| name |
Palo Alto Networks M-100, M-200, M-500, and M-600 Hardware, and Virtual Appliances all running Panorama 8.1.10 |
Digital Tachograph DTCO 1381 Release 4.1a |
| category |
Network and Network-Related Devices and Systems |
Other Devices and Systems |
| scheme |
US |
DE |
| status |
archived |
active |
| not_valid_after |
12.11.2021 |
14.01.2030 |
| not_valid_before |
12.11.2019 |
14.01.2025 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10980-ci.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1158V3c_pdf.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10980-vr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1158V3a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10980-st.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1158V3b_pdf.pdf |
| manufacturer |
Palo Alto Networks, Inc. |
Continental Automotive Technologies GmbH |
| manufacturer_web |
https://www.paloaltonetworks.com/ |
https://www.continental-automotive.com |
| security_level |
{} |
EAL4+, ATE_DPT.2, AVA_VAN.5 |
| dgst |
a8e03915b8738eb7 |
c15eaa996b434551 |
| heuristics/cert_id |
CCEVS-VR-VID-10980-2019 |
BSI-DSZ-CC-1158-V3-2025 |
| heuristics/cert_lab |
US |
BSI |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ADV_FSP.1, ALC_CMC.1, AVA_VAN.1, ATE_IND.1, ALC_CMS.1, AGD_OPE.1, AGD_PRE.1 |
AGD_PRE.1, ALC_DVS.1, ALC_TAT.1, ALC_CMS.4, ATE_DPT.2, ATE_FUN.1, AVA_VAN.5, ALC_DEL.1, ADV_FSP.4, ALC_LCD.1, ADV_ARC.1, ADV_TDS.3, AGD_OPE.1, ALC_CMC.4, ADV_IMP.1 |
| heuristics/extracted_versions |
8.1.10 |
4.1 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
NSCIB-CC-2200060-02-CR, BSI-DSZ-CC-1158-V2-2023 |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
NSCIB-CC-2200060-02-CR, BSI-DSZ-CC-0827-2013, BSI-DSZ-CC-0376-2006, BSI-DSZ-CC-0827-V5-2017, BSI-DSZ-CC-0827-V7-2018, BSI-DSZ-CC-0395-2007, BSI-DSZ-CC-1158-V2-2023, NSCIB-CC-0173264-CR3, BSI-DSZ-CC-0632-2011, BSI-DSZ-CC-0559-2012, BSI-DSZ-CC-0878-2013, BSI-DSZ-CC-1069-2018, BSI-DSZ-CC-0827-V6-2017, BSI-DSZ-CC-0827-V8-2020, BSI-DSZ-CC-0827-V2-2014, BSI-DSZ-CC-0827-V3-2015, BSI-DSZ-CC-0791-2012, BSI-DSZ-CC-1158-2020, BSI-DSZ-CC-0827-V4-2016, BSI-DSZ-CC-0936-2015, BSI-DSZ-CC-1015-2017, BSI-DSZ-CC-0269-2006 |
| heuristics/scheme_data |
- category: Network Device
- certification_date: 12.11.2019
- evaluation_facility: Leidos Common Criteria Testing Laboratory
- expiration_date: 12.11.2021
- id: CCEVS-VR-VID10980
- product: Palo Alto Networks M-100, M-200, M-500, and M-600 Hardware, and Virtual Appliances all running Panorama 8.1.10
- scheme: US
- url: https://www.niap-ccevs.org/product/10980
- vendor: Palo Alto Networks, Inc.
|
- category: Digital tachograph
- cert_id: BSI-DSZ-CC-1158-V3-2025
- certification_date: 14.01.2025
- enhanced:
- applicant: Continental Automotive Technologies GmbH Heinrich-Hertz-Strasse 45 78052 Villingen-Schwenningen
- assurance_level: EAL4,ATE_DPT.2,AVA_VAN.5
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1158V3c_pdf.pdf?__blob=publicationFile&v=2
- certification_date: 14.01.2025
- description: The Target of evaluation is a second generation vehicle unit (VU) in the sense of Commission Implementing Regulation (EU) 2016/799 (Annex 1C) intended to be installed in road transport vehicles. Its purpose is to record, store, display, print and output data related to driver activities. It is connected to a motion sensor with which it exchanges vehicle’s motion data. The VU records and stores human user activities data in its internal data memory, it also records human user activities data in tachograph cards. The VU outputs data to display, printer and external devices. The TOE is connected to a motion sensor with which it obtains the vehicle’s motion data. Information from the motion sensor is corroborated by vehicle motion information derived from a GNSS receiver, and optionally by other sources independent of the motion sensor.
- entries: [frozendict({'id': 'BSI-DSZ-CC-1158-V3-2025', 'description': 'The current evaluation is a re-evaluation based on the evaluation results andits certification BSI-DSZ-CC-1158-V2-2023.Subject of the re-evaluation were: - changes in the software, - the re-evaluation of a development site, and - the discontinuation of one development site. The software changes comprise bug fixing and improvement of usability.'})]
- evaluation_facility: Deutsche Telekom Security GmbH
- expiration_date: 13.01.2030
- product: Digital Tachograph DTCO 1381 Release 4.1a
- protection_profile: Digital Tachograph - Vehicle Unit (VU PP) Version 1.15, 6 June 2021, BSI-CC-PP-0094-V2-2021
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1158V3a_pdf.pdf?__blob=publicationFile&v=2
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1158V3b_pdf.pdf?__blob=publicationFile&v=2
- product: Digital Tachograph DTCO 1381 Release 4.1a
- subcategory: Vehicle Unit
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Digitaler_Tachograph-Vehicle_Unit/1158.html
- vendor: Continental Automotive Technologies GmbH
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
d3d381970c60f694 |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_ND_V2.1.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0094V2b_pdf.pdf |
| pdf_data/cert_filename |
st_vid10980-ci.pdf |
1158V3c_pdf.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID10980-2019: 1
|
- DE:
- BSI-DSZ-CC-1158-V3-2025: 1
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
- BSI:
- BSI-CC-PP-0094-V2-2021: 1
|
| pdf_data/cert_keywords/cc_security_level |
|
- EAL:
- EAL 2: 1
- EAL 4: 1
- EAL 4 augmented: 1
- EAL 5: 1
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /CreationDate: D:20191119111952-05'00'
- /ModDate: D:20191119111952-05'00'
- /Producer: iText 2.1.0 (by lowagie.com)
- pdf_file_size_bytes: 180256
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
- /Author: Federal Office for Information Security
- /Subject: Digital Tachograph DTCO 1381, Release 4.1a from Continental Automotive Technologies GmbH
- /Title: Certification Report BSI-DSZ-CC-1158-V3-2025
- pdf_file_size_bytes: 233271
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
st_vid10980-vr.pdf |
1158V3a_pdf.pdf |
| pdf_data/report_frontpage |
- DE:
- US:
- cert_id: CCEVS-VR-VID10980-2019
- cert_item: for Palo Alto Networks Panorama v8.1.10
- cert_lab: US NIAP
|
- DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 4 augmented by ATE_DPT.2 and AVA_VAN.5 valid until: 13 January 2030
- cc_version: PP conformant Common Criteria Part 2 extended
- cert_id: BSI-DSZ-CC-1158-V3-2025
- cert_item: Digital Tachograph DTCO 1381, Release 4.1a
- cert_lab: BSI
- developer: Continental Automotive Technologies GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: Digital Tachograph - Vehicle Unit (VU PP) Version 1.15, 6 June 2021, BSI-CC-PP-0094-V2-2021
- US:
|
| pdf_data/report_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID10980-2019: 1
|
- DE:
- BSI-DSZ-CC-1158-V2-2023: 3
- BSI-DSZ-CC-1158-V3-2025: 17
- NL:
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
- BSI:
- BSI-CC-PP- 0094-V2-2021: 1
- BSI-CC-PP-0094-V2-2021: 3
|
| pdf_data/report_keywords/cc_security_level |
|
- EAL:
- EAL 1: 1
- EAL 2: 3
- EAL 4: 5
- EAL 4 augmented: 3
- EAL 5: 4
- EAL 5+: 1
- EAL 6: 1
- EAL4: 1
- EAL4+: 1
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ATE:
- AVA:
|
- ALC:
- ALC_CMC.4: 1
- ALC_CMS.4: 1
- ALC_DEL.1: 1
- ALC_DVS.1: 1
- ALC_FLR: 2
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ATE:
- AVA:
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
- Infineon:
- Infineon Technologies AG: 1
|
| pdf_data/report_keywords/eval_facility |
|
- DeutscheTelekom:
- Deutsche Telekom Security: 3
- TUV:
- TÜV Informationstechnik: 1
|
| pdf_data/report_keywords/symmetric_crypto |
|
- AES_competition:
- DES:
- constructions:
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
- BSI:
- AIS 20: 2
- AIS 25: 2
- AIS 26: 2
- AIS 31: 2
- AIS 32: 1
- AIS 34: 2
- AIS 35: 1
- AIS 36: 3
- AIS 37: 2
- AIS 38: 2
- AIS 40: 1
- AIS 46: 1
- AIS 49: 2
- AIS 50: 1
- FIPS:
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- ISO/IEC 9797-1: 1
- NIST:
- SP 800-38A: 1
- SP 800-38B: 1
- PKCS:
- RFC:
- RFC 5480: 1
- RFC 5639: 1
- RFC 5869: 1
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- OutOfScope:
- e., stateful inspection filtering, IPsec VPN gateway, IPS/IDS threat prevention) are not evaluated (out of scope). Only the secure communication channels from Panorama to firewalls and Wildfires are claimed: 1
- out of scope: 2
- protocol and can be used to build a management interface. This feature is not tested and is out of scope. Stateful inspection filtering, VPN gateway, IPS/IDS threat prevention, URL filtering (PAN- DB: 1
|
- ConfidentialDocument:
- 18 December 2024, Evaluation Technical Report BSI-DSZ-CC-1158-V3, Deutsche Telekom Security GmbH, (confidential document) [8] Digital Tachograph - Vehicle Unit (VU PP) Version 1.15, 6 June 2021, BSI-CC-PP- 0094-V2-2021: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
- list for the TOE, Version 1.66, 11 December 2024, Konfigurationsliste, Continental AG (confidential document) 7 specifically • AIS 20, Version 3, Funktionalitätsklassen und Evaluationsmethodologie für: 1
|
| pdf_data/report_metadata |
- /CreationDate: D:20191119084910-05'00'
- /ModDate: D:20191119084910-05'00'
- pdf_file_size_bytes: 584095
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 20
|
- /Author: Federal Office for Information Security
- /Keywords: "Common Criteria, Certification, Zertifizierung, Continental, Digital Tachograph, DTCO, Vehicle Unit"
- /Subject: Common Criteria, Certification, Zertifizierung, Continental, Digital Tachograph, DTCO, Vehicle Unit
- /Title: Certification Report BSI-DSZ-CC-1158-V3-2025
- pdf_file_size_bytes: 641185
- pdf_hyperlinks: http://www.commoncriteriaportal.org/cc/, https://www.sogis.eu/, https://www.bsi.bund.de/AIS, http://www.commoncriteriaportal.org/, https://www.commoncriteriaportal.org/, https://www.bsi.bund.de/zertifizierung, https://www.bsi.bund.de/zertifizierungsreporte, https://www.bsi.bund.de/
- pdf_is_encrypted: False
- pdf_number_of_pages: 30
|
| pdf_data/st_filename |
st_vid10980-st.pdf |
1158V3b_pdf.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
- BSI:
- BSI-CC-PP-0093: 1
- BSI-CC-PP-0094-V2: 1
|
| pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL 4: 3
- EAL 4 augmented: 1
- EAL4: 12
- EAL4 augmented: 4
- EAL6: 1
- EAL6 augmented: 1
- EAL6+: 1
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- AGD:
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL: 1
- ASE_ECD: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_REQ: 1
- ASE_SPD: 1
- ASE_TSS: 1
- ATE:
- AVA:
|
- ADV:
- ADV_ARC.1: 2
- ADV_FSP.4: 1
- ADV_IMP.1: 1
- ADV_TDS.3: 2
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ATE:
- ATE_DPT.1: 1
- ATE_DPT.2: 8
- ATE_FUN.1: 1
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 2
- FAU_GEN.1: 4
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 3
- FAU_GEN.2.1: 1
- FAU_STG_EXT: 1
- FAU_STG_EXT.1: 3
- FAU_STG_EXT.1.1: 1
- FAU_STG_EXT.1.2: 1
- FAU_STG_EXT.1.3: 1
- FCS:
- FCS_CKM: 3
- FCS_CKM.1: 5
- FCS_CKM.1.1: 1
- FCS_CKM.2: 6
- FCS_CKM.2.1: 1
- FCS_CKM.4: 3
- FCS_CKM.4.1: 1
- FCS_COP: 19
- FCS_COP.1: 4
- FCS_RBG_EXT: 1
- FCS_RBG_EXT.1: 5
- FCS_RBG_EXT.1.1: 1
- FCS_RBG_EXT.1.2: 1
- FCS_SSHC_EXT.1.5: 1
- FCS_SSHS_EXT: 1
- FCS_SSHS_EXT.1: 3
- FCS_SSHS_EXT.1.1: 1
- FCS_SSHS_EXT.1.2: 1
- FCS_SSHS_EXT.1.3: 1
- FCS_SSHS_EXT.1.4: 1
- FCS_SSHS_EXT.1.5: 2
- FCS_SSHS_EXT.1.6: 1
- FCS_SSHS_EXT.1.7: 1
- FCS_SSHS_EXT.1.8: 1
- FCS_TLSC_EXT: 2
- FCS_TLSC_EXT.1: 3
- FCS_TLSC_EXT.1.1: 2
- FCS_TLSC_EXT.1.2: 1
- FCS_TLSC_EXT.1.3: 1
- FCS_TLSC_EXT.1.4: 1
- FCS_TLSC_EXT.2: 2
- FCS_TLSC_EXT.2.1: 1
- FCS_TLSC_EXT.2.2: 1
- FCS_TLSC_EXT.2.3: 1
- FCS_TLSC_EXT.2.4: 1
- FCS_TLSC_EXT.2.5: 1
- FCS_TLSS_EXT: 2
- FCS_TLSS_EXT.1: 3
- FCS_TLSS_EXT.1.1: 1
- FCS_TLSS_EXT.1.2: 1
- FCS_TLSS_EXT.1.3: 1
- FCS_TLSS_EXT.2: 2
- FCS_TLSS_EXT.2.1: 1
- FCS_TLSS_EXT.2.2: 1
- FCS_TLSS_EXT.2.3: 1
- FCS_TLSS_EXT.2.4: 1
- FCS_TLSS_EXT.2.5: 1
- FCS_TLSS_EXT.2.6: 1
- FIA:
- FIA_AFL: 1
- FIA_AFL.1: 6
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_PMG_EXT: 1
- FIA_PMG_EXT.1: 3
- FIA_PMG_EXT.1.1: 1
- FIA_UAU: 1
- FIA_UAU.7: 3
- FIA_UAU.7.1: 1
- FIA_UAU_EXT: 1
- FIA_UAU_EXT.2: 2
- FIA_UAU_EXT.2.1: 1
- FIA_UIA_EXT: 1
- FIA_UIA_EXT.1: 5
- FIA_UIA_EXT.1.1: 1
- FIA_UIA_EXT.1.2: 1
- FMT:
- FMT_MOF: 4
- FMT_MOF.1: 1
- FMT_MTD: 4
- FMT_MTD.1: 1
- FMT_SMF: 1
- FMT_SMF.1: 3
- FMT_SMF.1.1: 1
- FMT_SMR: 1
- FMT_SMR.2: 3
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
- FPT:
- FPT_APW_EXT: 1
- FPT_APW_EXT.1: 3
- FPT_APW_EXT.1.1: 1
- FPT_APW_EXT.1.2: 1
- FPT_SKP_EXT: 1
- FPT_SKP_EXT.1: 3
- FPT_SKP_EXT.1.1: 1
- FPT_STM_EXT: 1
- FPT_STM_EXT.1: 4
- FPT_STM_EXT.1.1: 1
- FPT_STM_EXT.1.2: 1
- FPT_TST_EXT: 1
- FPT_TST_EXT.1: 2
- FPT_TST_EXT.1.1: 1
- FPT_TUD_EXT: 1
- FPT_TUD_EXT.1: 3
- FPT_TUD_EXT.1.1: 1
- FPT_TUD_EXT.1.2: 1
- FPT_TUD_EXT.1.3: 1
- FTA:
- FTA_SSL: 2
- FTA_SSL.3: 3
- FTA_SSL.3.1: 1
- FTA_SSL.4: 2
- FTA_SSL.4.1: 1
- FTA_SSL_EXT: 1
- FTA_SSL_EXT.1: 3
- FTA_SSL_EXT.1.1: 1
- FTA_TAB: 1
- FTA_TAB.1: 4
- FTA_TAB.1.1: 1
- FTP:
- FTP_ITC: 1
- FTP_ITC.1: 4
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP: 4
- FTP_TRP.1: 3
|
- FAU:
- FAU_GEN: 6
- FAU_GEN.1: 12
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_SAR: 2
- FAU_SAR.1: 5
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FAU_STG: 3
- FAU_STG.1: 9
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FAU_STG.3: 1
- FAU_STG.4: 5
- FAU_STG.4.1: 1
- FCO:
- FCO_NRO: 1
- FCO_NRO.1: 6
- FCO_NRO.1.1: 1
- FCO_NRO.1.2: 1
- FCO_NRO.1.3: 1
- FCS:
- FCS_CKM: 4
- FCS_CKM.1: 48
- FCS_CKM.1.1: 2
- FCS_CKM.2: 22
- FCS_CKM.2.1: 2
- FCS_CKM.4: 39
- FCS_CKM.4.1: 2
- FCS_COP: 2
- FCS_COP.1: 53
- FCS_COP.1.1: 8
- FCS_RNG: 8
- FCS_RNG.1: 31
- FCS_RNG.1.1: 8
- FCS_RNG.1.2: 8
- FDP:
- FDP_ACC: 6
- FDP_ACC.1: 85
- FDP_ACC.1.1: 6
- FDP_ACF: 6
- FDP_ACF.1: 68
- FDP_ACF.1.1: 12
- FDP_ACF.1.2: 7
- FDP_ACF.1.3: 6
- FDP_ACF.1.4: 6
- FDP_ETC: 5
- FDP_ETC.2: 7
- FDP_ETC.2.1: 1
- FDP_ETC.2.2: 1
- FDP_ETC.2.3: 1
- FDP_ETC.2.4: 1
- FDP_IFC: 1
- FDP_IFC.1: 8
- FDP_ITC: 6
- FDP_ITC.1: 25
- FDP_ITC.1.1: 1
- FDP_ITC.1.2: 1
- FDP_ITC.1.3: 1
- FDP_ITC.2: 36
- FDP_ITC.2.1: 1
- FDP_ITC.2.2: 1
- FDP_ITC.2.3: 1
- FDP_ITC.2.4: 1
- FDP_ITC.2.5: 2
- FDP_ITT: 1
- FDP_ITT.1: 5
- FDP_ITT.1.1: 1
- FDP_RIP: 3
- FDP_RIP.1: 8
- FDP_RIP.1.1: 1
- FDP_SDI: 1
- FDP_SDI.1: 3
- FDP_SDI.2: 22
- FDP_SDI.2.1: 3
- FDP_SDI.2.2: 3
- FIA:
- FIA_AFL: 1
- FIA_AFL.1: 29
- FIA_AFL.1.1: 6
- FIA_AFL.1.2: 4
- FIA_ATD: 2
- FIA_ATD.1: 19
- FIA_ATD.1.1: 3
- FIA_SOS.2: 1
- FIA_UAU: 8
- FIA_UAU.1: 28
- FIA_UAU.1.1: 2
- FIA_UAU.1.2: 2
- FIA_UAU.2: 13
- FIA_UAU.2.1: 2
- FIA_UAU.3: 7
- FIA_UAU.3.1: 1
- FIA_UAU.3.2: 1
- FIA_UAU.5: 8
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.6: 5
- FIA_UAU.6.1: 1
- FIA_UID: 2
- FIA_UID.1: 13
- FIA_UID.2: 14
- FIA_UID.2.1: 1
- FMT:
- FMT_MOF: 1
- FMT_MOF.1: 31
- FMT_MOF.1.1: 5
- FMT_MSA: 9
- FMT_MSA.1: 17
- FMT_MSA.1.1: 1
- FMT_MSA.3: 55
- FMT_MSA.3.1: 6
- FMT_MSA.3.2: 6
- FMT_MTD: 3
- FMT_MTD.1: 9
- FMT_MTD.1.1: 1
- FMT_SMF: 9
- FMT_SMF.1: 19
- FMT_SMF.1.1: 1
- FMT_SMR: 14
- FMT_SMR.1: 33
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_FLS: 2
- FPT_FLS.1: 4
- FPT_FLS.1.1: 1
- FPT_PHP: 3
- FPT_PHP.1: 1
- FPT_PHP.2: 5
- FPT_PHP.2.1: 1
- FPT_PHP.2.2: 1
- FPT_PHP.2.3: 2
- FPT_PHP.3: 5
- FPT_PHP.3.1: 1
- FPT_STM: 3
- FPT_STM.1: 10
- FPT_STM.1.1: 1
- FPT_TDC: 2
- FPT_TDC.1: 26
- FPT_TDC.1.1: 3
- FPT_TDC.1.2: 3
- FPT_TST: 2
- FPT_TST.1: 6
- FPT_TST.1.1: 2
- FPT_TST.1.2: 1
- FPT_TST.1.3: 2
- FTP:
- FTP_ITC: 3
- FTP_ITC.1: 26
- FTP_ITC.1.1: 4
- FTP_ITC.1.2: 4
- FTP_ITC.1.3: 4
- FTP_TRP.1: 2
|
| pdf_data/st_keywords/cc_claims |
- A:
- OE:
- OE.ADMIN_CREDENTIALS_SECURE: 1
- OE.NO_GENERAL_PURPOSE: 1
- OE.NO_THRU_TRAFFIC_PROTECTION: 1
- OE.PHYSICAL: 1
- OE.RESIDUAL_INFORMATION: 1
- OE.TRUSTED_ADMIN: 1
- OE.UPDATES: 1
|
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- DES:
- constructions:
- MAC:
- HMAC: 9
- HMAC-SHA-256: 7
- HMAC-SHA-384: 4
- HMAC-SHA-512: 4
|
- AES_competition:
- DES:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
- ECC:
- FF:
- DH:
- DH: 7
- DHE: 1
- Diffie-Hellman: 8
- DSA:
- RSA:
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-256: 6
- SHA-384: 4
- SHA-512: 4
- SHA256: 17
|
- SHA:
- SHA1:
- SHA2:
- SHA-2: 1
- SHA-256: 2
- SHA-384: 2
- SHA-512: 2
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
- IKE:
- IPsec:
- SSH:
- TLS:
- SSL:
- SSL: 5
- SSL 2.0: 4
- SSL 3.0: 4
- TLS:
- TLS: 78
- TLS 1.0: 4
- TLS 1.1: 4
- TLS 1.2: 6
- TLS1.1: 1
- TLS1.2: 1
- TLSv1.1: 3
- TLSv1.2: 6
- VPN:
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- NIST:
- P-256: 18
- P-384: 12
- P-521: 10
- secp256r1: 7
- secp384r1: 7
- secp521r1: 3
|
- Brainpool:
- brainpoolP256r1: 1
- brainpoolP384r1: 1
- brainpoolP512r1: 1
- NIST:
- NIST P-256: 1
- NIST P-384: 1
- NIST P-521: 1
- P-256: 1
- P-384: 1
- P-521: 1
- secp256r1: 1
- secp384r1: 1
- secp521r1: 1
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 7
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 7
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 7
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 5
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 7
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 7
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 5
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 7
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 5
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 5
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 5
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 5
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 5
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 5
- TLS_RSA_WITH_AES_128_CBC_SHA: 7
- TLS_RSA_WITH_AES_128_CBC_SHA256: 7
- TLS_RSA_WITH_AES_256_CBC_SHA: 7
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
- FI:
- Physical tampering: 1
- malfunction: 1
- physical tampering: 7
- other:
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- FIPS:
- FIPS 140-2: 2
- FIPS 186-4: 3
- FIPS PUB 186-4: 18
- ISO:
- ISO/IEC 14888-: 1
- ISO/IEC 14888-3: 1
- ISO/IEC 18031:2011: 4
- ISO/IEC 9796-2: 2
- NIST:
- NIST SP 800-56A: 2
- SP 800-90A: 2
- PKCS:
- RFC:
- RFC 2818: 3
- RFC 2986: 2
- RFC 3268: 28
- RFC 3526: 3
- RFC 4253: 2
- RFC 4346: 4
- RFC 4492: 24
- RFC 5246: 30
- RFC 5280: 5
- RFC 5289: 44
- RFC 5759: 1
- RFC 6125: 3
- RFC 6960: 1
- RFC 8017: 2
- X509:
|
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- CCMB-2017-09-001: 1
- CCMB-2017-09-002: 1
- CCMB-2017-09-003: 1
- CCMB-2017-09-004: 1
- FIPS:
- FIPS PUB 180-4: 1
- FIPS PUB 186-4: 1
- FIPS PUB 197: 2
- FIPS PUB 46-3: 1
- ISO:
- NIST:
- SP 800-38A: 1
- SP 800-38B: 1
- RFC:
- RFC 3447: 1
- RFC 5480: 1
- RFC 5639: 1
- RFC 5869: 1
- RFC 8017: 1
- RFC3447: 1
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- e., stateful inspection filtering, IPsec VPN gateway, IPS/IDS threat prevention) are not evaluated (out of scope). Only the secure communication channels from Panorama to firewalls and Wildfires are claimed. The: 1
- extent specified by the security functional requirements: TLS, HTTPS, SSH. The features below are out of scope. Table 2 Excluded Features Feature Description Telnet and HTTP Management Protocols Telnet and HTTP: 1
- out of scope: 3
- protocol and can be used to build a management interface. This feature is not tested and is out of scope. Stateful inspection filtering, VPN gateway, IPS/IDS threat prevention, URL filtering (PAN- DB: 1
|
- OutOfScope:
- 30 RSA Generated by ERCA; inserted in VU by manufacturer at the end of the manufacturing phase Out of scope for this ST Not applicable VU non- volatile memory Card.PK (condition al, possibly multiple) Card: 1
- 33 ECC Generated by ERCA; inserted in VU by manufacturer at the end of the manufacturing phase Out of scope for this ST Not applicable VU non- volatile memory (conditional; only present if existing at time: 1
- 33) ECC Generated by MSCA ; obtained by VU in MSCA- _Card certificate during mutual authentication Out of scope for this ST Not applicable VU non- volatile memory (conditional, possibly multiple) VUEGF.P K: 1
- 33. ECC Generated by ERCA; inserted in VU by manufacturer at the end of the manufacturing phase Out of scope for this ST Not applicable VU non- volatile memory EUR.PK (previous) The previous public key of: 1
- 33. ECC Generated by MSCA ; obtained by VU in MSCA_VU-EGF certificate during coupling to an EGF Out of scope for this ST Not applicable VU non- volatile memory (conditional, possibly multiple) DTCO1381 R4.1a: 1
- C as part of the EUR.Link.C; obtained by VU du- ring mutual authentication towards such card or EGF Out of scope for this ST Not applicable VU general nonvo-latile memory (con-ditional; only if the VU has: 1
- MACs for the data integrity control of user data records AES Generated by the VU manufacturer Out of scope of this ST Made unavailable when the VU has reached end of life VU non- volatile memory DTCO1381: 1
- Note: as explained in Annex 1C [54], Appendix 11, section 12.2, a VU contains only one Km-vu. Out of scope for this ST Made unavailable when the VU has reached end of life VU non- volatile Memory Km-wc: 1
- Out of scope: 18
- and session key ECC Generated by card or card manufac- turer; obtained by VU in card certi- Out of scope for this ST Not applicable VU non- volatile memory (conditional, DTCO1381 R4.1a, Security Target: 1
- by card or card manufacturer; obtained by VU in card certificate during mutual authentication Out of scope for this ST Not applicable VU non- volatile memory MS.PK (condition al, Public key of an MSCA other: 1
- for update file To ensure confidentiality of the update file AES Generated by the VU manufacturer Out of scope of this ST Made unavailable when the VU has reached end of life Not permanently stored CBC- MAC: 1
- foreign) MSCA; obtained by VU in Out of scope for this ST Not applicable VU non- volatile memory DTCO1381 R4.1a, Security Target Rev: 1
- key generations). However, a VU will retrieve only one of these keys during the pairing process. Out of scope for this ST Made unavailable at the latest by end of calibration phase Not permanently stored; only: 1
- obtained by VU in EGF certificate during mutual authentication as part of the coupling process Out of scope for this ST Not applicable VU non- volatile memory (conditional, possibly multiple) MSCA _Card.PK: 1
- of the underlying elliptic curve and the CBC- MAC key itself AES Generated by the VU manufacturer Out of scope of this ST Made unavailable when the VU has reached end of life VU non- volatile memory Kvu: 1
- received from VU manufacturer; inserted by VU manufacturer at the end of the manufacturing phase Out of scope for this ST Made unavailable when the VU has reached end of life VU non- volatile memory 38 Note: 1
- received from VU manufacturer; inserted by VU manufacturer at the end of the manufacturing phase Out of scope for this ST Made unavailable when the VU has reached end of life VU non- volatile memory TK: 1
- the MSCA Used by VU to perform verification of RSA Generated by (foreign) MSCA; obtained by VU in Out of scope for this ST Not applicable VU non- volatile memory DTCO1381 R4.1a, Security Target Rev. 1.6 p u b: 1
- under Km) at the end of the manufac-turing phase; obtained and decrypted by VU during pairing Out of scope for this ST Made unavailable at the latest by end of calibration phase Not permanently stored; only: 1
|
| pdf_data/st_metadata |
- /CreationDate: D:20191119084329-05'00'
- /ModDate: D:20191119084329-05'00'
- pdf_file_size_bytes: 1492668
- pdf_hyperlinks: https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=412, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=418, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=407, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=405, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=421, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=435, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=422, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=406, file:///C:/Users/beaverg/Desktop/CCTL%20Projects/Palo%20Alto%20Panorama/Received%20from%20Vendor/updates.paloaltonetworks.com, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=409, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=408, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=420, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=433, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=417, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=411, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=410, https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/technical-documentation/81/vm-series/vm-series-deployment/vm-series-deployment.pdf, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=419, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=434, https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/technical-documentation/81/panorama/panorama-admin/panorama-admin.pdf
- pdf_is_encrypted: False
- pdf_number_of_pages: 56
|
- pdf_file_size_bytes: 1596747
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 129
|
| state/cert/convert_garbage |
True |
False |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
True |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |