| name |
Waterfall Unidirectional Security Gateway WF-500, Version 2.0 |
NetApp Storage Encryption (NSE) Running ONTAP 9.14.1 |
| category |
Boundary Protection Devices and Systems |
Other Devices and Systems |
| scheme |
NL |
US |
| status |
active |
active |
| not_valid_after |
24.03.2028 |
18.11.2026 |
| not_valid_before |
24.03.2023 |
18.11.2024 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/NSCIB-CC-23-0618820-cert.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11477-ci.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/NSCIB-CC-0618820-CR-1.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11477-vr.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/NSCIB-CC-0618820-STv3.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11477-st.pdf |
| manufacturer |
Waterfall Security Solutions Ltd. |
NetApp, Inc. |
| manufacturer_web |
https://www.waterfallsecurity.com |
https://www.netapp.com/ |
| security_level |
EAL4+, AVA_VAN.5, ALC_FLR.2, ALC_DVS.2 |
{} |
| dgst |
c891270d230bb586 |
ebcbec6fc7d39ca6 |
| heuristics/cert_id |
NSCIB-CC-0618820-CR |
CCEVS-VR-VID-11477-2024 |
| heuristics/cert_lab |
|
US |
| heuristics/cpe_matches |
{} |
cpe:2.3:a:netapp:ontap_9:-:*:*:*:*:*:*:* |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
CVE-2024-38475, CVE-2024-53580, CVE-2024-26458, CVE-2024-6119, CVE-2024-26461, CVE-2022-42915, CVE-2023-27535 |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ADV_TDS.3, ASE_CCL.1, ATE_FUN.1, ASE_OBJ.2, AVA_VAN.5, ASE_INT.1, ALC_CMC.4, ASE_REQ.2, AGD_PRE.1, ATE_IND.2, ATE_DPT.1, ASE_ECD.1, ADV_IMP.1, ALC_LCD.1, ALC_DVS.2, ALC_FLR.2, ASE_SPD.1, ATE_COV.2, ALC_TAT.1, AGD_OPE.1, ALC_CMS.4, ALC_DEL.1, ASE_TSS.1, ADV_FSP.4, ADV_ARC.1 |
ASE_CCL.1, AGD_PRE.1, ATE_FUN.1, ALC_CMC.1, ASE_SPD.1, AGD_OPE.1, ATE_IND.1, ASE_INT.1, ASE_ECD.1, ASE_OBJ.1, ASE_REQ.1, ALC_CMS.1, ASE_TSS.1, AVA_VAN.1, ADV_FSP.1 |
| heuristics/extracted_versions |
2.0 |
9.14.1 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
52d782dbb1cd05bd |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_FDE_AA_V2.0E.pdf |
| pdf_data/cert_filename |
NSCIB-CC-23-0618820-cert.pdf |
st_vid11477-ci.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
- US:
- CCEVS-VR-VID11477-2024: 1
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
- EAL:
- EAL2: 1
- EAL4: 2
- EAL4 augmented: 1
|
|
| pdf_data/cert_keywords/cc_sar |
- ALC:
- ALC_DVS.2: 1
- ALC_FLR.2: 1
- ALC_FLR.3: 2
- AVA:
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
- BrightSight:
- SGS:
- SGS: 1
- SGS Brightsight: 1
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
- ISO:
- ISO/IEC 15408-1: 1
- ISO/IEC 15408-2: 1
- ISO/IEC 15408-3: 1
- ISO/IEC 18045: 2
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /Author: kruitr
- /CreationDate: D:20230331124350+02'00'
- /Creator: Bullzip PDF Printer (11.10.0.2761)
- /ModDate: D:20230331124510+02'00'
- /Producer: PDF Printer / www.bullzip.com / FPG / TUV Rheinland Service GmbH
- /Title: Microsoft Word - NSCIB-CC-23-0618820-cert.doc
- pdf_file_size_bytes: 268471
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
- /Producer: WeasyPrint 62.3
- /Title: VID11477-FINAL CERT
- pdf_file_size_bytes: 136132
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
| pdf_data/report_filename |
NSCIB-CC-0618820-CR-1.pdf |
st_vid11477-vr.pdf |
| pdf_data/report_frontpage |
- NL:
- cert_id: NSCIB-CC-0618820-CR
- cert_item: Waterfall Unidirectional Security Gateway WF-500, Version 2.0
- cert_lab: SGS Brightsight B.V.
- developer: Waterfall Security Solutions, Ltd
- US:
|
- NL:
- US:
- cert_id: CCEVS-VR-VID11477-2024
- cert_item: for NetApp Storage Encryption (NSE) Running ONTAP 9.14.1
- cert_lab: US NIAP
|
| pdf_data/report_keywords/cc_cert_id |
- NL:
- NSCIB-CC-0618820-CR: 11
- NSCIB-CC-17-119023: 1
|
- US:
- CCEVS-VR-VID11477-2024: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 4: 1
- EAL4: 2
- EAL4 augmented: 1
- EAL4+: 2
|
|
| pdf_data/report_keywords/cc_sar |
- ALC:
- ALC_DVS.2: 2
- ALC_FLR.2: 2
- AVA:
|
- ADV:
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ATE:
- AVA:
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
- BrightSight:
- SGS:
- SGS: 2
- SGS Brightsight: 2
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
|
- NIST:
- NIST SP 800-132: 1
- NIST SP 800-38F: 1
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- OutOfScope:
- and WF-500-Standard-Split, and the host agents exist in the same cabinet. However, those agents are out of scope of the TOE as well. The TOE has been evaluated by SGS Brightsight B.V. located in Delft, The: 1
- out of scope: 1
|
- OutOfScope:
- not tested in the evaluated configuration. System Manager GUI The System Manager GUI is considered out of scope and all management is performed via the command line interface. VMware Virtualization VMware: 1
- out of scope: 1
|
| pdf_data/report_metadata |
|
|
| pdf_data/st_filename |
NSCIB-CC-0618820-STv3.pdf |
st_vid11477-st.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL 4: 3
- EAL 4 augmented: 1
- EAL4: 12
- EAL4 augmented: 1
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 6
- ADV_FSP.1: 2
- ADV_FSP.2: 2
- ADV_FSP.4: 8
- ADV_IMP.1: 5
- ADV_TDS.1: 1
- ADV_TDS.2: 1
- ADV_TDS.3: 8
- AGD:
- AGD_OPE.1: 6
- AGD_PRE.1: 6
- ALC:
- ALC_CMC.4: 2
- ALC_CMS.4: 2
- ALC_DEL.1: 2
- ALC_DVS.1: 2
- ALC_DVS.2: 9
- ALC_FLR.2: 7
- ALC_LCD.1: 4
- ALC_TAT.1: 3
- ASE:
- ASE_CCL.1: 2
- ASE_ECD.1: 6
- ASE_INT.1: 3
- ASE_OBJ.2: 3
- ASE_REQ.1: 2
- ASE_REQ.2: 3
- ASE_SPD.1: 2
- ASE_TSS.1: 2
- ATE:
- ATE_COV.1: 1
- ATE_COV.2: 4
- ATE_DPT.1: 4
- ATE_FUN.1: 8
- ATE_IND.2: 2
- AVA:
|
- ADV:
- AGD:
- AGD_OPE.1: 12
- AGD_PRE.1: 8
- ALC:
- ALC_CMC.1: 6
- ALC_CMS.1: 7
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.1: 1
- ASE_REQ.1: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 2
- ATE:
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FDP:
- FDP_IFC.1: 1
- FDP_IFC.2: 8
- FDP_IFC.2.1: 1
- FDP_IFC.2.2: 1
- FDP_IFF.1: 8
- FDP_IFF.1.1: 1
- FDP_IFF.1.2: 1
- FDP_IFF.1.3: 1
- FDP_IFF.1.4: 1
- FDP_IFF.1.5: 1
- FMT:
|
- FCS:
- FCS_AFA_EXT: 4
- FCS_AFA_EXT.1: 7
- FCS_AFA_EXT.1.1: 2
- FCS_AFA_EXT.2: 6
- FCS_AFA_EXT.2.1: 1
- FCS_CKM.1: 9
- FCS_CKM.1.1: 1
- FCS_CKM.4: 16
- FCS_CKM.4.1: 2
- FCS_CKM_EXT.4: 16
- FCS_CKM_EXT.4.1: 2
- FCS_COP.1: 45
- FCS_COP.1.1: 9
- FCS_KDF_EXT: 4
- FCS_KDF_EXT.1: 7
- FCS_KDF_EXT.1.1: 1
- FCS_KYC_EXT: 4
- FCS_KYC_EXT.1: 4
- FCS_KYC_EXT.1.1: 1
- FCS_KYC_EXT.1.2: 1
- FCS_KYC_EXT.2: 2
- FCS_PCC_EXT: 4
- FCS_PCC_EXT.1: 8
- FCS_PCC_EXT.1.1: 1
- FCS_RBG_EXT: 1
- FCS_RBG_EXT.1: 12
- FCS_RBG_EXT.1.1: 1
- FCS_RBG_EXT.1.2: 1
- FCS_SNI_EXT: 2
- FCS_SNI_EXT.1: 7
- FCS_SNI_EXT.1.1: 1
- FCS_SNI_EXT.1.2: 1
- FCS_SNI_EXT.1.3: 1
- FCS_VAL_EXT: 2
- FCS_VAL_EXT.1: 9
- FCS_VAL_EXT.1.1: 1
- FCS_VAL_EXT.1.2: 1
- FCS_VAL_EXT.1.3: 1
- FMT:
- FMT_MOF: 2
- FMT_MOF.1: 6
- FMT_MOF.1.1: 1
- FMT_SMF: 4
- FMT_SMF.1: 4
- FMT_SMF.1.1: 1
- FMT_SMR: 4
- FMT_SMR.1: 3
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FPT_KYP_EXT: 4
- FPT_KYP_EXT.1: 5
- FPT_KYP_EXT.1.1: 2
- FPT_PWR_EXT: 8
- FPT_PWR_EXT.1: 8
- FPT_PWR_EXT.1.1: 1
- FPT_PWR_EXT.2: 4
- FPT_PWR_EXT.2.1: 1
- FPT_TST_EXT: 4
- FPT_TST_EXT.1: 6
- FPT_TST_EXT.1.1: 1
- FPT_TUD_EXT: 4
- FPT_TUD_EXT.1: 4
- FPT_TUD_EXT.1.1: 1
- FPT_TUD_EXT.1.2: 1
- FPT_TUD_EXT.1.3: 1
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.ADMIN: 3
- A.NETWORK: 4
- A.PHYSICAL: 4
- O:
- OE:
- T:
- T.HACK_HIGH: 1
- T.HACK_LOW: 3
- T.LEAKAGE: 2
|
- OE:
- OE.INITIAL_DRIVE_STATE: 1
- OE.PASSPHRASE_STRENGTH: 1
- OE.PHYSICAL: 1
- OE.PLATFORM_STATE: 1
- OE.POWER_DOWN: 1
- OE.SINGLE_USE_ET: 1
- OE.STRONG_ENVIRONMENT_CRYPTO: 1
- OE.TRAINED_USERS: 1
- OE.TRUSTED_CHANNEL: 1
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
- AES_competition:
- AES:
- AES: 8
- AES-128: 1
- AES-256: 5
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
- PBKDF:
- SHA:
- SHA2:
- SHA-256: 9
- SHA-384: 5
- SHA-512: 9
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
|
- FIPS:
- FIPS 186-4: 1
- FIPS PUB 186-4: 2
- ISO:
- ISO/IEC 10118: 2
- ISO/IEC 18031:2011: 1
- ISO/IEC 18033-3: 1
- ISO/IEC 9796-2: 2
- NIST:
- NIST SP 800-132: 5
- NIST SP 800-38F: 2
- NIST SP 800-90A: 3
- PKCS:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- fiber optic cable and relays the data to a server equipped with Waterfall software. Agent Host (out of scope of the TOE) TX & RX Agent Host Modules: is a normal PC, it can transmit data to the TX for: 1
- out of scope: 1
|
- OutOfScope:
- not tested in the evaluated configuration. System Manager GUI The System Manager GUI is considered out of scope and all management is performed via the command line interface. VMware Virtualization VMware: 1
- out of scope: 2
- to the security functional requirements specified in this Security Target. The features below are out of scope. Feature Description SnapLock NetApp SnapLock is the WORM (write once, read many) compliance: 1
|
| pdf_data/st_metadata |
- /Author: Waterfall Security Solutions
- /CreationDate: D:20230324114901+01'00'
- /Creator: Microsoft® Word 2010
- /ModDate: D:20230324114901+01'00'
- /Producer: Microsoft® Word 2010
- /Subject: WF-500 V2
- /Title: Waterfall Unidirectional Security Gateway
- pdf_file_size_bytes: 1808722
- pdf_hyperlinks: https://waterfall-security.com/company/legal, http://www.waterfall-security.com/
- pdf_is_encrypted: False
- pdf_number_of_pages: 32
|
|
| state/cert/convert_garbage |
None |
None |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
True |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
None |
None |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
None |
None |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |