| name |
Security Threat Exclusion System SHIELD/ExLink-IA 1.0 |
Juniper MX240 MX480, MX960, MX2010, MX2020, EX9204, EX9208, EX9214, PTX3000, PTX5000 with JUNOS 14.2R3 |
| category |
Network and Network-Related Devices and Systems |
Network and Network-Related Devices and Systems |
| scheme |
JP |
US |
| status |
archived |
archived |
| not_valid_after |
07.10.2013 |
28.02.2017 |
| not_valid_before |
22.03.2007 |
28.12.2015 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10661-ci.pdf |
| report_link |
https://www.commoncriteriaportal.org/files/epfiles/c0090_ecvr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10661-vr.pdf |
| st_link |
https://www.commoncriteriaportal.org/files/epfiles/ |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10661-st.pdf |
| manufacturer |
Hitachi Information Systems, Ltd |
Juniper Networks, Inc. |
| manufacturer_web |
|
https://www.juniper.net/ |
| security_level |
EAL1 |
{} |
| dgst |
977c07af0c4fe4e1 |
92ea4a365faaabfd |
| heuristics/cert_id |
JISEC-CC-CRP-C0090 |
CCEVS-VR-VID-10661-2015 |
| heuristics/cert_lab |
[] |
US |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
{} |
ASE_TSS.1, ADV_FSP.1, ALC_CMC.1, ASE_INT.1, AVA_VAN.1, ATE_IND.1, ALC_CMS.1, AGD_OPE.1, ASE_OBJ.2, ASE_REQ.2, ASE_CCL.1, ASE_ECD.1, AGD_PRE.1 |
| heuristics/extracted_versions |
1.0 |
14.2 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- cert_id: JISEC-CC-CRP-C0090
- certification_date: 01.03.2007
- claim: EAL1
- enhanced:
- assurance_level: EAL1
- description: PRODUCT DESCRIPTION This product is a network management software that collects security logs from monitored FWs (*1) and IPSs(*2), sends them to SOC(*3) for analysis, and changes the FW's settings based on the instructions from SOC. (*1) abbreviation of Firewall. Network server that protects internal network resources from external network. (*2) abbreviation of Intrusion Prevention System. Software tool that prevents unauthorized access to server and network. It extends a function of IDS to detect unauthorized access, and take countermeasures such as blocking connections in real-time when detected. (*3) abbreviation of Security Operation Center. Facilities that receives security logs from SHIELD/ExLink-IAs and maintains an application software called "i-Monitor" to issue instructions to change FW's settings to HIELD/ExLink-IAs.
- evaluation_facility: Japan Electronics and Information Technology Industries Association, Information Technology Security Center (JEITA ITSEC)
- product: Security Threat Exclusion System SHIELD/ExLink-IA
- product_type: IT Product (Security Management Software)
- toe_version: 1.0
- vendor: Hitachi Information Systems, Ltd
- expiration_date: 01.10.2013
- supplier: Hitachi Information Systems, Ltd
- toe_japan_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0090_it6114.html
- toe_japan_name: Security Threat Exclusion System SHIELD/ExLink-IA 1.0
- toe_overseas_link: None
- toe_overseas_name: -----
|
- category: Network Device
- certification_date: 28.12.2015
- evaluation_facility: UL Verification Services Inc. (Formerly InfoGard)
- expiration_date: 28.12.2017
- id: CCEVS-VR-VID10661
- product: Juniper MX240 MX480, MX960, MX2010, MX2020, EX9204, EX9208, EX9214, PTX3000, PTX5000 with JUNOS 14.2R3
- scheme: US
- url: https://www.niap-ccevs.org/product/10661
- vendor: Juniper Networks, Inc.
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
ac9abe3d5c5a31f0 |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp_nd_v1.1.pdf |
| pdf_data/cert_filename |
|
st_vid10661-ci.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
- US:
- CCEVS-VR-VID10661-2015: 1
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
- /CreationDate: D:20151231080423-05'00'
- /ModDate: D:20151231080446-05'00'
- /Producer: iText 2.1.0 (by lowagie.com)
- pdf_file_size_bytes: 178899
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
c0090_ecvr.pdf |
st_vid10661-vr.pdf |
| pdf_data/report_frontpage |
|
- US:
- cert_id: CCEVS-VR-VID10661-2015
- cert_item: Juniper Networks, Inc. Juniper Networks Mx Routers, PTX Routers and EX9200 Switches Running Junos OS 14.2R3
- cert_lab: US NIAP
|
| pdf_data/report_keywords/cc_cert_id |
- JP:
- Certification No. C0090: 1
|
- US:
- CCEVS-VR-VID10661-2015: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
- A:
- A.NO_GENERAL_PURPOSE: 1
- A.PHYSICAL: 1
- A.TRUSTED_ADMIN: 1
- T:
- T.ADMIN_ERROR: 1
- T.TSF_FAILURE: 1
- T.UNAUTHORIZED_ACCESS: 1
- T.UNAUTHORIZED_UPDATE: 1
- T.UNDETECTED_ACTIONS: 1
- T.USER_DATA_REUSE: 1
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
- ITSC:
- Information Technology Security Center: 1
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
- CVE:
- CVE-2004-0468: 1
- CVE-2006-3529: 1
- CVE-2007-6372: 1
- CVE-2013-4686: 1
- CVE-2013-4687: 1
- CVE-2013-4688: 1
- CVE-2013-6170: 1
- CVE-2013-7313: 1
- CVE-2014-0612: 1
- CVE-2014-0613: 1
- CVE-2014-0614: 1
- CVE-2014-0616: 1
- CVE-2014-0617: 1
- CVE-2014-2713: 1
- CVE-2014-2714: 1
- CVE-2014-3815: 1
- CVE-2014-3817: 1
- CVE-2014-3819: 1
- CVE-2014-3822: 1
- CVE-2014-3825: 1
- CVE-2014-6378: 1
- CVE-2014-6380: 1
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
- CC:
- CCMB-2009-07-001: 1
- CCMB-2009-07-002: 1
- CCMB-2009-07-003: 1
- CCMB-2009-07-004: 1
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
- OutOfScope:
- SSH). Telnet, File Transfer Protocol (FTP), and Secure Socket Layer (SSL) are out of scope and are not used in the evaluated configuration: 1
- Secure Shell (SSH). Telnet, File Transfer Protocol (FTP), and Secure Socket Layer (SSL) are out of scope and are not used in the evaluated configuration. 7 4.5 Security Management The TOE provides an: 1
- out of scope: 1
|
| pdf_data/report_metadata |
- /CreationDate: D:20070323205523+09'00'
- /ModDate: D:20070323205523+09'00'
- /Producer: Acrobat Distiller 6.0 (Windows)
- /Title: untitled
- pdf_file_size_bytes: 13145
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
|
| pdf_data/st_filename |
|
st_vid10661-st.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
|
| pdf_data/st_keywords/cc_sar |
|
- ADV:
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_TSS.1: 1
- ATE:
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
|
- FAU:
- FAU_GEN: 5
- FAU_GEN.1: 7
- FAU_GEN.1.1: 2
- FAU_GEN.1.2: 1
- FAU_GEN.2: 5
- FAU_GEN.2.1: 1
- FAU_STG: 1
- FAU_STG.1: 1
- FAU_STG_EXT.1: 11
- FAU_STG_EXT.1.1: 2
- FCS:
- FCS_CKM: 1
- FCS_CKM.1: 19
- FCS_CKM.1.1: 2
- FCS_CKM.2: 1
- FCS_CKM.4: 7
- FCS_CKM_EXT: 1
- FCS_CKM_EXT.4: 20
- FCS_CKM_EXT.4.1: 1
- FCS_COP.1: 47
- FCS_COP.1.1: 4
- FCS_RBG_EXT.1: 15
- FCS_RBG_EXT.1.1: 2
- FCS_RBG_EXT.1.2: 2
- FCS_SSH_EXT.1: 14
- FCS_SSH_EXT.1.1: 2
- FCS_SSH_EXT.1.2: 2
- FCS_SSH_EXT.1.3: 2
- FCS_SSH_EXT.1.4: 2
- FCS_SSH_EXT.1.5: 2
- FCS_SSH_EXT.1.6: 2
- FCS_SSH_EXT.1.7: 2
- FCS_TLS_EXT.1: 2
- FDP:
- FDP_ITC.1: 6
- FDP_ITC.2: 6
- FDP_RIP.2: 5
- FDP_RIP.2.1: 1
- FIA:
- FIA_PMG_EXT.1: 11
- FIA_PMG_EXT.1.1: 2
- FIA_PSK_EXT.1: 1
- FIA_UAU: 1
- FIA_UAU.1: 3
- FIA_UAU.7: 5
- FIA_UAU.7.1: 1
- FIA_UAU_EXT.2: 11
- FIA_UAU_EXT.2.1: 2
- FIA_UIA_EXT.1: 17
- FIA_UIA_EXT.1.1: 2
- FIA_UIA_EXT.1.2: 2
- FIA_UID.1: 5
- FMT:
- FMT_MTD.1: 5
- FMT_MTD.1.1: 1
- FMT_SMF.1: 7
- FMT_SMF.1.1: 1
- FMT_SMR.1: 2
- FMT_SMR.2: 5
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
- FPT:
- FPT_APW_EXT.1: 9
- FPT_APW_EXT.1.1: 4
- FPT_APW_EXT.1.2: 2
- FPT_SKP_EXT.1: 11
- FPT_SKP_EXT.1.1: 2
- FPT_SSP.1: 1
- FPT_SSP.2: 1
- FPT_STM.1: 7
- FPT_STM.1.1: 1
- FPT_TRP.1: 1
- FPT_TST.1: 1
- FPT_TST_EXT.1: 11
- FPT_TST_EXT.1.1: 2
- FPT_TUD_EXT.1: 11
- FPT_TUD_EXT.1.1: 2
- FPT_TUD_EXT.1.2: 2
- FPT_TUD_EXT.1.3: 2
- FTA:
- FTA_EXT_SSL.1: 1
- FTA_SSL: 1
- FTA_SSL.3: 5
- FTA_SSL.3.1: 1
- FTA_SSL.4: 4
- FTA_SSL.4.1: 1
- FTA_SSL_EXT.1: 9
- FTA_SSL_EXT.1.1: 3
- FTA_SSL_EXT.4: 1
- FTA_TAB.1: 7
- FTA_TAB.1.1: 1
- FTP:
- FTP_ITC.1: 8
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP.1: 4
- FTP_TRP.1.1: 1
- FTP_TRP.1.2: 1
- FTP_TRP.1.3: 1
|
| pdf_data/st_keywords/cc_claims |
|
- A:
- A.NO_GENERAL_PURPOSE: 1
- A.PHYSICAL: 1
- A.TRUSTED_ADMIN: 1
- O:
- O.DISPLAY_BANNER: 1
- O.PROTECTED_COMMUNICATIONS: 1
- O.RESIDUAL_INFORMATION_CLEARING: 1
- O.SESSION_LOCK: 1
- O.SYSTEM_MONITORING: 1
- O.TOE_ADMINISTRATION: 1
- O.TSF_SELF_TEST: 1
- O.VERIFIABLE_UPDATES: 1
- OE:
- OE.NO_GENERAL_PURPOSE: 1
- OE.PHYSICAL: 1
- OE.TRUSTED_ADMIN: 1
- T:
- T.ADMIN_ERROR: 1
- T.TSF_FAILURE: 1
- T.UNAUTHORIZED_ACCESS: 1
- T.UNAUTHORIZED_UPDATE: 1
- T.UNDETECTED_ACTIONS: 1
- T.USER_DATA_REUSE: 1
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
- AES_competition:
- DES:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
- SHA:
- SHA1:
- SHA2:
- SHA-2: 5
- SHA-256: 5
- SHA-512: 3
- SHA256: 2
|
| pdf_data/st_keywords/crypto_scheme |
|
- KEX:
- Key Exchange: 2
- Key exchange: 1
- MAC:
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
- NIST:
- P-256: 6
- P-384: 4
- P-521: 4
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
- CC:
- CCMB-2009-07-001: 1
- CCMB-2009-07-002: 1
- CCMB-2009-07-003: 1
- CCMB-2009-07-004: 1
- FIPS:
- FIPS PUB 186-3: 3
- FIPS PUB 197: 1
- FIPS140: 1
- FIPS197: 1
- NIST:
- NIST SP 800-38A: 1
- NIST SP 800-38D: 1
- RFC:
- RFC 4251: 2
- RFC 4252: 1
- RFC 4253: 3
- RFC 4254: 1
- RFC 4741: 1
- RFC 6668: 1
- RFC4251: 1
- RFC4252: 1
- RFC4253: 3
- RFC4254: 1
- RFC5656: 3
- RFC6668: 2
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- SSH). Telnet, File Transfer Protocol (FTP), Secure Socket Layer (SSL) are out of scope. Security Management (FMT: 1
- i.e. it is not bound to port 80). Although use of this application is out of scope of the evaluation, the daemon supporting the service cannot be disabled: 1
- including Secure Shell (SSH). Telnet, File Transfer Protocol (FTP), Secure Socket Layer (SSL) are out of scope. Security Management (FMT) The TOE provides an Authorized Administrator role that is responsible: 1
- out of scope: 2
- the HTTP traffic arrives (i.e. it is not bound to port 80). Although use of this application is out of scope of the evaluation, the daemon supporting the service cannot be disabled. This service can only: 1
|
| pdf_data/st_metadata |
|
- /Author: Denise Cater
- /CreationDate: D:20151210100045Z
- /Creator: Microsoft® Word 2010
- /ModDate: D:20151228141543-05'00'
- /Producer: Microsoft® Word 2010
- /Subject: Junos OS 13.3R1.8, Junos OS 13.2X50-D19 and Junos OS 13.2X51-D20
- /Title: Security Target
- pdf_file_size_bytes: 1384363
- pdf_hyperlinks: http://www.juniper.net/
- pdf_is_encrypted: False
- pdf_number_of_pages: 64
|
| state/cert/convert_garbage |
False |
True |
| state/cert/convert_ok |
False |
True |
| state/cert/download_ok |
False |
True |
| state/cert/extract_ok |
False |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
False |
True |
| state/st/download_ok |
False |
True |
| state/st/extract_ok |
False |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |