| name |
Sophos Firewall OS Version 17.01 |
Kaspersky Endpoint Security 10 for Windows with Kaspersky Full Disk Encryption 3.0 version 10.3.0.6294 AES256 |
| category |
Network and Network-Related Devices and Systems |
Other Devices and Systems |
| scheme |
DE |
ES |
| status |
archived |
archived |
| not_valid_after |
18.02.2025 |
24.04.2023 |
| not_valid_before |
18.02.2020 |
24.04.2018 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1016c_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/2014-40-CCRA.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1016a_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/2014-40-INF-2261%20v3.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1016b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/2014-40-ST.pdf |
| manufacturer |
Sophos Ltd. |
Kaspersky Lab UK Ltd. |
| manufacturer_web |
https://www.sophos.com |
https://www.kaspersky.co.uk/ |
| security_level |
EAL4+, ALC_FLR.3 |
EAL2+, ALC_FLR.1 |
| dgst |
ce56716f394fc63d |
f44160f29ebcdda3 |
| heuristics/cert_id |
BSI-DSZ-CC-1016-2020 |
2014-40-INF-2261 |
| heuristics/cert_lab |
BSI |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
AGD_OPE.1, ALC_DEL.1, AGD_PRE.1, ALC_CMC.4, ADV_FSP.4, ALC_CMS.4, AVA_VAN.3, ALC_DVS.1, ALC_TAT.1, ALC_LCD.1, ATE_DPT.1, ADV_IMP.1, ADV_ARC.1, ATE_IND.2, ADV_TDS.3, ALC_FLR.3, ATE_COV.2, ATE_FUN.1 |
ALC_FLR.1, AGD_OPE.1, ASE_ECD.1, ADV_FSP.2, ALC_DEL.1, ALC_CMS.2, ATE_COV.1, ADV_ARC.1, AVA_VAN.2, ASE_SPD.1, ASE_INT.1, ASE_OBJ.2, ASE_CCL.1, ASE_REQ.2, ATE_IND.2, ADV_TDS.1, ASE_TSS.1, ATE_FUN.1, AGD_PRE.1, ALC_CMC.2 |
| heuristics/extracted_versions |
17.01 |
3.0, 10.3.0.6294 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
{} |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
{} |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
1016c_pdf.pdf |
2014-40-CCRA.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
- EAL:
- EAL 2: 1
- EAL 4: 1
- EAL 4 augmented: 1
|
- EAL:
- EAL2: 1
- EAL2 augmented: 1
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20200302104521+01'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung Sophos Firewall OS Version 17.0"
- /ModDate: D:20200302113344+01'00'
- /Producer: LibreOffice 6.2
- /Subject: Sophos Firewall OS Version 17.0
- /Title: Certification Report BSI-DSZ-CC-1016-2020
- pdf_file_size_bytes: 305856
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
- /CreationDate: D:20180426105026+02'00'
- pdf_file_size_bytes: 841525
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 2
|
| pdf_data/report_filename |
1016a_pdf.pdf |
2014-40-INF-2261 v3.pdf |
| pdf_data/report_frontpage |
- DE:
- cc_security_level: Common Criteria Part 3 extended EAL 4 augmented by ALC_FLR.3
- cc_version: Product specific Security Target Common Criteria Part 2 conformant
- cert_id: BSI-DSZ-CC-1016-2020
- cert_item: Sophos Firewall OS Version 17.0
- cert_lab: BSI
- developer: Sophos Ltd
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: None
|
|
| pdf_data/report_keywords/cc_cert_id |
|
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 1
- EAL 2: 2
- EAL 2+: 1
- EAL 4: 5
- EAL 4 augmented: 3
|
- EAL:
- EAL 1: 1
- EAL 2: 1
- EAL 4: 2
- EAL2: 6
- ITSEC:
|
| pdf_data/report_keywords/cc_sar |
|
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ALC_FLR: 2
- ALC_FLR.1: 5
- ALC_FLR.2: 1
- ASE:
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
| pdf_data/report_keywords/cc_sfr |
|
- FCS:
- FCS_CKM.1: 2
- FCS_CKM.4: 1
- FCS_COP.1: 4
- FDP:
- FDP_ACC.1: 3
- FDP_ACF.1: 3
- FDP_IFC.1: 1
- FDP_IFF.1: 1
- FIA:
- FIA_UAU.2: 1
- FIA_UID.2: 1
- FMT:
- FMT_MSA.1: 4
- FMT_MSA.3: 4
- FMT_MTD.1: 1
- FMT_SMF.1: 1
- FMT_SMR.1: 1
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
- SRC:
- SRC Security Research & Consulting: 3
|
|
| pdf_data/report_keywords/symmetric_crypto |
|
- AES_competition:
- constructions:
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- BSI:
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
|
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- ConfidentialDocument:
- Version 1.2, 05.02.2020, Sophos Firewall OS Version 17.0, SRC Security Research & Consulting GmbH (confidential document) [8] Guidance Documentation Supplement Sophos Firewall OS Version 17.0, Version 1.00, Sophos Ltd: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
|
|
| pdf_data/report_metadata |
|
|
| pdf_data/st_filename |
1016b_pdf.pdf |
2014-40-ST.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL4: 7
- EAL4 augmented: 3
- EAL4+: 2
|
- EAL:
- EAL 2+: 1
- EAL2: 7
- EAL2 augmented: 3
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.4: 1
- ADV_IMP.1: 1
- ADV_TDS.3: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.4: 1
- ALC_CMS.4: 1
- ALC_DEL.1: 1
- ALC_DVS.1: 1
- ALC_FLR.3: 7
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ATE:
- ATE_COV.2: 1
- ATE_DPT.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ALC_FLR.1: 8
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN.1: 13
- FAU_GEN.1.1: 2
- FAU_GEN.1.2: 1
- FAU_SAR.1: 9
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FAU_SAR.3: 6
- FAU_SAR.3.1: 1
- FAU_STG.1: 7
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FDP:
- FDP_ACC: 1
- FDP_ACC.1: 1
- FDP_IFC.1: 15
- FDP_IFC.1.1: 2
- FDP_IFF: 1
- FDP_IFF.1: 10
- FDP_IFF.1.1: 2
- FDP_IFF.1.2: 1
- FDP_IFF.1.3: 1
- FDP_IFF.1.4: 1
- FDP_IFF.1.5: 1
- FIA:
- FIA_AFL.1: 6
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_UAU.1: 2
- FIA_UAU.2: 9
- FIA_UAU.2.1: 1
- FIA_UID.1: 4
- FIA_UID.2: 8
- FIA_UID.2.1: 1
- FIA_UID.3: 2
- FMT:
- FMT_MOF.1: 8
- FMT_MOF.1.1: 1
- FMT_MSA.1: 12
- FMT_MSA.1.1: 1
- FMT_MSA.3: 14
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_SMF.1: 12
- FMT_SMF.1.1: 1
- FMT_SMR.1: 18
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FTA:
- FTA_SSL.3: 7
- FTA_SSL.3.1: 1
- FTA_SSL.4: 7
- FTA_SSL.4.1: 1
- FTA_TAB.1: 7
- FTA_TAB.1.1: 1
|
- FCS:
- FCS_CKM.1: 25
- FCS_CKM.2: 2
- FCS_CKM.4: 18
- FCS_CKM.4.1: 1
- FCS_COP.1: 33
- FCS_RNG.1: 1
- FDP:
- FDP_ACC.1: 37
- FDP_ACF.1: 35
- FDP_IFC.1: 13
- FDP_IFC.1.1: 1
- FDP_IFF.1: 8
- FDP_IFF.1.1: 1
- FDP_IFF.1.2: 1
- FDP_IFF.1.3: 1
- FDP_IFF.1.4: 1
- FDP_IFF.1.5: 1
- FDP_ITC.1: 5
- FDP_ITC.2: 5
- FIA:
- FIA_UAU.2: 8
- FIA_UAU.2.1: 1
- FIA_UID.1: 3
- FIA_UID.2: 8
- FIA_UID.2.1: 1
- FMT:
- FMT_MSA.1: 40
- FMT_MSA.3: 42
- FMT_MTD.1: 16
- FMT_MTD.1.1: 1
- FMT_SMF.1: 7
- FMT_SMF.1.1: 1
- FMT_SMR.1: 24
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
|
| pdf_data/st_keywords/cc_claims |
- A:
- A.AUDIT: 3
- A.ENV: 3
- A.GENPUR: 3
- A.INFLOW: 3
- A.NETCON: 3
- A.NOEVIL: 3
- A.PHYSEC: 3
- A.PROT: 3
- A.REMACC: 3
- A.SINGEN: 3
- A.TSP: 3
- O:
- O.ACCOUNT: 4
- O.AUDREC: 9
- O.AUDRECC: 1
- O.AUTHENTICATE: 9
- O.FILTER: 7
- O.LIMEXT: 4
- O.MANAGEMENT: 7
- O.MEDIATE: 6
- O.SECFUN: 4
- OE:
- OE.AUDIT: 2
- OE.ENV: 6
- OE.GENPUR: 3
- OE.INFLOW: 5
- OE.NOEVIL: 2
- OE.PHYSEC: 2
- OE.PROT: 5
- OE.REMACC: 3
- OE.SINGEN: 2
- OE.TRAFFIC: 3
- OE.TSP: 3
- T:
- T.AUDACC: 3
- T.BYPASS: 3
- T.MEDIAT: 3
- T.NOAUTH: 3
- T.REPEAT: 4
- T.WEAKNESS: 3
|
- A:
- A.AUTHORISED_USER: 4
- A.PROTECT_ACCESS: 4
- A.PROTECT_PASSWD: 4
- A.SECURE_OPER: 4
- A.SECURE_SERVER: 4
- A.TRUST_ADMIN: 4
- O:
- O.ACCESS_: 1
- O.ACCESS_DV: 5
- O.LAUNCH: 5
- O.SECURE_: 2
- O.SECURE_DATA: 7
- O.SECURE_MANAGEMENT: 2
- O.VIRUS: 5
- O.WEBACC: 6
- OE:
- OE.AUTHORISED_USER: 4
- OE.PROTECT_ACCESS: 5
- OE.PROTECT_PASSWD: 3
- OE.SECURE_OPER: 3
- OE.SECURE_SERVER: 6
- OE.TRUST_ADMIN: 3
- T:
- T.ACCESS_CD: 3
- T.ACCESS_DD: 4
- T.ACCESS_KD: 3
- T.KEY_DISCLOSURE: 4
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
|
- AES_competition:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- RFC:
- RFC 2460: 1
- RFC 791: 1
- RFC4253: 1
|
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 2
- CCMB-2017-04-003: 2
- CCMB-2017-04-004: 1
- FIPS:
- FIPS 180-4: 1
- FIPS 197: 1
- FIPS 198-1: 1
- FIPS PUB 197: 1
- FIPS PUB 198-1: 1
- NIST:
- NIST SP 800-38A: 1
- NIST SP 800-38E: 1
- NIST SP 800-90A: 2
- SP 800-132: 1
- PKCS:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- By content categories and types of data. Two above mentioned checks together (this rule type is out of scope of evaluation). Multiple rules can be defined with relative priority, they will be applied based on: 1
- out of scope: 3
- path, application properties, application`s digital signature parameters, application category (out of scope of evalutation), active user. P a g e | 43 This metadata then are compared to active Application: 1
- the one selected in the rule. Content categories are described in User Manual (this rule type is out of scope of evaluation). By type of data. When object is being downloaded from network its source URL is: 1
- this rule type is out of scope of evaluation: 2
|
| pdf_data/st_metadata |
- /Author: Martin Becker
- /CreationDate: D:20200204124435+01'00'
- /Creator: PScript5.dll Version 5.2.2
- /Keywords: Firewall OS, network security, information flow control
- /ModDate: D:20200204124609+01'00'
- /Producer: Acrobat Distiller 10.0.0 (Windows)
- /Subject: Security Target Sophos Firewall OS
- /Title: Security Target Sophos Firewall OS
- pdf_file_size_bytes: 412963
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 44
|
- /Author: test
- /CreationDate: D:20180220122537+03'00'
- /Creator: Microsoft® Word 2016
- /ModDate: D:20180426102848+02'00'
- /Producer: Microsoft® Word 2016
- pdf_file_size_bytes: 985996
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 47
|
| state/cert/convert_garbage |
False |
True |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
True |
True |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
False |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |