 1
- FPT_SKP_EXT.1: 3
- FPT_SKP_EXT.1.1: 1
- FPT_STM_EXT: 1
- FPT_STM_EXT.1: 4
- FPT_STM_EXT.1.1: 1
- FPT_STM_EXT.1.2: 2
- FPT_TST_EXT: 1
- FPT_TST_EXT.1: 3
- FPT_TST_EXT.1.1: 1
- FPT_TUD_EXT: 1
- FPT_TUD_EXT.1: 3
- FPT_TUD_EXT.1.1: 1
- FPT_TUD_EXT.1.2: 1
- FPT_TUD_EXT.1.3: 1
- FTA:
- FTA_SSL: 2
- FTA_SSL.3: 3
- FTA_SSL.3.1: 1
- FTA_SSL.4: 2
- FTA_SSL.4.1: 1
- FTA_SSL_EXT: 1
- FTA_SSL_EXT.1: 3
- FTA_SSL_EXT.1.1: 1
- FTA_TAB: 1
- FTA_TAB.1: 4
- FTA_TAB.1.1: 1
- FTP:
- FTP_ITC: 1
- FTP_ITC.1: 5
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP: 4
- FTP_TRP.1: 3
|
| pdf_data/st_keywords/cc_claims |
|
- A:
- A.COMPONENTS_RUNNING: 1
- A.PHYSICAL_PROTECTION: 1
- OE:
- OE.ADMIN_CREDENTIALS_SECURE: 1
- OE.COMPONENTS_RUNNING: 1
- OE.NO_GENERAL_PURPOSE: 1
- OE.NO_THRU_TRAFFIC_PROTECTION: 1
- OE.PHYSICAL: 1
- OE.RESIDUAL_INFORMATION: 1
- OE.TRUSTED_ADMIN: 1
- OE.UPDATES: 1
- OE.VM_CONFIGURATION: 1
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
- AES_competition:
- DES:
- constructions:
- MAC:
- HMAC: 10
- HMAC-SHA-256: 8
- HMAC-SHA-384: 3
- HMAC-SHA-512: 5
|
| pdf_data/st_keywords/asymmetric_crypto |
|
- ECC:
- FF:
- DH:
- DH: 7
- DHE: 4
- Diffie-Hellman: 7
- DSA:
- RSA:
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
- SHA:
- SHA1:
- SHA2:
- SHA-256: 8
- SHA-384: 5
- SHA-512: 4
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
- IKE:
- IPsec:
- SSH:
- TLS:
- DTLS:
- SSL:
- SSL: 4
- SSL 2.0: 4
- SSL 3.0: 4
- TLS:
- TLS: 86
- TLS 1.0: 4
- TLS 1.1: 3
- TLS 1.2: 4
- TLSv1.1: 3
- TLSv1.2: 6
- VPN:
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
- NIST:
- P-256: 24
- P-384: 16
- P-521: 14
- secp256r1: 6
- secp384r1: 6
- secp521r1: 3
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 4
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 4
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 4
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 4
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 2
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 4
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 6
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 2
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 4
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 6
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 2
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 6
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 2
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 2
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 6
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
- FIPS:
- FIPS 186-4: 3
- FIPS PUB 186-4: 18
- ISO:
- ISO/IEC 14888-3: 2
- ISO/IEC 18031:2011: 4
- ISO/IEC 9796-2: 2
- NIST:
- SP 800-135: 2
- SP 800-90A: 2
- PKCS:
- RFC:
- RFC 2818: 2
- RFC 2986: 2
- RFC 3268: 8
- RFC 3447: 2
- RFC 3526: 8
- RFC 3986: 2
- RFC 4253: 1
- RFC 4346: 3
- RFC 4492: 8
- RFC 5077: 5
- RFC 5246: 12
- RFC 5280: 5
- RFC 5289: 36
- RFC 5759: 1
- RFC 6125: 4
- RFC 7919: 1
- X509:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- If it is stored via External HSM (operational environment), it is protected by the HSM and is out of scope. The TOE also zeroizes (i.e., overwrites) non-persistent cryptographic keys as soon as their: 1
- e., stateful inspection filtering, IPsec VPN gateway, IPS/IDS threat prevention) are not evaluated (out of scope). Only the secure communication channels from Panorama to firewalls and Wildfires are claimed. The: 1
- extent specified by the security functional requirements: TLS, HTTPS, SSH. The features below are out of scope. Table 2 Excluded Features Feature Description Telnet and HTTP Management Protocols Telnet and HTTP: 1
- operational environment), it is protected by the HSM and is out of scope. The TOE also zeroizes (i.e: 1
- out of scope: 3
|
| pdf_data/st_metadata |
|
|
| state/cert/convert_garbage |
False |
True |
| state/cert/convert_ok |
False |
True |
| state/cert/download_ok |
False |
True |
| state/cert/extract_ok |
False |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
False |
True |
| state/st/download_ok |
False |
True |
| state/st/extract_ok |
False |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |