| name |
Palo Alto Networks PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series Next-Generation Firewall with PAN-OS 4.0.12-h2 and User Identification Agent v3.1.2 |
IPCOM EX Series Firmware Security Component V1.0.00 |
| category |
Boundary Protection Devices and Systems |
Boundary Protection Devices and Systems |
| scheme |
US |
JP |
| status |
archived |
archived |
| not_valid_after |
22.04.2015 |
07.01.2013 |
| not_valid_before |
11.04.2013 |
22.03.2007 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10392-vr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0088_ecvr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10392-st.pdf |
|
| manufacturer |
Palo Alto Networks, Inc. |
Fujitsu Limited |
| manufacturer_web |
https://www.paloaltonetworks.com/ |
https://www.fujitsu.com/ |
| security_level |
ATE_DPT.3, EAL4+, ALC_FLR.2 |
EAL1 |
| dgst |
bdc993babbbfb13c |
bd0bcbdf2f54de16 |
| heuristics/cert_id |
CCEVS-VR-VID-10392-2013 |
JISEC-CC-CRP-C0088 |
| heuristics/cert_lab |
US |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ALC_CMC.4, ADV_IMP.1, ATE_COV.2, ALC_TAT.1, ALC_DEL.1, ALC_LCD.1, ADV_FSP.5, AGD_OPE.1, ADV_INT.1, AVA_VAN.3, AGD_PRE.1, ALC_CMS.4, ATE_FUN.1, ATE_DPT.3, ADV_ARC.1, ADV_TDS.4, ALC_FLR.2, ALC_DVS.1, ATE_IND.2 |
{} |
| heuristics/extracted_versions |
3.1.2, 4.0.12 |
1.0.00 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- category: Firewall
- certification_date: 11.04.2013
- evaluation_facility: Leidos Common Criteria Testing Laboratory
- expiration_date: 11.04.2015
- id: CCEVS-VR-VID10392
- product: Palo Alto Networks PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series Next-Generation Firewall with PAN-OS 4.0.12-h2 and User Identification Agent v3.1.2
- scheme: US
- url: https://www.niap-ccevs.org/product/10392
- vendor: Palo Alto Networks, Inc.
|
- cert_id: JISEC-CC-CRP-C0330
- certification_date: 01.11.2011
- claim: EAL1+ ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1
- enhanced:
- assurance_level: EAL1 Augmented with ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1
- cc_version: 3.1
- description: PRODUCT DESCRIPTION Description of TOE The TOE is a firewall module within the firmware of the integrated network server IPCOM EX. It is located at a boundary point of multiple networks, and provides "IP packet filtering" with which IP packet data received from a network can be delivered to other networks or discarded according to predefined rules (filtering rules). In addition to "IP packet filtering", the TOE provides security functions including "configuration management" that allows only an identified and authenticated administrator to configure the settings for the security function, and "operational assistance management" that records events for the audit trail, such as discarding or passing the IP packet data. TOE security functionality The main security functions of the TOE are as follows: - IP packet filtering Passes or discards the IP packet data sent and received among the multiple LAN interfaces according to the filtering rules set by the system administrator. - Configuration management Allows only a valid administrator that has been identified and authenticated to set or change the information of the TOE configuration definition, such as filtering rules or network settings. - Operational assistance management Stores or backs up the IP packet process records received from "configuration management" or "IP packet filtering", and the audit records that are the TOE behavior results.
- evaluation_facility: Information Technology Security Center Evaluation Department
- product: IPCOM EX Series Firmware Security Component
- product_type: Firewall module
- protection_profile: none
- toe_version: V2.0.01
- vendor: Fujitsu Limited
- expiration_date: 01.12.2016
- supplier: Fujitsu Limited
- toe_japan_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0330_it1351.html
- toe_japan_name: IPCOM EX Series Firmware Security Component V2.0.01
- toe_overseas_link: None
- toe_overseas_name: -----
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
st_vid10392-vr.pdf |
c0088_ecvr.pdf |
| pdf_data/report_frontpage |
- US:
- cert_id: CCEVS-VR-VID10392-2013
- cert_item: Palo Alto Networks PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series Next-Generation Firewall running PAN-OS 4.0.12-h2
- cert_lab: US NIAP
|
|
| pdf_data/report_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID10392-2013: 1
|
- JP:
- Certification No. C0088: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 4: 3
- EAL 4 augmented: 3
|
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.4: 1
- ADV_IMP.1: 1
- ADV_TDS.3: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.4: 1
- ALC_CMS.4: 1
- ALC_DEL.1: 1
- ALC_DVS.1: 1
- ALC_FLR.2: 5
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ATE:
- ATE_COV.2: 1
- ATE_DPT: 1
- ATE_DPT.3: 4
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
- ITSC:
- Information Technology Security Center: 1
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCIMB-2006-09-001: 1
- CCIMB-2007-09-002: 1
- CCIMB-2007-09-003: 1
- CCIMB-2007-09-004: 1
- FIPS:
- NIST:
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
|
| pdf_data/report_metadata |
- /Author: SAIC
- /CreationDate: D:20130514115641
- /Creator: Microsoft® Office Word 2007
- /ModDate: D:20130514115641
- /Producer: Microsoft® Office Word 2007
- /Subject: Validation Report
- /Title: Palo Alto Networks Inc. PA-Series Next Generation Firewall
- pdf_file_size_bytes: 483560
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 28
|
- /CreationDate: D:20070323205356+09'00'
- /ModDate: D:20070323205356+09'00'
- /Producer: Acrobat Distiller 6.0 (Windows)
- /Title: untitled
- pdf_file_size_bytes: 13167
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/st_filename |
st_vid10392-st.pdf |
|
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL 4: 1
- EAL4: 3
- EAL4 augmented: 3
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC: 1
- ADV_ARC.1: 10
- ADV_FSP: 1
- ADV_FSP.4: 11
- ADV_FSP.5: 1
- ADV_IMP: 1
- ADV_IMP.1: 7
- ADV_INT.1: 1
- ADV_TDS: 1
- ADV_TDS.3: 15
- ADV_TDS.4: 1
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 10
- AGD_PRE: 1
- AGD_PRE.1: 6
- ALC:
- ALC_CMC: 1
- ALC_CMC.4: 15
- ALC_CMS: 1
- ALC_CMS.4: 6
- ALC_DEL: 1
- ALC_DEL.1: 5
- ALC_DVS: 1
- ALC_DVS.1: 5
- ALC_FLR: 1
- ALC_FLR.2: 16
- ALC_LCD: 1
- ALC_LCD.1: 6
- ALC_TAT: 1
- ALC_TAT.1: 7
- ATE:
- ATE_COV: 1
- ATE_COV.2: 5
- ATE_DPT: 1
- ATE_DPT.3: 9
- ATE_FUN: 1
- ATE_FUN.1: 8
- ATE_IND: 1
- ATE_IND.2: 7
- AVA:
|
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_ARP: 2
- FAU_ARP.1: 4
- FAU_ARP.1.1: 1
- FAU_GEN: 10
- FAU_GEN.1: 4
- FAU_GEN.2: 1
- FAU_SAA: 7
- FAU_SAA.1: 2
- FAU_SAR: 4
- FAU_SAR.1: 3
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FAU_SAR.2: 4
- FAU_SAR.2.1: 1
- FAU_SAR.3: 3
- FAU_SAR.3.1: 1
- FAU_SEL: 5
- FAU_SEL.1: 2
- FAU_STG: 10
- FAU_STG.1: 4
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FAU_STG.3: 4
- FAU_STG.3.1: 1
- FCS:
- FCS_CKM: 2
- FCS_CKM.1: 9
- FCS_CKM.1.1: 2
- FCS_CKM.2: 3
- FCS_CKM.2.1: 1
- FCS_CKM.4: 5
- FCS_CKM.4.1: 1
- FCS_CKM_EXT: 1
- FCS_CKM_EXT.2: 1
- FCS_COP: 1
- FCS_COP.1: 27
- FCS_COP.1.1: 6
- FCS_COP_EXT.1: 1
- FDP:
- FDP_IFC.1: 19
- FDP_IFC.1.1: 3
- FDP_IFF.1: 21
- FDP_IFF.1.1: 3
- FDP_IFF.1.2: 5
- FDP_IFF.1.3: 3
- FDP_IFF.1.4: 3
- FDP_IFF.1.5: 3
- FDP_IFF.1.6: 2
- FDP_ITC.1: 2
- FDP_ITC.2: 2
- FDP_RIP: 1
- FDP_RIP.2: 3
- FDP_RIP.2.1: 1
- FIA:
- FIA_AFL: 1
- FIA_AFL.1: 4
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_ATD: 1
- FIA_ATD.1: 4
- FIA_ATD.1.1: 1
- FIA_UAU: 1
- FIA_UAU.1: 5
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UID: 1
- FIA_UID.2: 3
- FIA_UID.2.1: 1
- FIA_USB: 1
- FIA_USB.1: 3
- FIA_USB.1.1: 1
- FMT:
- FMT_MOF.1: 25
- FMT_MOF.1.1: 7
- FMT_MSA: 11
- FMT_MSA.1: 5
- FMT_MSA.3: 11
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD.1: 24
- FMT_MTD.1.1: 7
- FMT_MTD.2: 10
- FMT_MTD.2.1: 2
- FMT_MTD.2.2: 2
- FMT_REV: 1
- FMT_REV.1: 3
- FMT_REV.1.1: 1
- FMT_REV.1.2: 1
- FMT_SMR: 1
- FMT_SMR.1: 1
- FMT_SMR.2: 3
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 2
- FPT:
- FPT_FLS: 2
- FPT_FLS.1: 7
- FPT_FLS.1.1: 1
- FPT_ITC: 3
- FPT_ITC.1: 5
- FPT_ITC.1.1: 1
- FPT_ITT: 2
- FPT_ITT.1: 6
- FPT_ITT.1.1: 1
- FPT_RCV: 1
- FPT_RCV.1: 3
- FPT_RCV.1.1: 1
- FPT_RPL: 1
- FPT_RPL.1: 3
- FPT_RPL.1.1: 1
- FPT_RPL.1.2: 1
- FPT_STM: 1
- FPT_STM.1: 6
- FPT_STM.1.1: 1
- FPT_TST.1: 10
- FPT_TST.1.1: 2
- FPT_TST.1.2: 2
- FPT_TST.1.3: 2
- FRU:
- FRU_FLT: 2
- FRU_FLT.1: 6
- FRU_FLT.1.1: 1
- FRU_RSA.1: 11
- FRU_RSA.1.1: 2
- FTA:
- FTA_SSL: 4
- FTA_SSL.1: 1
- FTA_SSL.2: 4
- FTA_SSL.2.1: 1
- FTA_SSL.2.2: 1
- FTA_SSL.3: 5
- FTA_SSL.3.1: 1
- FTA_TAB: 1
- FTA_TAB.1: 4
- FTA_TAB.1.1: 1
- FTA_TSE: 1
- FTA_TSE.1: 3
- FTA_TSE.1.1: 1
- FTP:
- FTP_ITC.1: 8
- FTP_ITC.1.1: 2
- FTP_ITC.1.2: 2
- FTP_ITC.1.3: 2
- FTP_TRP.1: 8
- FTP_TRP.1.1: 2
- FTP_TRP.1.2: 2
- FTP_TRP.1.3: 2
|
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.NO_GENERAL_PURPOSE: 1
- A.NO_TOE_BYPASS: 1
- A.PHYSICAL: 1
- A.UIA_ONLY: 1
- O:
- O.ADMIN_ROLE: 1
- O.AUDIT_GENERATION: 1
- O.AUDIT_PROTECTION: 1
- O.AUDIT_REVIEW: 1
- O.CHANGE_MANAGEMENT: 1
- O.CORRECT_: 1
- O.CRYPTOGRAPHIC_: 1
- O.CRYPTOGRAPHY_: 1
- O.DISPLAY_BANNER: 1
- O.DOCUMENT_KEY_LEAKAGE: 1
- O.MAINT_MODE: 2
- O.MANAGE: 2
- O.MEDIATE: 4
- O.REPLAY_DETECTION: 1
- O.RESIDUAL_INFORMATION: 1
- O.RESOURCE_SHARING: 1
- O.ROBUST_ADMIN_GUIDANCE: 1
- O.ROBUST_TOE_ACCESS: 1
- O.SELF_PROTECTION: 2
- O.SOUND_IMPLEMENTATION: 1
- O.THOROUGH_FUNCTIONAL_: 1
- O.TIME_STAMPS: 1
- O.TRUSTED_PATH: 1
- O.VULNERABILITY_ANALYSIS_TEST: 1
- OE:
- OE.CRYPTANALYTIC: 1
- OE.NO_GENERAL_PURPOSE: 1
- OE.NO_TOE_BYPASS: 1
- OE.PHYSICAL: 1
- OE.UIA_ONLY: 1
- T:
- T.ADDRESS_MASQUERADE: 1
- T.ADMIN_ERROR: 1
- T.ADMIN_ROGUE: 1
- T.AUDIT_COMPROMISE: 1
- T.CRYPTO_COMPROMISE: 1
- T.FLAWED_DESIGN: 1
- T.FLAWED_IMPLEMENTATION: 1
- T.MALICIOUS_TSF_: 1
- T.MASQUERADE: 1
- T.POOR_TEST: 1
- T.REPLAY: 1
- T.RESIDUAL_DATA: 1
- T.RESOURCE_EXHAUSTION: 1
- T.SPOOFING: 1
- T.UNATTENDED_SESSION: 1
- T.UNAUTHORIZED_ACCESS: 1
- T.UNIDENTIFIED_ACTIONS: 1
- T.UNKNOWN_STATE: 1
|
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- constructions:
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-2: 1
- SHA-256: 1
- SHA-384: 2
- SHA-512: 2
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
- IKE:
- IPsec:
- SSH:
- TLS:
- SSL:
- TLS:
- TLS: 3
- TLS 1.2: 1
- TLS v1.0: 3
- TLSv1.0: 1
- VPN:
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 1
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 1
- TLS_RSA_WITH_AES_128_CBC_SHA: 1
- TLS_RSA_WITH_AES_256_CBC_SHA: 1
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2007-09-002: 1
- CCMB-2007-09-003: 1
- FIPS:
- FIPS 140-2: 12
- FIPS 180-3: 1
- FIPS PUB 140-2: 7
- FIPS140-2: 1
- NIST:
- RFC:
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
|
| pdf_data/st_metadata |
|
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
False |
| state/st/download_ok |
True |
False |
| state/st/extract_ok |
True |
False |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |