name |
Palo Alto Networks PA-220 Series, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS 9.0 |
Palo Alto Networks PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series Next-Generation Firewall with PAN-OS 4.0.12-h2 and User Identification Agent v3.1.2 |
category |
Network and Network-Related Devices and Systems |
Boundary Protection Devices and Systems |
scheme |
US |
US |
status |
archived |
archived |
not_valid_after |
14.10.2022 |
22.04.2015 |
not_valid_before |
14.10.2020 |
11.04.2013 |
cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11063-ci.pdf |
|
report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11063-vr.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10392-vr.pdf |
st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11063-st.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10392-st.pdf |
manufacturer |
Palo Alto Networks, Inc. |
Palo Alto Networks, Inc. |
manufacturer_web |
https://www.paloaltonetworks.com/ |
https://www.paloaltonetworks.com/ |
security_level |
{} |
ATE_DPT.3, ALC_FLR.2, EAL4+ |
dgst |
d0bdbe099855466b |
bdc993babbbfb13c |
heuristics/cert_id |
CCEVS-VR-VID-11063-2020 |
CCEVS-VR-VID-10392-2013 |
heuristics/cert_lab |
US |
US |
heuristics/cpe_matches |
{} |
{} |
heuristics/verified_cpe_matches |
{} |
{} |
heuristics/related_cves |
{} |
{} |
heuristics/direct_transitive_cves |
{} |
{} |
heuristics/indirect_transitive_cves |
{} |
{} |
heuristics/extracted_sars |
ALC_CMS.1, ADV_FSP.1, AVA_VAN.1, ATE_IND.1, ALC_CMC.1 |
ALC_TAT.1, ATE_FUN.1, ALC_DVS.1, ADV_IMP.1, ATE_DPT.3, AGD_PRE.1, ALC_CMS.4, ATE_COV.2, ADV_INT.1, ALC_CMC.4, ADV_FSP.5, ADV_ARC.1, AVA_VAN.3, ALC_DEL.1, AGD_OPE.1, ALC_LCD.1, ADV_TDS.4, ALC_FLR.2, ATE_IND.2 |
heuristics/extracted_versions |
9.0 |
4.0.12, 3.1.2 |
heuristics/prev_certificates |
{} |
{} |
heuristics/next_certificates |
{} |
{} |
heuristics/report_references/directly_referenced_by |
{} |
{} |
heuristics/report_references/directly_referencing |
{} |
{} |
heuristics/report_references/indirectly_referenced_by |
{} |
{} |
heuristics/report_references/indirectly_referencing |
{} |
{} |
heuristics/scheme_data |
- category: Firewall, Network Device, Virtual Private Network
- certification_date: 14.10.2020
- evaluation_facility: Leidos Common Criteria Testing Laboratory
- expiration_date: 14.10.2022
- id: CCEVS-VR-VID11063
- product: Palo Alto Networks PA-220 Series, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS 9.0
- scheme: US
- url: https://www.niap-ccevs.org/product/11063
- vendor: Palo Alto Networks, Inc.
|
- category: Firewall
- certification_date: 11.04.2013
- evaluation_facility: Leidos Common Criteria Testing Laboratory
- expiration_date: 11.04.2015
- id: CCEVS-VR-VID10392
- product: Palo Alto Networks PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series Next-Generation Firewall with PAN-OS 4.0.12-h2 and User Identification Agent v3.1.2
- scheme: US
- url: https://www.niap-ccevs.org/product/10392
- vendor: Palo Alto Networks, Inc.
|
heuristics/st_references/directly_referenced_by |
{} |
{} |
heuristics/st_references/directly_referencing |
{} |
{} |
heuristics/st_references/indirectly_referenced_by |
{} |
{} |
heuristics/st_references/indirectly_referencing |
{} |
{} |
maintenance_updates |
|
|
protection_profiles |
|
|
pdf_data/cert_filename |
st_vid11063-ci.pdf |
|
pdf_data/cert_frontpage |
|
|
pdf_data/cert_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID11063-2020: 1
|
|
pdf_data/cert_keywords/cc_protection_profile_id |
|
|
pdf_data/cert_keywords/cc_security_level |
|
|
pdf_data/cert_keywords/cc_sar |
|
|
pdf_data/cert_keywords/cc_sfr |
|
|
pdf_data/cert_keywords/cc_claims |
|
|
pdf_data/cert_keywords/vendor |
|
|
pdf_data/cert_keywords/eval_facility |
|
|
pdf_data/cert_keywords/symmetric_crypto |
|
|
pdf_data/cert_keywords/asymmetric_crypto |
|
|
pdf_data/cert_keywords/pq_crypto |
|
|
pdf_data/cert_keywords/hash_function |
|
|
pdf_data/cert_keywords/crypto_scheme |
|
|
pdf_data/cert_keywords/crypto_protocol |
|
|
pdf_data/cert_keywords/randomness |
|
|
pdf_data/cert_keywords/cipher_mode |
|
|
pdf_data/cert_keywords/ecc_curve |
|
|
pdf_data/cert_keywords/crypto_engine |
|
|
pdf_data/cert_keywords/tls_cipher_suite |
|
|
pdf_data/cert_keywords/crypto_library |
|
|
pdf_data/cert_keywords/vulnerability |
|
|
pdf_data/cert_keywords/side_channel_analysis |
|
|
pdf_data/cert_keywords/technical_report_id |
|
|
pdf_data/cert_keywords/device_model |
|
|
pdf_data/cert_keywords/tee_name |
|
|
pdf_data/cert_keywords/os_name |
|
|
pdf_data/cert_keywords/cplc_data |
|
|
pdf_data/cert_keywords/ic_data_group |
|
|
pdf_data/cert_keywords/standard_id |
|
|
pdf_data/cert_keywords/javacard_version |
|
|
pdf_data/cert_keywords/javacard_api_const |
|
|
pdf_data/cert_keywords/javacard_packages |
|
|
pdf_data/cert_keywords/certification_process |
|
|
pdf_data/cert_metadata |
- /CreationDate: D:20201021133635-04'00'
- /ModDate: D:20201021133635-04'00'
- /Producer: iText 2.1.0 (by lowagie.com)
- pdf_file_size_bytes: 182814
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 1
|
|
pdf_data/report_filename |
st_vid11063-vr.pdf |
st_vid10392-vr.pdf |
pdf_data/report_frontpage |
- US:
- cert_id: CCEVS-VR-VID11063-2020
- cert_item: for Palo Alto Networks PA-220 Series, PA-800 Series, PA-3000 Series, PA-3200 Series, PA-5200 Series, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS 9.0
- cert_lab: US NIAP
|
- US:
- cert_id: CCEVS-VR-VID10392-2013
- cert_item: Palo Alto Networks PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series Next-Generation Firewall running PAN-OS 4.0.12-h2
- cert_lab: US NIAP
|
pdf_data/report_keywords/cc_cert_id |
- US:
- CCEVS-VR-VID11063-2020: 1
|
- US:
- CCEVS-VR-VID10392-2013: 1
|
pdf_data/report_keywords/cc_protection_profile_id |
|
|
pdf_data/report_keywords/cc_security_level |
|
- EAL:
- EAL 4: 3
- EAL 4 augmented: 3
|
pdf_data/report_keywords/cc_sar |
|
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.4: 1
- ADV_IMP.1: 1
- ADV_TDS.3: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.4: 1
- ALC_CMS.4: 1
- ALC_DEL.1: 1
- ALC_DVS.1: 1
- ALC_FLR.2: 5
- ALC_LCD.1: 1
- ALC_TAT.1: 1
- ATE:
- ATE_COV.2: 1
- ATE_DPT: 1
- ATE_DPT.3: 4
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
pdf_data/report_keywords/cc_sfr |
|
|
pdf_data/report_keywords/cc_claims |
|
|
pdf_data/report_keywords/vendor |
|
|
pdf_data/report_keywords/eval_facility |
|
|
pdf_data/report_keywords/symmetric_crypto |
|
|
pdf_data/report_keywords/asymmetric_crypto |
|
|
pdf_data/report_keywords/pq_crypto |
|
|
pdf_data/report_keywords/hash_function |
|
|
pdf_data/report_keywords/crypto_scheme |
|
|
pdf_data/report_keywords/crypto_protocol |
|
|
pdf_data/report_keywords/randomness |
|
|
pdf_data/report_keywords/cipher_mode |
|
|
pdf_data/report_keywords/ecc_curve |
|
|
pdf_data/report_keywords/crypto_engine |
|
|
pdf_data/report_keywords/tls_cipher_suite |
|
|
pdf_data/report_keywords/crypto_library |
|
|
pdf_data/report_keywords/vulnerability |
|
|
pdf_data/report_keywords/side_channel_analysis |
|
|
pdf_data/report_keywords/technical_report_id |
|
|
pdf_data/report_keywords/device_model |
|
|
pdf_data/report_keywords/tee_name |
|
|
pdf_data/report_keywords/os_name |
|
|
pdf_data/report_keywords/cplc_data |
|
|
pdf_data/report_keywords/ic_data_group |
|
|
pdf_data/report_keywords/standard_id |
|
- CC:
- CCIMB-2006-09-001: 1
- CCIMB-2007-09-002: 1
- CCIMB-2007-09-003: 1
- CCIMB-2007-09-004: 1
- FIPS:
- NIST:
|
pdf_data/report_keywords/javacard_version |
|
|
pdf_data/report_keywords/javacard_api_const |
|
|
pdf_data/report_keywords/javacard_packages |
|
|
pdf_data/report_keywords/certification_process |
- OutOfScope:
- and URL Filtering security policies/profiles are not evaluated and therefore, these features are out of scope. API request over HTTP By default, the TOE supports API requests over HTTPS or HTTPS tunneled over: 1
- Policies The TLS and SSH decryption policies are not evaluated and therefore, these features are out of scope. Anti-Virus, Anti-Spyware, Anti-Malware Security Policies The Anti-Virus, Anti-Spyware: 1
- by the security functional requirements: TLS, HTTPS, SSH, IKE/IPsec. The features below are out of scope. Table 2 Excluded Features Feature Description Telnet and HTTP Management Protocols Telnet and HTTP: 1
- out of scope: 4
- security policies (i.e., profiles) are not evaluated and therefore, there features are out of scope. File Blocking, DLP, and URL Filtering Security Policies The File Blocking, DLP (Data Loss: 1
|
|
pdf_data/report_metadata |
- /CreationDate: D:20210517140421-04'00'
- /ModDate: D:20210517140421-04'00'
- pdf_file_size_bytes: 778696
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 38
|
- /Author: SAIC
- /CreationDate: D:20130514115641
- /Creator: Microsoft® Office Word 2007
- /ModDate: D:20130514115641
- /Producer: Microsoft® Office Word 2007
- /Subject: Validation Report
- /Title: Palo Alto Networks Inc. PA-Series Next Generation Firewall
- pdf_file_size_bytes: 483560
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 28
|
pdf_data/st_filename |
st_vid11063-st.pdf |
st_vid10392-st.pdf |
pdf_data/st_frontpage |
|
|
pdf_data/st_keywords/cc_cert_id |
|
|
pdf_data/st_keywords/cc_protection_profile_id |
|
|
pdf_data/st_keywords/cc_security_level |
|
- EAL:
- EAL 4: 1
- EAL4: 3
- EAL4 augmented: 3
|
pdf_data/st_keywords/cc_sar |
- ADV:
- AGD:
- ALC:
- ALC_CMC.1: 1
- ALC_CMS.1: 1
- ASE:
- ASE_CCL: 1
- ASE_ECD: 1
- ASE_INT: 1
- ASE_OBJ: 1
- ASE_REQ: 1
- ASE_SPD: 1
- ASE_TSS: 1
- ATE:
- AVA:
|
- ADV:
- ADV_ARC: 1
- ADV_ARC.1: 10
- ADV_FSP: 1
- ADV_FSP.4: 11
- ADV_FSP.5: 1
- ADV_IMP: 1
- ADV_IMP.1: 7
- ADV_INT.1: 1
- ADV_TDS: 1
- ADV_TDS.3: 15
- ADV_TDS.4: 1
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 10
- AGD_PRE: 1
- AGD_PRE.1: 6
- ALC:
- ALC_CMC: 1
- ALC_CMC.4: 15
- ALC_CMS: 1
- ALC_CMS.4: 6
- ALC_DEL: 1
- ALC_DEL.1: 5
- ALC_DVS: 1
- ALC_DVS.1: 5
- ALC_FLR: 1
- ALC_FLR.2: 16
- ALC_LCD: 1
- ALC_LCD.1: 6
- ALC_TAT: 1
- ALC_TAT.1: 7
- ATE:
- ATE_COV: 1
- ATE_COV.2: 5
- ATE_DPT: 1
- ATE_DPT.3: 9
- ATE_FUN: 1
- ATE_FUN.1: 8
- ATE_IND: 1
- ATE_IND.2: 7
- AVA:
|
pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 2
- FAU_GEN.1: 4
- FAU_GEN.1.1: 1
- FAU_GEN.1.2: 1
- FAU_GEN.2: 3
- FAU_GEN.2.1: 1
- FAU_STG_EXT: 1
- FAU_STG_EXT.1: 3
- FAU_STG_EXT.1.1: 1
- FAU_STG_EXT.1.2: 1
- FAU_STG_EXT.1.3: 1
- FCS:
- FCS_CKM: 7
- FCS_CKM.1: 4
- FCS_CKM.1.1: 1
- FCS_CKM.2: 7
- FCS_CKM.2.1: 1
- FCS_CKM.4: 3
- FCS_CKM.4.1: 1
- FCS_COP: 15
- FCS_COP.1: 4
- FCS_RBG_EXT: 1
- FCS_RBG_EXT.1: 5
- FCS_RBG_EXT.1.1: 1
- FCS_RBG_EXT.1.2: 1
- FCS_SSHS_EXT: 1
- FCS_SSHS_EXT.1: 3
- FCS_SSHS_EXT.1.1: 2
- FCS_SSHS_EXT.1.2: 1
- FCS_SSHS_EXT.1.3: 1
- FCS_SSHS_EXT.1.4: 1
- FCS_SSHS_EXT.1.5: 2
- FCS_SSHS_EXT.1.6: 1
- FCS_SSHS_EXT.1.7: 1
- FCS_SSHS_EXT.1.8: 2
- FCS_TLSC_EXT: 1
- FCS_TLSC_EXT.1: 3
- FCS_TLSC_EXT.1.1: 2
- FCS_TLSC_EXT.1.2: 1
- FCS_TLSC_EXT.1.3: 1
- FCS_TLSC_EXT.1.4: 1
- FCS_TLSC_EXT.2: 7
- FCS_TLSC_EXT.2.1: 2
- FCS_TLSC_EXT.2.2: 2
- FCS_TLSC_EXT.2.3: 2
- FCS_TLSC_EXT.2.4: 2
- FCS_TLSC_EXT.2.5: 2
- FCS_TLSS_EXT: 2
- FCS_TLSS_EXT.1: 3
- FCS_TLSS_EXT.1.1: 1
- FCS_TLSS_EXT.1.2: 1
- FCS_TLSS_EXT.1.3: 1
- FCS_TLSS_EXT.2: 2
- FCS_TLSS_EXT.2.1: 1
- FCS_TLSS_EXT.2.2: 1
- FCS_TLSS_EXT.2.3: 1
- FCS_TLSS_EXT.2.4: 1
- FCS_TLSS_EXT.2.5: 1
- FCS_TLSS_EXT.2.6: 1
- FDP:
- FIA:
- FIA_AFL: 1
- FIA_AFL.1: 6
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_PMG_EXT: 1
- FIA_PMG_EXT.1: 3
- FIA_PMG_EXT.1.1: 1
- FIA_UAU: 1
- FIA_UAU.7: 3
- FIA_UAU.7.1: 1
- FIA_UAU_EXT: 1
- FIA_UAU_EXT.2: 2
- FIA_UAU_EXT.2.1: 1
- FIA_UIA_EXT: 1
- FIA_UIA_EXT.1: 5
- FIA_UIA_EXT.1.1: 1
- FIA_UIA_EXT.1.2: 1
- FMT:
- FMT_MOF: 12
- FMT_MOF.1: 3
- FMT_MTD: 8
- FMT_MTD.1: 3
- FMT_SMF: 4
- FMT_SMF.1: 4
- FMT_SMF.1.1: 1
- FMT_SMR: 1
- FMT_SMR.2: 3
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 1
- FPT:
- FPT_APW_EXT: 2
- FPT_APW_EXT.1: 3
- FPT_APW_EXT.1.1: 1
- FPT_APW_EXT.1.2: 1
- FPT_FLS: 4
- FPT_FLS.1: 1
- FPT_ITC.1: 1
- FPT_SKP_EXT: 2
- FPT_SKP_EXT.1: 2
- FPT_SKP_EXT.1.1: 1
- FPT_STM_EXT: 2
- FPT_STM_EXT.1: 3
- FPT_STM_EXT.1.1: 1
- FPT_STM_EXT.1.2: 1
- FPT_TST_EXT: 3
- FPT_TST_EXT.1: 4
- FPT_TST_EXT.1.1: 1
- FPT_TST_EXT.3: 2
- FPT_TST_EXT.3.1: 1
- FPT_TST_EXT.3.2: 1
- FPT_TUD_EXT: 2
- FPT_TUD_EXT.1: 3
- FPT_TUD_EXT.1.1: 1
- FPT_TUD_EXT.1.2: 1
- FPT_TUD_EXT.1.3: 2
- FTA:
- FTA_SSL: 2
- FTA_SSL.3: 4
- FTA_SSL.3.1: 1
- FTA_SSL.4: 2
- FTA_SSL.4.1: 1
- FTA_SSL_EXT: 1
- FTA_SSL_EXT.1: 4
- FTA_SSL_EXT.1.1: 1
- FTA_TAB: 1
- FTA_TAB.1: 4
- FTA_TAB.1.1: 1
- FTP:
- FTP_ITC: 3
- FTP_ITC.1: 4
- FTP_ITC.1.1: 2
- FTP_ITC.1.2: 2
- FTP_ITC.1.3: 2
- FTP_TRP: 4
- FTP_TRP.1: 3
|
- FAU:
- FAU_ARP: 2
- FAU_ARP.1: 4
- FAU_ARP.1.1: 1
- FAU_GEN: 10
- FAU_GEN.1: 4
- FAU_GEN.2: 1
- FAU_SAA: 7
- FAU_SAA.1: 2
- FAU_SAR: 4
- FAU_SAR.1: 3
- FAU_SAR.1.1: 1
- FAU_SAR.1.2: 1
- FAU_SAR.2: 4
- FAU_SAR.2.1: 1
- FAU_SAR.3: 3
- FAU_SAR.3.1: 1
- FAU_SEL: 5
- FAU_SEL.1: 2
- FAU_STG: 10
- FAU_STG.1: 4
- FAU_STG.1.1: 1
- FAU_STG.1.2: 1
- FAU_STG.3: 4
- FAU_STG.3.1: 1
- FCS:
- FCS_CKM: 2
- FCS_CKM.1: 9
- FCS_CKM.1.1: 2
- FCS_CKM.2: 3
- FCS_CKM.2.1: 1
- FCS_CKM.4: 5
- FCS_CKM.4.1: 1
- FCS_CKM_EXT: 1
- FCS_CKM_EXT.2: 1
- FCS_COP: 1
- FCS_COP.1: 27
- FCS_COP.1.1: 6
- FCS_COP_EXT.1: 1
- FDP:
- FDP_IFC.1: 19
- FDP_IFC.1.1: 3
- FDP_IFF.1: 21
- FDP_IFF.1.1: 3
- FDP_IFF.1.2: 5
- FDP_IFF.1.3: 3
- FDP_IFF.1.4: 3
- FDP_IFF.1.5: 3
- FDP_IFF.1.6: 2
- FDP_ITC.1: 2
- FDP_ITC.2: 2
- FDP_RIP: 1
- FDP_RIP.2: 3
- FDP_RIP.2.1: 1
- FIA:
- FIA_AFL: 1
- FIA_AFL.1: 4
- FIA_AFL.1.1: 1
- FIA_AFL.1.2: 1
- FIA_ATD: 1
- FIA_ATD.1: 4
- FIA_ATD.1.1: 1
- FIA_UAU: 1
- FIA_UAU.1: 5
- FIA_UAU.1.1: 1
- FIA_UAU.1.2: 1
- FIA_UID: 1
- FIA_UID.2: 3
- FIA_UID.2.1: 1
- FIA_USB: 1
- FIA_USB.1: 3
- FIA_USB.1.1: 1
- FMT:
- FMT_MOF.1: 25
- FMT_MOF.1.1: 7
- FMT_MSA: 11
- FMT_MSA.1: 5
- FMT_MSA.3: 11
- FMT_MSA.3.1: 1
- FMT_MSA.3.2: 1
- FMT_MTD.1: 24
- FMT_MTD.1.1: 7
- FMT_MTD.2: 10
- FMT_MTD.2.1: 2
- FMT_MTD.2.2: 2
- FMT_REV: 1
- FMT_REV.1: 3
- FMT_REV.1.1: 1
- FMT_REV.1.2: 1
- FMT_SMR: 1
- FMT_SMR.1: 1
- FMT_SMR.2: 3
- FMT_SMR.2.1: 1
- FMT_SMR.2.2: 1
- FMT_SMR.2.3: 2
- FPT:
- FPT_FLS: 2
- FPT_FLS.1: 7
- FPT_FLS.1.1: 1
- FPT_ITC: 3
- FPT_ITC.1: 5
- FPT_ITC.1.1: 1
- FPT_ITT: 2
- FPT_ITT.1: 6
- FPT_ITT.1.1: 1
- FPT_RCV: 1
- FPT_RCV.1: 3
- FPT_RCV.1.1: 1
- FPT_RPL: 1
- FPT_RPL.1: 3
- FPT_RPL.1.1: 1
- FPT_RPL.1.2: 1
- FPT_STM: 1
- FPT_STM.1: 6
- FPT_STM.1.1: 1
- FPT_TST.1: 10
- FPT_TST.1.1: 2
- FPT_TST.1.2: 2
- FPT_TST.1.3: 2
- FRU:
- FRU_FLT: 2
- FRU_FLT.1: 6
- FRU_FLT.1.1: 1
- FRU_RSA.1: 11
- FRU_RSA.1.1: 2
- FTA:
- FTA_SSL: 4
- FTA_SSL.1: 1
- FTA_SSL.2: 4
- FTA_SSL.2.1: 1
- FTA_SSL.2.2: 1
- FTA_SSL.3: 5
- FTA_SSL.3.1: 1
- FTA_TAB: 1
- FTA_TAB.1: 4
- FTA_TAB.1.1: 1
- FTA_TSE: 1
- FTA_TSE.1: 3
- FTA_TSE.1.1: 1
- FTP:
- FTP_ITC.1: 8
- FTP_ITC.1.1: 2
- FTP_ITC.1.2: 2
- FTP_ITC.1.3: 2
- FTP_TRP.1: 8
- FTP_TRP.1.1: 2
- FTP_TRP.1.2: 2
- FTP_TRP.1.3: 2
|
pdf_data/st_keywords/cc_claims |
- A:
- OE:
- OE.ADMIN_CREDENTIALS_SECURE: 1
- OE.CONNECTIONS: 1
- OE.NO_GENERAL_PURPOSE: 1
- OE.NO_THRU_TRAFFIC_PROTECTION: 1
- OE.PHYSICAL: 1
- OE.RESIDUAL_INFORMATION: 1
- OE.TRUSTED_ADMIN: 1
- OE.UPDATES: 1
|
- A:
- A.NO_GENERAL_PURPOSE: 1
- A.NO_TOE_BYPASS: 1
- A.PHYSICAL: 1
- A.UIA_ONLY: 1
- O:
- O.ADMIN_ROLE: 1
- O.AUDIT_GENERATION: 1
- O.AUDIT_PROTECTION: 1
- O.AUDIT_REVIEW: 1
- O.CHANGE_MANAGEMENT: 1
- O.CORRECT_: 1
- O.CRYPTOGRAPHIC_: 1
- O.CRYPTOGRAPHY_: 1
- O.DISPLAY_BANNER: 1
- O.DOCUMENT_KEY_LEAKAGE: 1
- O.MAINT_MODE: 2
- O.MANAGE: 2
- O.MEDIATE: 4
- O.REPLAY_DETECTION: 1
- O.RESIDUAL_INFORMATION: 1
- O.RESOURCE_SHARING: 1
- O.ROBUST_ADMIN_GUIDANCE: 1
- O.ROBUST_TOE_ACCESS: 1
- O.SELF_PROTECTION: 2
- O.SOUND_IMPLEMENTATION: 1
- O.THOROUGH_FUNCTIONAL_: 1
- O.TIME_STAMPS: 1
- O.TRUSTED_PATH: 1
- O.VULNERABILITY_ANALYSIS_TEST: 1
- OE:
- OE.CRYPTANALYTIC: 1
- OE.NO_GENERAL_PURPOSE: 1
- OE.NO_TOE_BYPASS: 1
- OE.PHYSICAL: 1
- OE.UIA_ONLY: 1
- T:
- T.ADDRESS_MASQUERADE: 1
- T.ADMIN_ERROR: 1
- T.ADMIN_ROGUE: 1
- T.AUDIT_COMPROMISE: 1
- T.CRYPTO_COMPROMISE: 1
- T.FLAWED_DESIGN: 1
- T.FLAWED_IMPLEMENTATION: 1
- T.MALICIOUS_TSF_: 1
- T.MASQUERADE: 1
- T.POOR_TEST: 1
- T.REPLAY: 1
- T.RESIDUAL_DATA: 1
- T.RESOURCE_EXHAUSTION: 1
- T.SPOOFING: 1
- T.UNATTENDED_SESSION: 1
- T.UNAUTHORIZED_ACCESS: 1
- T.UNIDENTIFIED_ACTIONS: 1
- T.UNKNOWN_STATE: 1
|
pdf_data/st_keywords/vendor |
|
|
pdf_data/st_keywords/eval_facility |
|
|
pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- AES:
- AES: 32
- AES-: 1
- AES-256: 6
- DES:
- constructions:
- MAC:
- HMAC: 11
- HMAC-SHA-256: 8
- HMAC-SHA-384: 4
- HMAC-SHA-512: 6
|
- AES_competition:
- constructions:
|
pdf_data/st_keywords/asymmetric_crypto |
- ECC:
- FF:
- DH:
- DH: 28
- DHE: 4
- Diffie-Hellman: 13
- DSA:
- RSA:
|
|
pdf_data/st_keywords/pq_crypto |
|
|
pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-256: 6
- SHA-384: 6
- SHA-512: 4
- SHA256: 13
|
- SHA:
- SHA1:
- SHA2:
- SHA-2: 1
- SHA-256: 1
- SHA-384: 2
- SHA-512: 2
|
pdf_data/st_keywords/crypto_scheme |
|
|
pdf_data/st_keywords/crypto_protocol |
- IKE:
- IKE: 29
- IKEv1: 14
- IKEv2: 13
- IPsec:
- SSH:
- TLS:
- SSL:
- SSL: 9
- SSL 2.0: 4
- SSL 3.0: 4
- TLS:
- TLS: 108
- TLS 1.0: 4
- TLS 1.1: 4
- TLS 1.2: 7
- TLS1.1: 1
- TLS1.2: 2
- TLSv1.1: 2
- TLSv1.2: 7
- VPN:
|
- IKE:
- IPsec:
- SSH:
- TLS:
- SSL:
- TLS:
- TLS: 3
- TLS 1.2: 1
- TLS v1.0: 3
- TLSv1.0: 1
- VPN:
|
pdf_data/st_keywords/randomness |
|
|
pdf_data/st_keywords/cipher_mode |
|
|
pdf_data/st_keywords/ecc_curve |
- NIST:
- P-256: 18
- P-384: 16
- P-521: 12
- secp256r1: 8
- secp384r1: 8
- secp521r1: 4
|
|
pdf_data/st_keywords/crypto_engine |
|
|
pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 8
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 8
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 8
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 5
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 8
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 8
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 5
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 8
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 5
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 3
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 5
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 5
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 3
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 5
- TLS_RSA_WITH_AES_128_CBC_SHA: 3
- TLS_RSA_WITH_AES_128_CBC_SHA256: 3
- TLS_RSA_WITH_AES_256_CBC_SHA: 3
|
- TLS:
- TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 1
- TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 1
- TLS_RSA_WITH_AES_128_CBC_SHA: 1
- TLS_RSA_WITH_AES_256_CBC_SHA: 1
|
pdf_data/st_keywords/crypto_library |
|
|
pdf_data/st_keywords/vulnerability |
|
|
pdf_data/st_keywords/side_channel_analysis |
|
|
pdf_data/st_keywords/technical_report_id |
|
|
pdf_data/st_keywords/device_model |
|
|
pdf_data/st_keywords/tee_name |
|
|
pdf_data/st_keywords/os_name |
|
|
pdf_data/st_keywords/cplc_data |
|
|
pdf_data/st_keywords/ic_data_group |
|
|
pdf_data/st_keywords/standard_id |
- FIPS:
- FIPS 140-2: 2
- FIPS 186-4: 3
- FIPS PUB 186-4: 15
- ISO:
- ISO/IEC 10118-: 1
- ISO/IEC 14888-3: 2
- ISO/IEC 18031:2011: 5
- ISO/IEC 9796-2: 2
- NIST:
- NIST SP 800-56A: 2
- SP 800-90A: 2
- PKCS:
- RFC:
- RFC 2460: 2
- RFC 2818: 3
- RFC 2986: 2
- RFC 3268: 22
- RFC 3447: 2
- RFC 3513: 2
- RFC 3526: 9
- RFC 35267: 1
- RFC 3602: 3
- RFC 3986: 1
- RFC 4106: 1
- RFC 4109: 1
- RFC 4253: 2
- RFC 4301: 2
- RFC 4303: 2
- RFC 4304: 1
- RFC 4346: 4
- RFC 4443: 1
- RFC 4492: 26
- RFC 4868: 1
- RFC 4945: 1
- RFC 5246: 23
- RFC 5280: 5
- RFC 5289: 42
- RFC 5735: 2
- RFC 5759: 2
- RFC 5996: 3
- RFC 6125: 4
- RFC 6598: 2
- RFC 6960: 1
- RFC 768: 2
- RFC 791: 2
- RFC 792: 1
- RFC 793: 3
- RFC 959: 1
- RFC2409: 1
- RFC4945: 1
- X509:
|
- CC:
- CCMB-2007-09-002: 1
- CCMB-2007-09-003: 1
- FIPS:
- FIPS 140-2: 12
- FIPS 180-3: 1
- FIPS PUB 140-2: 7
- FIPS140-2: 1
- NIST:
- RFC:
|
pdf_data/st_keywords/javacard_version |
|
|
pdf_data/st_keywords/javacard_api_const |
|
|
pdf_data/st_keywords/javacard_packages |
|
|
pdf_data/st_keywords/certification_process |
- OutOfScope:
- and URL Filtering security policies/profiles are not evaluated and therefore, these features are out of scope. API request over HTTP By default, the TOE supports API requests over HTTPS or HTTPS tunneled over: 1
- ISP links to ensure application performance and scale capacity. The SD-WAN capability is considered out of scope. PAN OS 9.1.8 Security Target Palo Alto Networks Page 23 of 84 Feature Description Include: 1
- Policies The TLS and SSH decryption policies are not evaluated and therefore, these features are out of scope. Anti-Virus, Anti-Spyware, Anti- Malware Security Policies The Anti-Virus, Anti-Spyware: 1
- by the security functional requirements: TLS, HTTPS, SSH, IKE/IPsec. The features below are out of scope. Table 2 Excluded Features Feature Description Telnet and HTTP Management Protocols Telnet and HTTP: 1
- is secured with TLS using FIPS-approved algorithms. The threat prevention signatures themselves are out of scope (i.e., not evaluated). Management The next-generation firewall provides both direct and remote: 1
- malformed, fragmented packets. The protection from viruses, worm, and spyware using signatures are out of scope (i.e., not evaluated). DoS Protection – the firewall is designed to protect against flooding: 1
- out of scope: 7
- security policies (i.e., profiles) are not evaluated and therefore, there features are out of scope. File Blocking, DLP, and URL Filtering Security Policies The File Blocking, DLP (Data Loss: 1
|
|
pdf_data/st_metadata |
- /CreationDate: D:20210412140143-04'00'
- /ModDate: D:20210412140143-04'00'
- pdf_file_size_bytes: 1510267
- pdf_hyperlinks: https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0478, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=420, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0484, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0477, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=406, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0480, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0483, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=407, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=409, https://www.paloaltonetworks.com/company/trademarks.html, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0475, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=434, file:///C:/Users/beaverg/Desktop/CCTL%20Projects/Palo%20Alto%20Panorama/Received%20from%20Vendor/updates.paloaltonetworks.com, http://www.paloaltonetworks.com/, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=422, https://www.nsa.gov/Portals/70/documents/resources/everyone/csfc/components-list/selections/vpn-gateways.pdf, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0511, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=435, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0481, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=410, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=418, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=419, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0520, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0450, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=417, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=405, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=411, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=408, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD_ID=412, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?TD=0482, https://www.niap-ccevs.org/Documents_and_Guidance/view_td.cfm?td_id=433
- pdf_is_encrypted: False
- pdf_number_of_pages: 88
|
|
state/cert/convert_garbage |
True |
False |
state/cert/convert_ok |
True |
False |
state/cert/download_ok |
True |
False |
state/cert/extract_ok |
True |
False |
state/cert/pdf_hash |
Different |
Different |
state/cert/txt_hash |
Different |
Different |
state/report/convert_garbage |
False |
False |
state/report/convert_ok |
True |
True |
state/report/download_ok |
True |
True |
state/report/extract_ok |
True |
True |
state/report/pdf_hash |
Different |
Different |
state/report/txt_hash |
Different |
Different |
state/st/convert_garbage |
False |
False |
state/st/convert_ok |
True |
True |
state/st/download_ok |
True |
True |
state/st/extract_ok |
True |
True |
state/st/pdf_hash |
Different |
Different |
state/st/txt_hash |
Different |
Different |