| name |
Palo Alto Networks M-100, M-200, M-500, and M-600 Hardware, and Virtual Appliances all running Panorama 8.1.10 |
Platforme MultiApp V5.1 GP-SE (version 5.1) (2023/33) |
| category |
Network and Network-Related Devices and Systems |
ICs, Smart Cards and Smart Card-Related Devices and Systems |
| scheme |
US |
FR |
| status |
archived |
active |
| not_valid_after |
12.11.2021 |
28.08.2028 |
| not_valid_before |
12.11.2019 |
28.08.2023 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10980-ci.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Certificat-2023_33fr.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10980-vr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2023_33fr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10980-st.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-cible-2023_33en.pdf |
| manufacturer |
Palo Alto Networks, Inc. |
THALES DIS FRANCE SA |
| manufacturer_web |
https://www.paloaltonetworks.com/ |
https://www.thalesgroup.com/en/europe/france |
| security_level |
{} |
EAL6+, ALC_FLR.2 |
| dgst |
a8e03915b8738eb7 |
f24c0cdd335afa91 |
| heuristics/cert_id |
CCEVS-VR-VID-10980-2019 |
ANSSI-CC-2023/33 |
| heuristics/cert_lab |
US |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ADV_FSP.1, ALC_CMC.1, AVA_VAN.1, ATE_IND.1, ALC_CMS.1, AGD_OPE.1, AGD_PRE.1 |
ASE_INT.1, ALC_DVS.2, ADV_TDS.5, ASE_ECD.1, ASE_SPD.1, ALC_CMS.5, AVA_VAN.5, ALC_DEL.1, ALC_LCD.1, ATE_FUN.2, ALC_TAT.3, ADV_FSP.5, AGD_OPE.1, AGD_PRE.1, ATE_DPT.3, ADV_ARC.1, ALC_CMC.5, ADV_IMP.2, ASE_OBJ.2, ASE_TSS.2, ALC_FLR.2, ASE_REQ.2, ADV_INT.3, ATE_IND.2, ASE_CCL.1, ATE_COV.3, ADV_SPM.1 |
| heuristics/extracted_versions |
8.1.10 |
5.1 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
ANSSI-CC-2023/01 |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
ANSSI-CC-2023/01 |
| heuristics/scheme_data |
- category: Network Device
- certification_date: 12.11.2019
- evaluation_facility: Leidos Common Criteria Testing Laboratory
- expiration_date: 12.11.2021
- id: CCEVS-VR-VID10980
- product: Palo Alto Networks M-100, M-200, M-500, and M-600 Hardware, and Virtual Appliances all running Panorama 8.1.10
- scheme: US
- url: https://www.niap-ccevs.org/product/10980
- vendor: Palo Alto Networks, Inc.
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
ANSSI-CC-2023/01 |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
ANSSI-CC-2023/01 |
| heuristics/protection_profiles |
{} |
94167fd161e87d71, 3ebd6b9f8d81e522 |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_ND_V2.1.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0099b_pdf.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CCN-CC-PP-5-2021.pdf |
| pdf_data/cert_filename |
st_vid10980-ci.pdf |
Certificat-2023_33fr.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID10980-2019: 1
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
- BSI:
- BSI-CC-PP-0099-V2-2020: 1
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /CreationDate: D:20191119111952-05'00'
- /ModDate: D:20191119111952-05'00'
- /Producer: iText 2.1.0 (by lowagie.com)
- pdf_file_size_bytes: 180256
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
- /CreationDate: D:20230829153728+02'00'
- /Creator: Acrobat PDFMaker 23 pour Word
- /Keywords:
- /ModDate: D:20230829153853+02'00'
- /Producer: Adobe PDF Library 23.1.175
- pdf_file_size_bytes: 157283
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 2
|
| pdf_data/report_filename |
st_vid10980-vr.pdf |
ANSSI-CC-2023_33fr.pdf |
| pdf_data/report_frontpage |
- FR:
- US:
- cert_id: CCEVS-VR-VID10980-2019
- cert_item: for Palo Alto Networks Panorama v8.1.10
- cert_lab: US NIAP
|
|
| pdf_data/report_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID10980-2019: 1
|
- FR:
- ANSSI-CC-2023/01: 2
- ANSSI-CC-2023/33: 2
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
- BSI:
- BSI-CC-PP-0099-V2-2020: 2
|
| pdf_data/report_keywords/cc_security_level |
|
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ATE:
- AVA:
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- OutOfScope:
- e., stateful inspection filtering, IPsec VPN gateway, IPS/IDS threat prevention) are not evaluated (out of scope). Only the secure communication channels from Panorama to firewalls and Wildfires are claimed: 1
- out of scope: 2
- protocol and can be used to build a management interface. This feature is not tested and is out of scope. Stateful inspection filtering, VPN gateway, IPS/IDS threat prevention, URL filtering (PAN- DB: 1
|
|
| pdf_data/report_metadata |
- /CreationDate: D:20191119084910-05'00'
- /ModDate: D:20191119084910-05'00'
- pdf_file_size_bytes: 584095
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 20
|
|
| pdf_data/st_filename |
st_vid10980-st.pdf |
ANSSI-cible-2023_33en.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
- BSI:
- BSI-CC-PP- 00842014: 1
- BSI-CC-PP-0084-2014: 1
- BSI-CC-PP-0099-V2-: 1
- BSI-PP-0056-V2-MA-2012: 1
|
| pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL 6+: 1
- EAL4: 1
- EAL4 augmented: 1
- EAL6: 34
- EAL6 augmented: 1
- EAL6+: 3
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- AGD:
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL: 1
- ASE_ECD: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_REQ: 1
- ASE_SPD: 1
- ASE_TSS: 1
- ATE:
- AVA:
|
- ADV:
- ADV_ARC: 2
- ADV_ARC.1: 8
- ADV_FSP: 1
- ADV_FSP.1: 1
- ADV_FSP.2: 2
- ADV_FSP.4: 2
- ADV_FSP.5: 6
- ADV_IMP: 1
- ADV_IMP.1: 3
- ADV_IMP.2: 4
- ADV_INT.3: 2
- ADV_SPM.1: 9
- ADV_TDS: 1
- ADV_TDS.1: 2
- ADV_TDS.3: 3
- ADV_TDS.4: 1
- ADV_TDS.5: 6
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 8
- AGD_PRE: 1
- AGD_PRE.1: 6
- ALC:
- ALC_CMC.5: 4
- ALC_CMS.5: 1
- ALC_DEL.1: 2
- ALC_DVS.2: 5
- ALC_FLR.2: 7
- ALC_LCD.1: 4
- ALC_TAT.1: 2
- ALC_TAT.3: 4
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ASE_TSS.2: 1
- ATE:
- ATE_COV.1: 2
- ATE_COV.2: 1
- ATE_COV.3: 2
- ATE_DPT.1: 1
- ATE_DPT.3: 2
- ATE_FUN.1: 3
- ATE_FUN.2: 4
- ATE_IND.2: 2
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 2
- FAU_GEN.1: 4
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 3
- FAU_GEN.2.1: 1
- FAU_STG_EXT: 1
- FAU_STG_EXT.1: 3
- FAU_STG_EXT.1.1: 1
- FAU_STG_EXT.1.2: 1
- FAU_STG_EXT.1.3: 1
- FCS:
- FCS_CKM: 3
- FCS_CKM.1: 5
- FCS_CKM.1.1: 1
- FCS_CKM.2: 6
- FCS_CKM.2.1: 1
- FCS_CKM.4: 3
- FCS_CKM.4.1: 1
- FCS_COP: 19
- FCS_COP.1: 4
- FCS_RBG_EXT: 1
- FCS_RBG_EXT.1: 5
- FCS_RBG_EXT.1.1: 1
- FCS_RBG_EXT.1.2: 1
- FCS_SSHC_EXT.1.5: 1
- FCS_SSHS_EXT: 1
- FCS_SSHS_EXT.1: 3
- FCS_SSHS_EXT.1.1: 1
- FCS_SSHS_EXT.1.2: 1
- FCS_SSHS_EXT.1.3: 1
- FCS_SSHS_EXT.1.4: 1
- FCS_SSHS_EXT.1.5: 2
- FCS_SSHS_EXT.1.6: 1
- FCS_SSHS_EXT.1.7: 1
- FCS_SSHS_EXT.1.8: 1
- FCS_TLSC_EXT: 2
- FCS_TLSC_EXT.1: 3
- FCS_TLSC_EXT.1.1: 2
- FCS_TLSC_EXT.1.2: 1
- FCS_TLSC_EXT.1.3: 1
- FCS_TLSC_EXT.1.4: 1
- FCS_TLSC_EXT.2: 2
- FCS_TLSC_EXT.2.1: 1
- FCS_TLSC_EXT.2.2: 1
- FCS_TLSC_EXT.2.3: 1
- FCS_TLSC_EXT.2.4: 1
- FCS_TLSC_EXT.2.5: 1
- FCS_TLSS_EXT: 2
- FCS_TLSS_EXT.1: 3
- FCS_TLSS_EXT.1.1: 1
- FCS_TLSS_EXT.1.2: 1
- FCS_TLSS_EXT.1.3: 1
- FCS_TLSS_EXT.2: 2
- FCS_TLSS_EXT.2.1: 1
- FCS_TLSS_EXT.2.2: 1
- FCS_TLSS_EXT.2.3: 1
- FCS_TLSS_EXT.2.4: 1
- FCS_TLSS_EXT.2.5: 1
- FCS_TLSS_EXT.2.6: 1
- FIA:
- FIA_AFL: 1
- FIA_AFL.1: 6
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_PMG_EXT: 1
- FIA_PMG_EXT.1: 3
- FIA_PMG_EXT.1.1: 1
- FIA_UAU: 1
- FIA_UAU.7: 3
- FIA_UAU.7.1: 1
- FIA_UAU_EXT: 1
- FIA_UAU_EXT.2: 2
- FIA_UAU_EXT.2.1: 1
- FIA_UIA_EXT: 1
- FIA_UIA_EXT.1: 5
- FIA_UIA_EXT.1.1: 1
- FIA_UIA_EXT.1.2: 1
- FMT:
- FMT_MOF: 4
- FMT_MOF.1: 1
- FMT_MTD: 4
- FMT_MTD.1: 1
- FMT_SMF: 1
- FMT_SMF.1: 3
- FMT_SMF.1.1: 1
- FMT_SMR: 1
- FMT_SMR.2: 3
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
- FPT:
- FPT_APW_EXT: 1
- FPT_APW_EXT.1: 3
- FPT_APW_EXT.1.1: 1
- FPT_APW_EXT.1.2: 1
- FPT_SKP_EXT: 1
- FPT_SKP_EXT.1: 3
- FPT_SKP_EXT.1.1: 1
- FPT_STM_EXT: 1
- FPT_STM_EXT.1: 4
- FPT_STM_EXT.1.1: 1
- FPT_STM_EXT.1.2: 1
- FPT_TST_EXT: 1
- FPT_TST_EXT.1: 2
- FPT_TST_EXT.1.1: 1
- FPT_TUD_EXT: 1
- FPT_TUD_EXT.1: 3
- FPT_TUD_EXT.1.1: 1
- FPT_TUD_EXT.1.2: 1
- FPT_TUD_EXT.1.3: 1
- FTA:
- FTA_SSL: 2
- FTA_SSL.3: 3
- FTA_SSL.3.1: 1
- FTA_SSL.4: 2
- FTA_SSL.4.1: 1
- FTA_SSL_EXT: 1
- FTA_SSL_EXT.1: 3
- FTA_SSL_EXT.1.1: 1
- FTA_TAB: 1
- FTA_TAB.1: 4
- FTA_TAB.1.1: 1
- FTP:
- FTP_ITC: 1
- FTP_ITC.1: 4
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP: 4
- FTP_TRP.1: 3
|
- FAU:
- FAU_ARP.1: 17
- FAU_ARP.1.1: 1
- FAU_SAA.1: 2
- FAU_SAS.1: 2
- FCO:
- FCO_NRO: 31
- FCO_NRO.2: 9
- FCO_NRR: 6
- FCO_NRR.1: 3
- FCS:
- FCS_CKM: 56
- FCS_CKM.1: 37
- FCS_CKM.1.1: 3
- FCS_CKM.2: 11
- FCS_CKM.2.1: 1
- FCS_CKM.3: 6
- FCS_CKM.3.1: 1
- FCS_CKM.4: 40
- FCS_CKM.4.1: 2
- FCS_CMK.4: 1
- FCS_COP: 82
- FCS_COP.1: 34
- FCS_COP.1.1: 5
- FCS_RNG: 26
- FCS_RNG.1: 16
- FCS_RNG.1.1: 3
- FCS_RNG.1.2: 3
- FDP:
- FDP_ACC: 53
- FDP_ACC.1: 25
- FDP_ACC.2: 6
- FDP_ACF: 49
- FDP_ACF.1: 25
- FDP_IFC: 68
- FDP_IFC.1: 22
- FDP_IFC.2: 4
- FDP_IFF: 47
- FDP_IFF.1: 23
- FDP_ITC: 43
- FDP_ITC.1: 19
- FDP_ITC.2: 29
- FDP_ITT.1: 2
- FDP_RIP: 113
- FDP_RIP.1: 11
- FDP_RIP.1.1: 1
- FDP_ROL: 22
- FDP_ROL.1: 7
- FDP_SDC.1: 2
- FDP_SDI: 10
- FDP_SDI.2: 4
- FDP_UCT: 8
- FDP_UCT.1: 3
- FDP_UIT: 18
- FDP_UIT.1: 4
- FIA:
- FIA_AFL: 36
- FIA_AFL.1: 7
- FIA_AFL.1.1: 2
- FIA_AFL.1.2: 2
- FIA_API.1: 2
- FIA_ATD: 13
- FIA_ATD.1: 3
- FIA_UAU: 80
- FIA_UAU.1: 7
- FIA_UAU.1.1: 2
- FIA_UAU.1.2: 2
- FIA_UAU.4: 2
- FIA_UAU.4.1: 1
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.6.1: 1
- FIA_UID: 61
- FIA_UID.1: 24
- FIA_UID.1.1: 2
- FIA_UID.1.2: 2
- FIA_UID.2: 1
- FIA_USB: 8
- FIA_USB.1: 3
- FMT:
- FMT_LIM: 38
- FMT_LIM.1: 17
- FMT_LIM.1.1: 3
- FMT_LIM.2: 16
- FMT_LIM.2.1: 3
- FMT_MSA: 162
- FMT_MSA.1: 16
- FMT_MSA.2: 2
- FMT_MSA.3: 24
- FMT_MTD: 81
- FMT_MTD.1: 16
- FMT_MTD.3: 2
- FMT_SMF: 103
- FMT_SMF.1: 33
- FMT_SMF.1.1: 2
- FMT_SMR: 120
- FMT_SMR.1: 38
- FMT_SMR.1.1: 2
- FMT_SMR.1.2: 2
- FPR:
- FPR_UNO: 20
- FPR_UNO.1: 12
- FPR_UNO.1.1: 1
- FPT:
- FPT_EMS: 4
- FPT_EMS.1: 14
- FPT_EMS.1.1: 3
- FPT_EMS.1.2: 3
- FPT_FLS: 66
- FPT_FLS.1: 17
- FPT_FLS.1.1: 1
- FPT_ITT: 7
- FPT_ITT.1: 2
- FPT_PHP: 8
- FPT_PHP.3: 17
- FPT_PHP.3.1: 1
- FPT_RCV: 29
- FPT_RCV.3: 5
- FPT_RCV.4: 1
- FPT_TDC: 9
- FPT_TDC.1: 13
- FPT_TDC.1.1: 1
- FPT_TDC.1.2: 1
- FPT_TST: 9
- FPT_TST.1: 14
- FPT_TST.1.1: 1
- FPT_TST.1.2: 1
- FPT_TST.1.3: 1
- FRU:
- FTP:
- FTP_ITC: 38
- FTP_ITC.1: 11
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP: 19
- FTP_TRP.1: 14
|
| pdf_data/st_keywords/cc_claims |
- A:
- OE:
- OE.ADMIN_CREDENTIALS_SECURE: 1
- OE.NO_GENERAL_PURPOSE: 1
- OE.NO_THRU_TRAFFIC_PROTECTION: 1
- OE.PHYSICAL: 1
- OE.RESIDUAL_INFORMATION: 1
- OE.TRUSTED_ADMIN: 1
- OE.UPDATES: 1
|
- A:
- A.ADMIN: 3
- A.APPLET: 1
- A.APPS-PROVIDER: 4
- A.CAP_FILE: 3
- A.CONTROLLING-AUTHORITY: 4
- A.DELETION: 2
- A.ISSUER: 4
- A.KEY-ESCROW: 4
- A.KEYS-PROT: 4
- A.OS-UPDATE-EVIDENCE: 3
- A.OTA-ADMIN: 1
- A.PERSONALISER: 3
- A.PERSONALIZER: 1
- A.PRODUCTION: 4
- A.SCP-SUPP: 4
- A.SECURE_ACODE_MANAGEMENT: 3
- A.VERIFICATION: 4
- A.VERIFICATION-AUTHORITY: 4
- D:
- D.API_DATA: 4
- D.APP_CODE: 8
- D.APP_C_DATA: 6
- D.APP_I_DATA: 8
- D.APP_KEYS: 9
- D.APSD_DAP_KEYS: 1
- D.APSD_KEYS: 6
- D.CASD_DAP_KEYS: 1
- D.CASD_KEYS: 4
- D.CONFIRMATION-DATA: 2
- D.CRYPTO: 6
- D.CVM_MGMT_STATE: 3
- D.CVM_PIN: 3
- D.DAP_BLOCK: 1
- D.GP_CODE: 2
- D.GP_REGISTRY: 4
- D.ISD_KEYS: 6
- D.JCS_CODE: 7
- D.JCS_DATA: 9
- D.OS-: 1
- D.OS-UPDATE-CODE-ID: 3
- D.OS-UPDATE_ADDITIONALCODE: 4
- D.OS-UPDATE_DEC-KEY: 2
- D.OS-UPDATE_SGNVER-KEY: 3
- D.PIN: 6
- D.RECEIPT-GENERATION-KEY: 2
- D.SEC_DATA: 9
- D.TOE_IDENTIFIER: 2
- D.TOKEN-VERIFICATION-KEY: 2
- O:
- O.ALARM: 15
- O.APPLET: 28
- O.APPLI-AUTH: 7
- O.ARRAY_VIEWS_CONFID: 5
- O.ARRAY_VIEWS_INTEG: 3
- O.CARD-: 3
- O.CARD-MANAGEMENT: 22
- O.CIPHER: 13
- O.CODE_CAP_FILE: 23
- O.COMM-: 1
- O.COMM-AUTH: 5
- O.COMM-CONFIDENTIALITY: 4
- O.COMM-INTEGRITY: 5
- O.COMM_AUTH: 1
- O.COMM_CONFIDENTIALITY: 1
- O.COMM_INTEGRITY: 1
- O.CONFID-OS-UPDATE: 5
- O.CVM-BLOCK: 5
- O.CVM-MGMT: 6
- O.CVM-MGNT: 1
- O.CVM-MNGT: 1
- O.DELETION: 7
- O.DOMAIN-RIGHTS: 4
- O.DOMAIN_RIGHTS: 1
- O.FIREWALL: 14
- O.GLOBAL-CVM: 5
- O.GLOBAL_ARRAYS_CONFID: 8
- O.GLOBAL_ARRAYS_INTEG: 6
- O.INSTALL: 10
- O.JAVAOBJECT: 68
- O.KEY-MNGT: 7
- O.KEY_DELETION: 1
- O.LC-MANAGEMENT: 4
- O.LOAD: 11
- O.NATIVE: 10
- O.NO-KEY-REUSE: 4
- O.OBJ-DELETION: 5
- O.OBJ_DELETION: 1
- O.OPERATE: 17
- O.PIN-MNGT: 7
- O.PIN_MNGT: 2
- O.PRIVILEGES-: 1
- O.PRIVILEGES-MANAGEMENT: 5
- O.REALLOCATION: 6
- O.RECEIPT: 4
- O.RESOURCES: 9
- O.RND: 1
- O.RNG: 12
- O.SCP: 26
- O.SECURE_AC_ACTIVATION: 6
- O.SECURE_LOAD_ACODE: 8
- O.SECURITY-: 1
- O.SECURITY-DOMAINS: 3
- O.SECURITY_DOMAINS: 1
- O.SID: 13
- O.TOE_IDENTIFICATION: 7
- O.TOKEN: 5
- O.TRANSACTION: 7
- OE:
- OE.ADMIN: 2
- OE.AID-MANAGEMENT: 4
- OE.AP-KEYS: 3
- OE.APPLET: 1
- OE.APPLICATIONS: 3
- OE.APPS-PROVIDER: 4
- OE.CA-KEYS: 4
- OE.CAP_FILE: 5
- OE.CARD-MANAGEMENT: 1
- OE.CARD_MANAGEMENT: 1
- OE.CODE-EVIDENCE: 12
- OE.CONTROLLING-: 1
- OE.CONTROLLING-AUTHORITY: 3
- OE.DAP_BLOCK_GEN: 3
- OE.ISD-KEYS: 3
- OE.ISSUER: 4
- OE.ISSUER-KEYS: 1
- OE.KEY-: 2
- OE.KEY-CHANGE: 2
- OE.KEY-ESCROW: 4
- OE.KEY-GENERATION: 2
- OE.KEYS-PROT: 2
- OE.LOADING: 2
- OE.OS-: 3
- OE.OS-UPDATE-ENCRYPTION: 4
- OE.OS-UPDATE-EVIDENCE: 2
- OE.OTA-ADMIN: 1
- OE.OTA-LOADING: 1
- OE.OTA-SERVERS: 1
- OE.PERSONALISER: 2
- OE.PERSONALIZER: 1
- OE.PRODUCTION: 4
- OE.RECEIPT-VER: 1
- OE.RECEIPTVER: 1
- OE.SCP: 3
- OE.SCP-SUPP: 2
- OE.SECURE_ACODE_MANAGEMENT: 4
- OE.SECURITY-DOMAINS: 1
- OE.SERVERS: 3
- OE.TOKEN-GEN: 3
- OE.VA-KEYS: 1
- OE.VERIFICATION: 26
- OE.VERIFICATION-: 1
- OE.VERIFICATION-AUTHORITY: 2
- OP:
- OP.ARRAY_AASTORE: 3
- OP.ARRAY_ACCESS: 7
- OP.ARRAY_LENGTH: 3
- OP.ARRAY_T_ALOAD: 3
- OP.ARRAY_T_ASTORE: 3
- OP.CREATE: 11
- OP.DELETE_APPLET: 6
- OP.DELETE_CAP_FILE: 4
- OP.DELETE_CAP_FILE_APPLET: 4
- OP.INSTANCE_FIELD: 6
- OP.INVK_INTERFACE: 10
- OP.INVK_VIRTUAL: 8
- OP.JAVA: 8
- OP.PUT: 8
- OP.PUTFIELD: 1
- OP.PUTSTATIC: 1
- OP.THROW: 7
- OP.TYPE_ACCESS: 7
- OSP:
- OSP: 3
- OSP.ADDITIONAL_CODE_ENCRYPTION: 3
- OSP.ADDITIONAL_CODE_SIGNING: 3
- OSP.AID-MANAGEMENT: 4
- OSP.APPLICATIONS: 4
- OSP.APSD-KEYS: 4
- OSP.ATOMIC_ACTIVATION: 3
- OSP.CASD-KEYS: 4
- OSP.DAP_BLOCK_GEN: 3
- OSP.ISD-KEYS: 3
- OSP.ISSUER-KEYS: 1
- OSP.KEY-CHANGE: 4
- OSP.KEY-GENERATION: 4
- OSP.LOADING: 3
- OSP.OTA-LOADING: 1
- OSP.OTA-SERVERS: 1
- OSP.RECEIPT-VER: 3
- OSP.RNG: 3
- OSP.SECURITY-DOMAINS: 4
- OSP.SERVERS: 3
- OSP.TOE_IDENTIFICATION: 3
- OSP.TOKEN-GEN: 3
- OSP.VERIFICATION: 4
- OT:
- R:
- T:
- T.BRUTE-FORCE-CVM: 3
- T.BRUTE-FORCE-SCP: 5
- T.COM-EXPLOIT: 4
- T.COM_EXPLOIT: 2
- T.CONFID-APPLI-DATA: 4
- T.CONFID-JCS-CODE: 4
- T.CONFID-JCS-DATA: 4
- T.CONFID-OS-UPDATE-LOAD: 1
- T.CONFID-OS-UPDATE_LOAD: 2
- T.CVM-IMPERSONATE: 3
- T.CVM-UPDATE: 3
- T.DELETION: 6
- T.EXE-CODE: 8
- T.FAKE-SGNVER-KEY: 3
- T.INSTALL: 6
- T.INTEG: 1
- T.INTEG-APPLI-: 2
- T.INTEG-APPLI-CODE: 9
- T.INTEG-APPLI-DATA: 8
- T.INTEG-JCS-CODE: 4
- T.INTEG-JCS-DATA: 4
- T.INTEG-OS-UPDATE_LOAD: 2
- T.INTEGAPPLI-DATA: 1
- T.LIFE-CYCLE: 3
- T.LIFE_CYCLE: 2
- T.NATIVE: 4
- T.OBJ-DELETION: 4
- T.PHYSICAL: 4
- T.RECEIPT: 3
- T.RESOURCES: 4
- T.SID: 8
- T.TOKEN: 3
- T.UNAUTHORISED-CARD-MGMT: 4
- T.UNAUTHORISED-TOE-CODE-UPDATE: 3
- T.UNAUTHORIZED_CARD_MNGT: 2
- T.WRONG-UPDATE-STATE: 3
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- DES:
- constructions:
- MAC:
- HMAC: 9
- HMAC-SHA-256: 7
- HMAC-SHA-384: 4
- HMAC-SHA-512: 4
|
- AES_competition:
- AES:
- AES: 35
- AES-256: 1
- AES256: 1
- DES:
- 3DES:
- 3DES: 2
- TDEA: 1
- TDES: 18
- Triple-DES: 3
- DES:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
- ECC:
- FF:
- DH:
- DH: 7
- DHE: 1
- Diffie-Hellman: 8
- DSA:
- RSA:
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-256: 6
- SHA-384: 4
- SHA-512: 4
- SHA256: 17
|
- SHA:
- SHA1:
- SHA2:
- SHA-224: 1
- SHA-256: 5
- SHA-384: 4
- SHA-512: 4
- SHA2: 1
- SHA224: 1
- SHA3:
- SHA3: 2
- SHA3-256: 1
- SHA3-512: 1
|
| pdf_data/st_keywords/crypto_scheme |
|
- KA:
- Key Agreement: 6
- Key agreement: 2
- MAC:
|
| pdf_data/st_keywords/crypto_protocol |
- IKE:
- IPsec:
- SSH:
- TLS:
- SSL:
- SSL: 5
- SSL 2.0: 4
- SSL 3.0: 4
- TLS:
- TLS: 78
- TLS 1.0: 4
- TLS 1.1: 4
- TLS 1.2: 6
- TLS1.1: 1
- TLS1.2: 1
- TLSv1.1: 3
- TLSv1.2: 6
- VPN:
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- NIST:
- P-256: 18
- P-384: 12
- P-521: 10
- secp256r1: 7
- secp384r1: 7
- secp521r1: 3
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 7
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 7
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 7
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 5
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 7
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 7
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 5
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 7
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 5
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 5
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 5
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 5
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 5
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 5
- TLS_RSA_WITH_AES_128_CBC_SHA: 7
- TLS_RSA_WITH_AES_128_CBC_SHA256: 7
- TLS_RSA_WITH_AES_256_CBC_SHA: 7
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
- FI:
- Malfunction: 6
- Physical Tampering: 3
- fault induction: 2
- malfunction: 9
- physical tampering: 1
- SCA:
- DPA: 2
- Leak-Inherent: 3
- SPA: 1
- physical probing: 7
- timing attacks: 1
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
- EF:
- EF.DG1: 4
- EF.DG16: 4
- EF.DG3: 1
- EF.DG4: 1
|
| pdf_data/st_keywords/standard_id |
- FIPS:
- FIPS 140-2: 2
- FIPS 186-4: 3
- FIPS PUB 186-4: 18
- ISO:
- ISO/IEC 14888-: 1
- ISO/IEC 14888-3: 1
- ISO/IEC 18031:2011: 4
- ISO/IEC 9796-2: 2
- NIST:
- NIST SP 800-56A: 2
- SP 800-90A: 2
- PKCS:
- RFC:
- RFC 2818: 3
- RFC 2986: 2
- RFC 3268: 28
- RFC 3526: 3
- RFC 4253: 2
- RFC 4346: 4
- RFC 4492: 24
- RFC 5246: 30
- RFC 5280: 5
- RFC 5289: 44
- RFC 5759: 1
- RFC 6125: 3
- RFC 6960: 1
- RFC 8017: 2
- X509:
|
- BSI:
- AIS20: 2
- AIS31: 7
- BSI-AIS31: 1
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- FIPS:
- FIPS 180-4: 1
- FIPS 197: 2
- FIPS 198: 2
- FIPS180-4: 2
- FIPS197: 5
- FIPS202: 2
- ICAO:
- NIST:
- PKCS:
- SCP:
- SCP01: 4
- SCP02: 18
- SCP03: 16
- SCP10: 1
- SCP11: 1
- SCP21: 8
- SCP22: 1
- SCP80: 1
- SCP81: 1
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
- com:
- com.gemalto.belpic: 1
- com.gemalto.javacard.eid: 1
- com.gemalto.javacard.fido.ctap: 1
- com.gemalto.javacard.iasclassic: 1
- com.gemalto.javacard.mspnp: 1
- com.gemalto.javacardx.gdp: 1
- com.gemalto.moc.client: 1
- com.gemalto.moc.server: 1
- com.gemalto.mpcos: 1
- com.gemalto.puredi: 1
- com.gemalto.tacho: 1
- java:
- javacard:
- javacard.eid: 1
- javacard.fido.ctap: 1
- javacard.framework: 3
- javacard.iasclassic: 1
- javacard.mspnp: 1
- javacardx:
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- e., stateful inspection filtering, IPsec VPN gateway, IPS/IDS threat prevention) are not evaluated (out of scope). Only the secure communication channels from Panorama to firewalls and Wildfires are claimed. The: 1
- extent specified by the security functional requirements: TLS, HTTPS, SSH. The features below are out of scope. Table 2 Excluded Features Feature Description Telnet and HTTP Management Protocols Telnet and HTTP: 1
- out of scope: 3
- protocol and can be used to build a management interface. This feature is not tested and is out of scope. Stateful inspection filtering, VPN gateway, IPS/IDS threat prevention, URL filtering (PAN- DB: 1
|
- OutOfScope:
- The DELETE and INSTALL APDU commands are out of scope of this SPM: 1
- 1, are out of the scope of the SPM as they are linked to the applet loading or deletion that is out of scope of the SPM boundaries limited to VM opcodes The SFR FMT_MTD.3/JCRE is out of scope of the SPM: 1
- Context, the Selected Applet Context, and the Active Applets Note: the Selected Applet context is out of scope of the VM functionalities. It is a process that occurs prior to VM start The initial setting of: 1
- a timeout policy that prevent them from being blocked should a card fails to answer. That point is out of scope of this Security Target, though. Finally, the objectives O.SCP.RECOVERY and O.SCP.SUPPORT are: 1
- and deletion; see #.DELETION and #.INSTALL). The DELETE and INSTALL APDU commands are out of scope of this SPM. The list of registred applets’ AIDs is proven to be not modified during the execution: 1
- as a null reference. Such a mechanism is implementation-dependent. The deletion of applets is out of scope of this SPM scope. In the case of an array type, fields are components of the array ([JVM], §2.14: 1
- because AID registry is created during loading phase, which is also out of scope of the SPM (Hypothesis 2 of the SPM document [MAV51_SPM]). MultiApp V5.1: GP-SE Security Target ST: 1
- is also out of scope (Hypothesis 4 of the SPM document [MAV51_SPM]).. 3) S.CAP_FILE performing OP.ARRAY_AASTORE of the: 1
- out of scope: 9
- the active context is not the same as the Selected Applet Context. Application note: This rule is out of scope of the SPM modelisation because CLEAR_ON_DESELECT objects can be created exclusively in the API: 1
|
| pdf_data/st_metadata |
- /CreationDate: D:20191119084329-05'00'
- /ModDate: D:20191119084329-05'00'
- pdf_file_size_bytes: 1492668
- pdf_hyperlinks: https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=412, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=418, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=407, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=405, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=421, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=435, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=422, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=406, file:///C:/Users/beaverg/Desktop/CCTL%20Projects/Palo%20Alto%20Panorama/Received%20from%20Vendor/updates.paloaltonetworks.com, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=409, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=408, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=420, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=433, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=417, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=411, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=410, https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/technical-documentation/81/vm-series/vm-series-deployment/vm-series-deployment.pdf, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=419, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=434, https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/technical-documentation/81/panorama/panorama-admin/panorama-admin.pdf
- pdf_is_encrypted: False
- pdf_number_of_pages: 56
|
- /Author: THALES
- /CreationDate: D:20230411115549+02'00'
- /Creator: Microsoft® Word 2016
- /ModDate: D:20230411115549+02'00'
- /Producer: Microsoft® Word 2016
- /Title: MultiApp V5.1: GP-SE Security Target
- pdf_file_size_bytes: 5024450
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 188
|
| state/cert/convert_garbage |
True |
False |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
True |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |