This page was not yet optimized for use on mobile devices.

Juniper NFX series Network Services Platform with Junos OS 23.4R1

CSV information

Status	active
Valid from	01.12.2025
Valid until	01.12.2027
Scheme	🇺🇸 US
Manufacturer	HPE Juniper Networking
Category	Network and Network-Related Devices and Systems
Security level
Protection profiles	collaborative Protection Profile for Network Devices v3.0e PP-Module for Intrusion Prevention Systems (IPS), Version 1.0 collaborative Protection Profile Module for Stateful Traffic Filter Firewalls v1.4 + Errata 20200625 PP-Module for Virtual Private Network (VPN) Gateways Version 1.3 Functional Package for SSH Version 1.0

Heuristics summary

Certificate ID: CCEVS-VR-VID-11579-2025

Certificate

Certificate PDF TXT

Extracted keywords

Protocols

SSH, VPN

Certificates

CCEVS-VR-VID11579-2025

Evaluation facilities

Acumen Security

File metadata

Title	VID11579-FINAL CERT
Pages	1
Producer	WeasyPrint 62.3

Certification report

Certification report PDF TXT

Extracted keywords

Protocols

SSH, SSHv2, SSL, IKEv1, IKEv2, IPsec, VPN

Claims

T.UNAUTHORIZED_ADMINISTRATOR_ACCESS, T.WEAK_CRYPTOGRAPHY, T.UNTRUSTED_COMMUNICATION_CHANNELS, T.WEAK_AUTHENTICATION_ENDPOINTS, T.UPDATE_COMPROMISE, T.UNDETECTED_ACTIVITY, T.SECURITY_FUNCTIONALITY_COMPROMISE, T.SECURITY_FUNCTIONALITY_FAILURE, T.NETWORK_DISCLOSURE, T.NETWORK_ACCESS, T.NETWORK_MISUSE, T.MALICIOUS, T.NETWORK_DOS, T.DATA, T.REPLAY_ATTACK, A.PHYSICAL_PROTECTION, A.LIMITED_FUNCTIONALITY, A.TRUSTED_ADMINISTRATOR, A.REGULAR_UPDATES, A.ADMIN_CREDENTIALS_SECURE, A.RESIDUAL_INFORMATION, A.CONNECTIONS, A.NO_THRU_TRAFFIC_PROTECTION

Certificates

CCEVS-VR-VID11579-2025

Evaluation facilities

Acumen Security

Certification process

File metadata

Author	ppatin
Creation date	D:20251204164154-05'00'
Modification date	D:20251204164154-05'00'
Pages	32
Creator	Microsoft® Word 2019
Producer	Microsoft® Word 2019

Frontpage

Certificate ID	CCEVS-VR-VID11579-2025
Certified item	for the Juniper NFX series Network Services Platform with Junos OS 23.4R1
Certification lab	US NIAP

Security target

Security target PDF TXT

Extracted keywords

Symmetric Algorithms

AES, AES-, HMAC, HMAC-SHA-256, HMAC-SHA-512

Asymmetric Algorithms

RSA 2048, RSA 4096, ECDH, ECDSA, ECC, Diffie-Hellman, DH

Hash functions

SHA-1, SHA-256, SHA-384, SHA-512

Schemes

MAC, Key Exchange

Protocols

SSH, SSHv2, SSL, TLS 1.2, TLS, DTLS, IKEv1, IKEv2, IKE, IPsec, VPN

Randomness

DRBG, RNG, RBG

Libraries

OpenSSL

Elliptic Curves

P-256, P-384, P-521

Block cipher modes

CBC, CTR, GCM

Claims

O.RESIDUAL_INFORMATION, O.STATEFUL_TRAFFIC_FILTERING, O.SYSTEM_MONITORING, O.IPS_ANALYZE, O.IPS_REACT, O.TOE_ADMINISTRATION, O.ADDRESS_FILTERING, O.AUTHENTICATION, O.CRYPTOGRAPHIC_FUNCTIONS, O.FAIL_SECURE, O.PORT_FILTERING, T.UNAUTHORIZED_ADMINISTRATOR_ACCESS, T.WEAK_CRYPTOGRAPHY, T.UNTRUSTED_COMMUNICATION_CHANNELS, T.WEAK_AUTHENTICATION_ENDPOINTS, T.UPDATE_COMPROMISE, T.UNDETECTED_ACTIVITY, T.SECURITY_FUNCTIONALITY_COMPROMISE, T.SECURITY_FUNCTIONALITY_FAILURE, T.NETWORK_DISCLOSURE, T.NETWORK_ACCESS, T.NETWORK_MISUSE, T.MALICIOUS, T.NETWORK_DOS, T.DATA, T.REPLAY_ATTACK, A.PHYSICAL_PROTECTION, A.LIMITED_FUNCTIONALITY, A.NO_THRU_TRAFFIC_PROTECTION, A.TRUSTED_ADMINISTRATOR, A.REGULAR_UPDATES, A.ADMIN_CREDENTIALS_SECURE, A.RESIDUAL_INFORMATION, A.CONNECTIONS, OE.PHYSICAL, OE.NO_GENERAL_PURPOSE, OE.TRUSTED_ADMN, OE.UPDATES, OE.ADMIN_CREDENTIALS_SECURE, OE.NO_THRU_TRAFFIC_PROTECTION, OE.RESIDUAL_INFORMATION, OE.CONNECTIONS

Security Assurance Requirements (SAR)

ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ATE_IND.1, AVA_VAN.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.1, ASE_REQ.1, ASE_SPD.1, ASE_TSS.1

Security Functional Requirements (SFR)

FAU_STG_EXT.1, FAU_GEN.1.2, FAU_GEN.1, FAU_GEN, FAU_GEN.2, FAU_GEN.1.1, FAU_GEN.2.1, FAU_STG_EXT.1.1, FAU_STG_EXT.1.2, FAU_STG_EXT.1.3, FAU_STG_EXT.1.4, FAU_STG_EXT.1.5, FAU_STG_EXT.1.6, FCS_SSHS_EXT.1, FCS_SSHS_EXT.1.3, FCS_SSH_EXT.1, FCS_SSH_EXT.1.1, FCS_CKM.1, FCS_CKM, FCS_CKM.2, FCS_CKM.4, FCS_COP, FCS_RBG_EXT.1, FCS_CKM.1.1, FCS_CKM.2.1, FCS_CKM.4.1, FCS_COP.1, FCS_RBG_EXT.1.1, FCS_RBG_EXT.1.2, FCS_SSH_EXT.1.2, FCS_SSH_EXT.1.3, FCS_SSH_EXT.1.4, FCS_SSH_EXT.1.5, FCS_SSH_EXT.1.6, FCS_SSH_EXT.1.7, FCS_SSH_EXT.1.8, FCS_SSHS_EXT.1.1, FCS_SSH_EXT, FDP_RIP.2, FDP_RIP.2.1, FIA_PSK_EXT.3, FIA_PSK_EXT.1.1, FIA_PSK_EXT.1, FIA_UIA_EXT.1.3, FIA_AFL.1, FIA_PMG_EXT.1, FIA_UIA_EXT.1, FIA_UAU.7, FIA_AFL.1.1, FIA_AFL.1.2, FIA_PMG_EXT.1.1, FIA_UIA_EXT.1.1, FIA_UIA_EXT.1.2, FIA_UIA_EXT.1.4, FIA_UAU.7.1, FIA_UAU_EXT.1, FMT_SMF.1.1, FMT_MOF, FMT_MTD, FMT_SMF, FMT_SMF.1, FMT_SMR.2, FMT_MOF.1, FMT_MTD.1, FMT_SMR.2.1, FMT_SMR.2.2, FMT_SMR.2.3, FMT_SMG, FPT_TST_EXT.1, FPT_SKP_EXT.1, FPT_APW_EXT.1, FPT_TST_EXT.3, FPT_STM_EXT.1, FPT_TUD_EXT.1, FPT_FLS, FPT_APW_EXT.1.1, FPT_APW_EXT.1.2, FPT_SKP_EXT.1.1, FPT_STM_EXT.1.1, FPT_STM_EXT.1.2, FPT_TST_EXT.1.1, FPT_TST_EXT.1.2, FPT_TST_EXT.3.1, FPT_TST_EXT.3.2, FPT_TUD_EXT.1.1, FPT_TUD_EXT.1.2, FPT_TUD_EXT.1.3, FPT_FLS.1, FTA_SSL.3, FTA_SSL.4, FTA_SSL_EXT.1, FTA_TAB.1, FTA_SSL_EXT.1.1, FTA_SSL.3.1, FTA_SSL.4.1, FTA_TAB.1.1, FTP_ITC.1, FTP_ITC, FTP_TRP, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3, FTP_TRP.1

Evaluation facilities

Acumen Security

Side-channel analysis

DFA

Certification process

out of scope, over SSH and IPsec). Telnet, File Transfer Protocol (FTP), and Secure Socket Layer (SSL) are out of scope. The TOE includes cryptographic modules that provide the underlying cryptographic services, for NAT traversal) and RFC 4868 for hash functions. IKEv1 aggressive mode is configurable, but out of scope, and hence not to be used Juniper NFX series Network Services Platform with Junos OS 23.4R1 71, key containers to processes with cryptographic rights or shell users with root permission (out of scope as mentioned in Section 1.3.3). FPT_STM_EXT.1 All events recorded by the syslog daemon are

Standards

FIPS PUB 186-5, FIPS 186-5, FIPS PUB 186-4, FIPS186-5, NIST SP 800-186, NIST SP 800-56A, PKCS #1, PKCS 1, RFC 2460, RFC 3526, RFC 4301, RFC 4303, RFC 3602, RFC 4106, RFC 4109, RFC 4868, RFC 7296, RFC 5282, RFC 5114, RFC 4945, RFC 4242, RFC 4256, RFC 4252, RFC 4253, RFC 8332, RFC 5656, RFC 4344, RFC 6668, RFC 5280, RFC 5759, RFC 2986, RFC 791, RFC 8200, RFC 793, RFC 768, RFC 5735, RFC 3513, RFC 792, RFC 2463, RFC3526, RFC 959, ISO/IEC 14888-3, ISO/IEC 9797-, ISO/IEC 9796-2, ISO/IEC 18031:2011, X.509

File metadata

Author	Pratheek Menon
Creation date	D:20251007132138-04'00'
Modification date	D:20251007132138-04'00'
Pages	98
Creator	Microsoft® Word for Microsoft 365
Producer	Microsoft® Word for Microsoft 365

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

Certificate ID

CCEVS-VR-VID-11579-2025

Extracted SARs

ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.1, ASE_REQ.1, ASE_SPD.1, ASE_TSS.1, ATE_IND.1, AVA_VAN.1

Scheme data

Product	Juniper NFX series Network Services Platform with Junos OS 23.4R1
Id	CCEVS-VR-VID11579-2025
Url	https://www.niap-ccevs.org/products/11579
Api Url	https://www.niap-ccevs.org/api/project/product/pcl_products/11579/
Certification Date	01.12.2025
Expiration Date	None
Category	Firewall
Categories	['Firewall', 'Network Device', 'Remote Access', 'Virtual Private Network', 'Wireless Monitoring']
Vendor	HPE Juniper Networking
Evaluation Facility	Acumen Security
Scheme	US
Cert Link	https://www.niap-ccevs.org/api/file/get_public_file/?file_id=36569
Target Link	https://www.niap-ccevs.org/api/file/get_public_file/?file_id=36570
Report Link	https://www.niap-ccevs.org/api/file/get_public_file/?file_id=36571

References

No references are available for this certificate.

Updates Feed

15.12.2025

The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "Network and Network-Related Devices and Systems",
  "cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11579-ci.pdf",
  "dgst": "d7ec02c69e02f572",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "annotated_references": null,
    "cert_id": "CCEVS-VR-VID-11579-2025",
    "cert_lab": [
      "US"
    ],
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "eal": "EAL1",
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_TSS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_ECD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_OBJ",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_REQ",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 1
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "23.4"
      ]
    },
    "indirect_transitive_cves": null,
    "next_certificates": null,
    "prev_certificates": null,
    "protection_profiles": {
      "_type": "Set",
      "elements": [
        "4704bfbdf61ca066",
        "e2ad7e4a892e3703",
        "bde3d7587cf42e78",
        "ed9c9d74c3710878",
        "6448a1802bb874d8"
      ]
    },
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "scheme_data": {
      "api_url": "https://www.niap-ccevs.org/api/project/product/pcl_products/11579/",
      "categories": [
        "Firewall",
        "Network Device",
        "Remote Access",
        "Virtual Private Network",
        "Wireless Monitoring"
      ],
      "category": "Firewall",
      "cert_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=36569",
      "certification_date": "2025-12-01",
      "evaluation_facility": "Acumen Security",
      "expiration_date": null,
      "id": "CCEVS-VR-VID11579-2025",
      "product": "Juniper NFX series Network Services Platform with Junos OS 23.4R1",
      "report_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=36571",
      "scheme": "US",
      "target_link": "https://www.niap-ccevs.org/api/file/get_public_file/?file_id=36570",
      "url": "https://www.niap-ccevs.org/products/11579",
      "vendor": "HPE Juniper Networking"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "HPE Juniper Networking",
  "manufacturer_web": "https://www.juniper.net/",
  "name": "Juniper NFX series Network Services Platform with Junos OS 23.4R1",
  "not_valid_after": "2027-12-01",
  "not_valid_before": "2025-12-01",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "cert_filename": "st_vid11579-ci.pdf",
    "cert_frontpage": null,
    "cert_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "US": {
          "CCEVS-VR-VID11579-2025": 1
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {},
      "cc_security_level": {},
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "SSH": {
          "SSH": 1
        },
        "VPN": {
          "VPN": 1
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "Acumen": {
          "Acumen Security": 1
        }
      },
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {},
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "cert_metadata": {
      "/Producer": "WeasyPrint 62.3",
      "/Title": "VID11579-FINAL CERT",
      "pdf_file_size_bytes": 135112,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 1
    },
    "report_filename": "st_vid11579-vr.pdf",
    "report_frontpage": {
      "US": {
        "cert_id": "CCEVS-VR-VID11579-2025",
        "cert_item": "for the Juniper NFX series Network Services Platform with Junos OS 23.4R1",
        "cert_lab": "US NIAP"
      }
    },
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "US": {
          "CCEVS-VR-VID11579-2025": 1
        }
      },
      "cc_claims": {
        "A": {
          "A.ADMIN_CREDENTIALS_SECURE": 1,
          "A.CONNECTIONS": 2,
          "A.LIMITED_FUNCTIONALITY": 1,
          "A.NO_THRU_TRAFFIC_PROTECTION": 1,
          "A.PHYSICAL_PROTECTION": 1,
          "A.REGULAR_UPDATES": 1,
          "A.RESIDUAL_INFORMATION": 1,
          "A.TRUSTED_ADMINISTRATOR": 1
        },
        "T": {
          "T.DATA": 1,
          "T.MALICIOUS": 1,
          "T.NETWORK_ACCESS": 3,
          "T.NETWORK_DISCLOSURE": 3,
          "T.NETWORK_DOS": 1,
          "T.NETWORK_MISUSE": 3,
          "T.REPLAY_ATTACK": 1,
          "T.SECURITY_FUNCTIONALITY_COMPROMISE": 1,
          "T.SECURITY_FUNCTIONALITY_FAILURE": 1,
          "T.UNAUTHORIZED_ADMINISTRATOR_ACCESS": 1,
          "T.UNDETECTED_ACTIVITY": 1,
          "T.UNTRUSTED_COMMUNICATION_CHANNELS": 1,
          "T.UPDATE_COMPROMISE": 1,
          "T.WEAK_AUTHENTICATION_ENDPOINTS": 1,
          "T.WEAK_CRYPTOGRAPHY": 1
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {},
      "cc_security_level": {},
      "cc_sfr": {},
      "certification_process": {
        "OutOfScope": {
          "out of scope": 1,
          "over SSH and IPsec). Telnet, File Transfer Protocol (FTP), and Secure Socket Layer (SSL) are out of scope. The TOE includes cryptographic modules that provide the underlying cryptographic services": 1
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IKE": {
          "IKEv1": 1,
          "IKEv2": 1
        },
        "IPsec": {
          "IPsec": 7
        },
        "SSH": {
          "SSH": 9,
          "SSHv2": 2
        },
        "TLS": {
          "SSL": {
            "SSL": 2
          }
        },
        "VPN": {
          "VPN": 22
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "Acumen": {
          "Acumen Security": 4
        }
      },
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {},
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "ppatin",
      "/CreationDate": "D:20251204164154-05\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2019",
      "/ModDate": "D:20251204164154-05\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2019",
      "pdf_file_size_bytes": 380994,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 32
    },
    "st_filename": "st_vid11579-st.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 4
          },
          "ECDH": {
            "ECDH": 5
          },
          "ECDSA": {
            "ECDSA": 30
          }
        },
        "FF": {
          "DH": {
            "DH": 16,
            "Diffie-Hellman": 3
          }
        },
        "RSA": {
          "RSA 2048": 4,
          "RSA 4096": 2
        }
      },
      "cc_cert_id": {},
      "cc_claims": {
        "A": {
          "A.ADMIN_CREDENTIALS_SECURE": 1,
          "A.CONNECTIONS": 2,
          "A.LIMITED_FUNCTIONALITY": 1,
          "A.NO_THRU_TRAFFIC_PROTECTION": 1,
          "A.PHYSICAL_PROTECTION": 1,
          "A.REGULAR_UPDATES": 1,
          "A.RESIDUAL_INFORMATION": 1,
          "A.TRUSTED_ADMINISTRATOR": 1
        },
        "O": {
          "O.ADDRESS_FILTERING": 1,
          "O.AUTHENTICATION": 1,
          "O.CRYPTOGRAPHIC_FUNCTIONS": 1,
          "O.FAIL_SECURE": 1,
          "O.IPS_ANALYZE": 1,
          "O.IPS_REACT": 1,
          "O.PORT_FILTERING": 1,
          "O.RESIDUAL_INFORMATION": 1,
          "O.STATEFUL_TRAFFIC_FILTERING": 1,
          "O.SYSTEM_MONITORING": 2,
          "O.TOE_ADMINISTRATION": 2
        },
        "OE": {
          "OE.ADMIN_CREDENTIALS_SECURE": 1,
          "OE.CONNECTIONS": 2,
          "OE.NO_GENERAL_PURPOSE": 1,
          "OE.NO_THRU_TRAFFIC_PROTECTION": 1,
          "OE.PHYSICAL": 1,
          "OE.RESIDUAL_INFORMATION": 1,
          "OE.TRUSTED_ADMN": 1,
          "OE.UPDATES": 1
        },
        "T": {
          "T.DATA": 1,
          "T.MALICIOUS": 1,
          "T.NETWORK_ACCESS": 3,
          "T.NETWORK_DISCLOSURE": 3,
          "T.NETWORK_DOS": 1,
          "T.NETWORK_MISUSE": 3,
          "T.REPLAY_ATTACK": 1,
          "T.SECURITY_FUNCTIONALITY_COMPROMISE": 1,
          "T.SECURITY_FUNCTIONALITY_FAILURE": 1,
          "T.UNAUTHORIZED_ADMINISTRATOR_ACCESS": 1,
          "T.UNDETECTED_ACTIVITY": 1,
          "T.UNTRUSTED_COMMUNICATION_CHANNELS": 1,
          "T.UPDATE_COMPROMISE": 1,
          "T.WEAK_AUTHENTICATION_ENDPOINTS": 1,
          "T.WEAK_CRYPTOGRAPHY": 1
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_FSP.1": 2
        },
        "AGD": {
          "AGD_OPE.1": 2,
          "AGD_PRE.1": 2
        },
        "ALC": {
          "ALC_CMC.1": 2,
          "ALC_CMS.1": 2
        },
        "ASE": {
          "ASE_CCL.1": 1,
          "ASE_ECD.1": 1,
          "ASE_INT.1": 1,
          "ASE_OBJ.1": 1,
          "ASE_REQ.1": 1,
          "ASE_SPD.1": 1,
          "ASE_TSS.1": 1
        },
        "ATE": {
          "ATE_IND.1": 2
        },
        "AVA": {
          "AVA_VAN.1": 2
        }
      },
      "cc_security_level": {},
      "cc_sfr": {
        "FAU": {
          "FAU_GEN": 7,
          "FAU_GEN.1": 10,
          "FAU_GEN.1.1": 2,
          "FAU_GEN.1.2": 2,
          "FAU_GEN.2": 4,
          "FAU_GEN.2.1": 1,
          "FAU_STG_EXT.1": 7,
          "FAU_STG_EXT.1.1": 1,
          "FAU_STG_EXT.1.2": 1,
          "FAU_STG_EXT.1.3": 1,
          "FAU_STG_EXT.1.4": 1,
          "FAU_STG_EXT.1.5": 1,
          "FAU_STG_EXT.1.6": 1
        },
        "FCS": {
          "FCS_CKM": 5,
          "FCS_CKM.1": 6,
          "FCS_CKM.1.1": 1,
          "FCS_CKM.2": 7,
          "FCS_CKM.2.1": 3,
          "FCS_CKM.4": 4,
          "FCS_CKM.4.1": 1,
          "FCS_COP": 21,
          "FCS_COP.1": 4,
          "FCS_RBG_EXT.1": 5,
          "FCS_RBG_EXT.1.1": 1,
          "FCS_RBG_EXT.1.2": 1,
          "FCS_SSHS_EXT.1": 5,
          "FCS_SSHS_EXT.1.1": 1,
          "FCS_SSHS_EXT.1.3": 1,
          "FCS_SSH_EXT": 1,
          "FCS_SSH_EXT.1": 4,
          "FCS_SSH_EXT.1.1": 2,
          "FCS_SSH_EXT.1.2": 1,
          "FCS_SSH_EXT.1.3": 1,
          "FCS_SSH_EXT.1.4": 1,
          "FCS_SSH_EXT.1.5": 1,
          "FCS_SSH_EXT.1.6": 1,
          "FCS_SSH_EXT.1.7": 1,
          "FCS_SSH_EXT.1.8": 1
        },
        "FDP": {
          "FDP_RIP.2": 4,
          "FDP_RIP.2.1": 1
        },
        "FIA": {
          "FIA_AFL.1": 6,
          "FIA_AFL.1.1": 1,
          "FIA_AFL.1.2": 1,
          "FIA_PMG_EXT.1": 4,
          "FIA_PMG_EXT.1.1": 1,
          "FIA_PSK_EXT.1": 1,
          "FIA_PSK_EXT.1.1": 1,
          "FIA_PSK_EXT.3": 4,
          "FIA_UAU.7": 3,
          "FIA_UAU.7.1": 2,
          "FIA_UAU_EXT.1": 1,
          "FIA_UIA_EXT.1": 5,
          "FIA_UIA_EXT.1.1": 1,
          "FIA_UIA_EXT.1.2": 1,
          "FIA_UIA_EXT.1.3": 3,
          "FIA_UIA_EXT.1.4": 1
        },
        "FMT": {
          "FMT_MOF": 12,
          "FMT_MOF.1": 3,
          "FMT_MTD": 8,
          "FMT_MTD.1": 2,
          "FMT_SMF": 15,
          "FMT_SMF.1": 7,
          "FMT_SMF.1.1": 2,
          "FMT_SMG": 1,
          "FMT_SMR.2": 4,
          "FMT_SMR.2.1": 1,
          "FMT_SMR.2.2": 1,
          "FMT_SMR.2.3": 1
        },
        "FPT": {
          "FPT_APW_EXT.1": 4,
          "FPT_APW_EXT.1.1": 1,
          "FPT_APW_EXT.1.2": 1,
          "FPT_FLS": 4,
          "FPT_FLS.1": 1,
          "FPT_SKP_EXT.1": 4,
          "FPT_SKP_EXT.1.1": 1,
          "FPT_STM_EXT.1": 5,
          "FPT_STM_EXT.1.1": 1,
          "FPT_STM_EXT.1.2": 1,
          "FPT_TST_EXT.1": 5,
          "FPT_TST_EXT.1.1": 1,
          "FPT_TST_EXT.1.2": 1,
          "FPT_TST_EXT.3": 4,
          "FPT_TST_EXT.3.1": 1,
          "FPT_TST_EXT.3.2": 1,
          "FPT_TUD_EXT.1": 4,
          "FPT_TUD_EXT.1.1": 1,
          "FPT_TUD_EXT.1.2": 1,
          "FPT_TUD_EXT.1.3": 1
        },
        "FTA": {
          "FTA_SSL.3": 4,
          "FTA_SSL.3.1": 1,
          "FTA_SSL.4": 4,
          "FTA_SSL.4.1": 1,
          "FTA_SSL_EXT.1": 4,
          "FTA_SSL_EXT.1.1": 1,
          "FTA_TAB.1": 5,
          "FTA_TAB.1.1": 1
        },
        "FTP": {
          "FTP_ITC": 4,
          "FTP_ITC.1": 8,
          "FTP_ITC.1.1": 1,
          "FTP_ITC.1.2": 1,
          "FTP_ITC.1.3": 1,
          "FTP_TRP": 4,
          "FTP_TRP.1": 3
        }
      },
      "certification_process": {
        "OutOfScope": {
          "for NAT traversal) and RFC 4868 for hash functions. IKEv1 aggressive mode is configurable, but out of scope, and hence not to be used Juniper NFX series Network Services Platform with Junos OS 23.4R1 71": 1,
          "key containers to processes with cryptographic rights or shell users with root permission (out of scope as mentioned in Section 1.3.3). FPT_STM_EXT.1 All events recorded by the syslog daemon are": 1,
          "out of scope": 3,
          "over SSH and IPsec). Telnet, File Transfer Protocol (FTP), and Secure Socket Layer (SSL) are out of scope. The TOE includes cryptographic modules that provide the underlying cryptographic services": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "CTR": {
          "CTR": 4
        },
        "GCM": {
          "GCM": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 12
        }
      },
      "crypto_protocol": {
        "IKE": {
          "IKE": 21,
          "IKEv1": 24,
          "IKEv2": 22
        },
        "IPsec": {
          "IPsec": 32
        },
        "SSH": {
          "SSH": 79,
          "SSHv2": 14
        },
        "TLS": {
          "DTLS": {
            "DTLS": 1
          },
          "SSL": {
            "SSL": 2
          },
          "TLS": {
            "TLS": 4,
            "TLS 1.2": 1
          }
        },
        "VPN": {
          "VPN": 41
        }
      },
      "crypto_scheme": {
        "KEX": {
          "Key Exchange": 1
        },
        "MAC": {
          "MAC": 2
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 38,
          "P-384": 44,
          "P-521": 26
        }
      },
      "eval_facility": {
        "Acumen": {
          "Acumen Security": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 4
          },
          "SHA2": {
            "SHA-256": 11,
            "SHA-384": 2,
            "SHA-512": 4
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 3
        },
        "RNG": {
          "RBG": 1,
          "RNG": 2
        }
      },
      "side_channel_analysis": {
        "FI": {
          "DFA": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 186-5": 1,
          "FIPS PUB 186-4": 8,
          "FIPS PUB 186-5": 15,
          "FIPS186-5": 8
        },
        "ISO": {
          "ISO/IEC 14888-3": 4,
          "ISO/IEC 18031:2011": 3,
          "ISO/IEC 9796-2": 2,
          "ISO/IEC 9797-": 2
        },
        "NIST": {
          "NIST SP 800-186": 2,
          "NIST SP 800-56A": 2
        },
        "PKCS": {
          "PKCS #1": 4,
          "PKCS 1": 2
        },
        "RFC": {
          "RFC 2460": 1,
          "RFC 2463": 2,
          "RFC 2986": 3,
          "RFC 3513": 2,
          "RFC 3526": 7,
          "RFC 3602": 3,
          "RFC 4106": 1,
          "RFC 4109": 3,
          "RFC 4242": 1,
          "RFC 4252": 1,
          "RFC 4253": 5,
          "RFC 4256": 1,
          "RFC 4301": 2,
          "RFC 4303": 1,
          "RFC 4344": 2,
          "RFC 4868": 6,
          "RFC 4945": 3,
          "RFC 5114": 2,
          "RFC 5280": 5,
          "RFC 5282": 1,
          "RFC 5656": 11,
          "RFC 5735": 2,
          "RFC 5759": 1,
          "RFC 6668": 2,
          "RFC 7296": 3,
          "RFC 768": 3,
          "RFC 791": 3,
          "RFC 792": 2,
          "RFC 793": 3,
          "RFC 8200": 3,
          "RFC 8332": 4,
          "RFC 959": 1,
          "RFC3526": 1
        },
        "X509": {
          "X.509": 7
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 10,
            "AES-": 3
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 8,
            "HMAC-SHA-256": 2,
            "HMAC-SHA-512": 2
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "Pratheek Menon",
      "/CreationDate": "D:20251007132138-04\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId": "ef256a39-bda7-4bec-b254-22822700e2b9",
      "/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ContentBits": "2",
      "/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled": "true",
      "/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Method": "Standard",
      "/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name": "0633b888-ae0d-4341-a75f-06e04137d755",
      "/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate": "2024-02-22T16:03:53Z",
      "/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId": "bea78b3c-4cdb-4130-854a-1d193232e5f4",
      "/ModDate": "D:20251007132138-04\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "pdf_file_size_bytes": 1379959,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=37761",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=37767",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=37760",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=37762",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=37759"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 98
    }
  },
  "protection_profile_links": {
    "_type": "Set",
    "elements": [
      "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pkg_ssh_v1.0.pdf",
      "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_IPS_v1.0.pdf",
      "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_CPP_FW_v1.4e.pdf",
      "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_VPNGW_v1.3.pdf",
      "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/NDcPP_v3_0e.pdf"
    ]
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11579-vr.pdf",
  "scheme": "US",
  "security_level": {
    "_type": "Set",
    "elements": []
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11579-st.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "cert": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "pdf_hash": "7d4b5d58594da9ebb05e2379f8a276e301f65b18bc2ea6cf88cb9221d7156bf0",
      "txt_hash": "8a3680e688bc14243567de0c3fa3b155f9487952b836d65dac6414335144f285"
    },
    "report": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "pdf_hash": "3a5f0007e2c6eb5c970a4eb755dd6062c4ac3cfc100556d391de032e398fa5d7",
      "txt_hash": "faa390ffb87dd4101870042e4fdec335b31ccd94811d20db5d6888a14acec429"
    },
    "st": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "pdf_hash": "8afc48e54e5559f8f98a9b1c0393a74c97c71dde1a947f6b6b624e684a94aa5c",
      "txt_hash": "44e54d23487a2538093517e8345e009de2975789fc3d1356051c6ed8188d924e"
    }
  },
  "status": "active"
}

Sections

Juniper NFX series Network Services Platform with Junos OS 23.4R1

CSV information

Heuristics summary

Certificate

Extracted keywords

Cryptography

Protocols

Common Criteria

Certificates

Evaluation facilities

File metadata

Certification report

Extracted keywords

Cryptography

Protocols

Common Criteria

Claims

Certificates

Evaluation facilities

Security

Certification process

File metadata

Frontpage

Security target

Extracted keywords

Cryptography

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Libraries

Elliptic Curves

Block cipher modes

Common Criteria

Claims

Security Assurance Requirements (SAR)

Security Functional Requirements (SFR)

Evaluation facilities

Security

Side-channel analysis

Certification process

Other

Standards

File metadata

Heuristics

Automated inference - use with caution

Certificate ID

Extracted SARs

Scheme data

References

Updates Feed

Raw data

Toggle raw data