| name |
Cisco X-ES Xpedite5205 Embedded Services Router |
L4Re Secure Separation Kernel CC Version 1.0.1 |
| category |
Data Protection |
Operating Systems |
| scheme |
US |
DE |
| status |
archived |
active |
| not_valid_after |
17.11.2016 |
18.02.2030 |
| not_valid_before |
17.11.2014 |
18.02.2025 |
| cert_link |
|
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1177c_pdf.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10576-vr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1177a_pdf.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10576-st.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1177b_pdf.pdf |
| manufacturer |
Cisco Systems, Inc. |
Kernkonzept GmbH |
| manufacturer_web |
https://www.cisco.com |
https://kernkonzept.com |
| security_level |
{} |
EAL4+, ALC_FLR.3 |
| dgst |
c686d7848cdd7943 |
7929b54ea442ff99 |
| heuristics/cert_id |
CCEVS-VR-VID-10576-2014 |
|
| heuristics/cert_lab |
US |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ASE_TSS.1, ADV_FSP.1, ALC_CMC.1, ASE_INT.1, ASE_OBJ.1, AVA_VAN.1, ATE_IND.1, ALC_CMS.1, AGD_OPE.1, ASE_REQ.1, ASE_CCL.1, ASE_ECD.1, AGD_PRE.1 |
ALC_FLR.3 |
| heuristics/extracted_versions |
- |
1.0.1 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
- category: Network Device, Router, Virtual Private Network
- certification_date: 17.11.2014
- evaluation_facility: Leidos Common Criteria Testing Laboratory
- expiration_date: 17.11.2016
- id: CCEVS-VR-VID10576
- product: Cisco X-ES Xpedite5205 Embedded Services Router
- scheme: US
- url: https://www.niap-ccevs.org/product/10576
- vendor: Cisco Systems, Inc.
|
- category: Operating systems
- cert_id: BSI-DSZ-CC-1177-2025
- certification_date: 18.02.2025
- enhanced:
- applicant: Kernkonzept GmbH Buchenstraße 16 b 01097 Dresden Deutschland
- assurance_level: EAL4+,ALC_FLR.3
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1177c_pdf.pdf?__blob=publicationFile&v=3
- certification_date: 18.02.2025
- description: The TOE is the L4Re Secure Separation Kernel CC 1.0.1 (L4Re SSK). L4Re SSK is a distribution of the open-source L4Re Operating System Framework. As such it is based on the L4Re Microkernel. The L4Re Microkernel is a 3rd-generation microkernel with a state-of-the-art capability-based mandatory access control security model. It allows the separation of applications into different security domains, information flow control, and, subject to access control, dynamic assignment of resources and communication channels. Further the L4Re Microkernel supports static workloads alongside dynamic workloads, which allows to start, restart and shutdown applications during runtime. L4Re SSK is configured to act as a separation kernel, to provide the security features claimed by the ST. The TOE supports native applications as well as virtual machines (VMs). Access to every resource including but not limited to memory, hardware devices and CPU cores is protected by capabilities. Applications and VMs can only access a resource if they possess a capability with suitable permissions for that resource.
- evaluation_facility: atsec information security GmbH
- expiration_date: 17.02.2030
- product: L4Re Secure Separation Kernel CC, Version 1.0.1
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1177a_pdf.pdf?__blob=publicationFile&v=3
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1177b_pdf.pdf?__blob=publicationFile&v=2
- product: L4Re Secure Separation Kernel CC, Version 1.0.1
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Betriebssysteme/1177.html
- vendor: Kernkonzept GmbH
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
bb67fb1b4f10e7a5, ac9abe3d5c5a31f0 |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp_nd_vpn_gw_ep_v1.1.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp_nd_v1.1.pdf |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
st_vid10576-vr.pdf |
|
| pdf_data/report_frontpage |
- US:
- cert_id: CCEVS-VR-VID10576-2014
- cert_item: For X-ES Xpedite5205 Embedded Services Router
- cert_lab: US NIAP
|
|
| pdf_data/report_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID10576-2014: 1
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
|
|
| pdf_data/report_keywords/cc_sar |
- ADV:
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.1: 1
- ASE_REQ.1: 1
- ASE_TSS.1: 1
- ATE:
- AVA:
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
- Cisco:
- Cisco: 26
- Cisco Systems, Inc: 2
|
|
| pdf_data/report_keywords/eval_facility |
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
- IKE:
- IPsec:
- SSH:
- TLS:
- VPN:
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
|
| pdf_data/report_metadata |
- /Author: Pierre, Marie Evencie
- /Company: SAIC
- /CreationDate: D:20141126103237-05'00'
- /Creator: Acrobat PDFMaker 10.1 for Word
- /ModDate: D:20141126103240-05'00'
- /Producer: Adobe PDF Library 10.0
- /SourceModified: D:20141126153219
- /Title: National Information Assurance Partnership
- pdf_file_size_bytes: 190922
- pdf_hyperlinks: http://www.cisco.com/en/US/products/ps11746/prod_command_reference_list.html, http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_pki/configuration/15-mt/sec-pki-15-mt-book.html, http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_zbf/configuration/15-mt/sec-data-zbf-15-mt-book.html, http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_cert_enroll_pki.pdf, http://www.cisco.com/en/US/docs/ios-xml/ios/net_mgmt/config_library/15-mt/netmgmt-15-mt-library.html, http://www.xes-inc.com/products/view/xpedite5205/, http://www.cisco.com/en/US/docs/solutions/GGSG-Engineering/15_2_3GC/Install/X-ES_Instructions.pdf, http://www.cisco.com/en/US/products/ps11746/products_installation_and_configuration_guides_list.html, http://www.cisco.com/en/US/docs/ios-xml/ios/security/config_library/15-mt/secuser-15-mt-library.html, http://www.cisco.com/en/US/docs/ios-xml/ios/sys-image-mgmt/configuration/15-mt/sysimgmgmt-15-mt-book.html, http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_ikevpn/configuration/15-1mt/Configuring_Internet_Key_Exchange_Version_2.html, http://www.cisco.com/en/US/docs/ios-xml/ios/fundamentals/configuration/15mt/fundamentals-15-mt-book.html, http://www.cisco.com/en/US/docs/ios-xml/ios/security/config_library/15-mt/secon-15-mt-library.html, http://www.niap-ccevs.org/
- pdf_is_encrypted: False
- pdf_number_of_pages: 18
|
|
| pdf_data/st_filename |
st_vid10576-st.pdf |
|
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- AGD:
- AGD_OPE.1: 2
- AGD_PRE.1: 2
- ALC:
- ALC_CMC.1: 2
- ALC_CMS.1: 2
- ATE:
- AVA:
|
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN.1: 4
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 4
- FAU_GEN.2.1: 1
- FAU_STG_EXT.1: 4
- FAU_STG_EXT.1.1: 1
- FCS:
- FCS_CKM.1: 7
- FCS_CKM.1.1: 1
- FCS_CKM.1.2: 1
- FCS_CKM_EXT.4: 5
- FCS_CKM_EXT.4.1: 1
- FCS_COP.1: 17
- FCS_COP.1.1: 7
- FCS_RBG_EXT.1: 4
- FCS_RBG_EXT.1.1: 1
- FCS_RBG_EXT.1.2: 1
- FCS_SSH_EXT.1: 3
- FCS_SSH_EXT.1.1: 1
- FCS_SSH_EXT.1.2: 1
- FCS_SSH_EXT.1.3: 1
- FCS_SSH_EXT.1.4: 1
- FCS_SSH_EXT.1.5: 1
- FCS_SSH_EXT.1.6: 1
- FCS_SSH_EXT.1.7: 1
- FDP:
- FDP_RIP.2: 4
- FDP_RIP.2.1: 1
- FIA:
- FIA_AFL.1: 3
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_PMG_EXT.1: 4
- FIA_PMG_EXT.1.1: 1
- FIA_PSK_EXT.1: 2
- FIA_PSK_EXT.1.1: 1
- FIA_PSK_EXT.1.2: 1
- FIA_PSK_EXT.1.3: 1
- FIA_PSK_EXT.1.4: 1
- FIA_UAU.7: 4
- FIA_UAU.7.1: 1
- FIA_UAU_EXT.2: 4
- FIA_UAU_EXT.2.1: 1
- FIA_UIA_EXT.1: 4
- FIA_UIA_EXT.1.1: 1
- FIA_UIA_EXT.1.2: 1
- FMT:
- FMT_MOF.1: 3
- FMT_MOF.1.1: 1
- FMT_MTD.1: 4
- FMT_MTD.1.1: 1
- FMT_SMF.1: 4
- FMT_SMF.1.1: 1
- FMT_SMR.2: 4
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
- FPT:
- FPT_APW_EXT.1: 4
- FPT_APW_EXT.1.1: 1
- FPT_APW_EXT.1.2: 1
- FPT_FLS.1: 3
- FPT_FLS.1.1: 1
- FPT_SKP_EXT.1: 4
- FPT_SKP_EXT.1.1: 1
- FPT_STM.1: 4
- FPT_STM.1.1: 1
- FPT_TST_EXT: 1
- FPT_TST_EXT.1: 3
- FPT_TST_EXT.1.1: 1
- FPT_TST_EXT.1.2: 1
- FPT_TUD_EXT.1: 3
- FTA:
- FTA_SSL.3: 6
- FTA_SSL.3.1: 2
- FTA_SSL.4: 4
- FTA_SSL.4.1: 1
- FTA_SSL_EXT.1: 4
- FTA_SSL_EXT.1.1: 1
- FTA_TAB.1: 5
- FTA_TAB.1.1: 1
- FTA_TSE.1: 1
- FTA_VCM_EXT.1: 1
- FTP:
- FTP_ITC.1: 4
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_TRP.1: 4
- FTP_TRP.1.1: 1
- FTP_TRP.1.2: 1
- FTP_TRP.1.3: 1
|
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.CONNECTIONS: 1
- A.NO_GENERAL_PURPOSE: 1
- A.PHYSICAL: 1
- A.TRUSTED_ADMIN: 1
- O:
- O.ADDRESS_FILTERING: 1
- O.AUTHENTICATION: 1
- O.CRYPTOGRAPHIC_FUNCTIONS: 1
- O.DISPLAY_BANNER: 1
- O.FAIL_SECURE: 1
- O.PORT_FILTERING: 1
- O.PROTECTED_COMMUNICATIONS: 1
- O.RESIDUAL_INFORMATION_CLEARING: 1
- O.SESSION_LOCK: 1
- O.SYSTEM_MONITORING: 1
- O.TOE_ADMINISTRATION: 1
- O.TSF_SELF_TEST: 1
- O.VERIFIABLE_UPDATES: 1
- OE:
- OE.CONNECTIONS: 1
- OE.NO_GENERAL_PURPOSE: 1
- OE.PHYSICAL: 1
- OE.TRUSTED_ADMIN: 1
- T:
- T.ADMIN_ERROR: 1
- T.DATA_INTEGRITY: 1
- T.NETWORK_DISCLOSURE: 1
- T.NETWORK_MISUSE: 1
- T.REPLAY_ATTACK: 1
- T.TSF_FAILURE: 2
- T.UNAUTHORIZED_ACCESS: 1
- T.UNAUTHORIZED_UPDATE: 1
- T.UNDETECTED_ACTIONS: 1
- T.USER_DATA_REUSE: 1
|
|
| pdf_data/st_keywords/vendor |
- Cisco:
- Cisco: 27
- Cisco Systems, Inc: 4
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- AES:
- AES: 15
- AES-: 1
- AES-256: 1
- DES:
- constructions:
|
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-256: 3
- SHA-384: 1
- SHA-512: 2
|
|
| pdf_data/st_keywords/crypto_scheme |
- KEX:
- Key Exchange: 2
- Key exchange: 1
- MAC:
|
|
| pdf_data/st_keywords/crypto_protocol |
- IKE:
- IKE: 33
- IKEv1: 10
- IKEv2: 8
- IPsec:
- SSH:
- VPN:
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- NIST:
- P-256: 6
- P-384: 6
- P-521: 6
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2012-009-001: 1
- CCMB-2012-009-002: 1
- CCMB-2012-009-003: 1
- CCMB-2012-009-004: 1
- FIPS:
- FIPS 140-2: 3
- FIPS 180-3: 1
- FIPS PUB 186-2: 2
- FIPS PUB 186-3: 8
- FIPS PUB 197: 1
- NIST:
- NIST SP 800-38A: 2
- NIST SP 800-38D: 2
- NIST SP 800-56A: 1
- NIST SP 800-56B: 1
- SP 800-90: 3
- RFC:
- RFC 2460: 2
- RFC 2560: 1
- RFC 2986: 1
- RFC 3602: 1
- RFC 4106: 1
- RFC 4109: 1
- RFC 4253: 1
- RFC 4301: 1
- RFC 4303: 1
- RFC 4945: 1
- RFC 5280: 3
- RFC 5282: 1
- RFC 5759: 1
- RFC 6379: 1
- RFC 768: 2
- RFC 791: 2
- RFC 793: 2
- X509:
|
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
|
| pdf_data/st_metadata |
- /Author: Debra Baker
- /Category:
- /Comments:
- /Company: Cisco Systems, Inc.
- /CreationDate: D:20141126103105-05'00'
- /Creator: Acrobat PDFMaker 10.1 for Word
- /Keywords:
- /Manager:
- /ModDate: D:20141126103113-05'00'
- /Models: X-ES XPedite5205
- /NDPP_version: 1.1
- /PP: Protection Profile for Network Devices
- /PP_2: Network Device Protection Profile Extended Package VPN Gateway
- /Producer: Adobe PDF Library 10.0
- /SourceModified: D:20141126152459
- /Subject:
- /TOE: X-ES Xpedite5205 Embedded Services Router
- /TOE_Software_Version: IOS 15.2(4)GC
- /TOE_short: ESR
- /Title: 1
- /VPNGW_version: 1.1
- /_Date: October 13, 2014
- /_Version: 1.0
- pdf_file_size_bytes: 532068
- pdf_hyperlinks: http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
- pdf_is_encrypted: False
- pdf_number_of_pages: 55
|
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
False |
| state/report/download_ok |
True |
False |
| state/report/extract_ok |
True |
False |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
False |
| state/st/download_ok |
True |
False |
| state/st/extract_ok |
True |
False |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |