National Information Assurance Partnership
Common Criteria Evaluation and Validation Scheme
Validation Report
for the
Junos OS 19.1R2 for EX2300, EX2300-C and EX3400,
Version Junos OS 19.1R2
Report Number: CCEVS-VR-11025-2020
Dated: 04/27/20
Version: 0.1
National Institute of Standards and Technology National Security Agency
Information Technology Laboratory Information Assurance Directorate
100 Bureau Drive 9800 Savage Road STE 6940
Gaithersburg, MD 20899 Fort George G. Meade, MD 20755-6940
®
TM
2
ACKNOWLEDGEMENTS
Validation Team
Paul Bicknell (Senior Validator)
Jenn Dotson
Sheldon Durrant
Linda Morrison (Lead Validator)
Common Criteria Testing Laboratory
Acumen Security, LLC
Kenneth Lasoski (Lead Evaluator)
Harshada Khandagale (Evaluator)
3
Table of Contents
1 Executive Summary ...........................................................................................................4
2 Identification ......................................................................................................................5
3 Architectural Information .................................................................................................6
4 Security Policy....................................................................................................................7
5 Assumptions, Threats & Clarification of Scope................................................................9
5.1 Assumptions.............................................................................................................................................9
5.2 Threats................................................................................................................................................... 10
5.3 Clarification of Scope............................................................................................................................. 13
6 Documentation .................................................................................................................14
7 TOE Evaluated Configuration ........................................................................................15
7.1 Evaluated Configuration ....................................................................................................................... 15
7.2 Excluded Functionality.......................................................................................................................... 15
8 IT Product Testing...........................................................................................................16
8.1 Developer Testing .................................................................................................................................. 16
8.2 Evaluation Team Independent Testing.................................................................................................. 16
9 Results of the Evaluation .................................................................................................17
9.1 Evaluation of Security Target................................................................................................................ 17
9.2 Evaluation of Development Documentation .......................................................................................... 17
9.3 Evaluation of Guidance Documents ...................................................................................................... 17
9.4 Evaluation of Life Cycle Support Activities .......................................................................................... 17
9.5 Evaluation of Test Documentation and the Test Activity...................................................................... 18
9.6 Vulnerability Assessment Activity......................................................................................................... 18
9.7 Summary of Evaluation Results ............................................................................................................ 18
10 Validator Comments & Recommendations ....................................................................19
11 Annexes ............................................................................................................................20
12 Security Target.................................................................................................................21
13 Glossary............................................................................................................................22
14 Bibliography.....................................................................................................................23
4
1 Executive Summary
This Validation Report (VR) is intended to assist the end user of this product and any security
certification Agent for that end user in determining the suitability of this Information Technology
(IT) product for their environment. End users should review the Security Target (ST), which is
where specific security claims are made, in conjunction with this VR, which describes how those
security claims were tested and evaluated and any restrictions on the evaluated configuration.
Prospective users should carefully read the Assumptions and Clarification of Scope in Section 5
and the Validator Comments in Section 10, where any restrictions on the evaluated configuration
are highlighted.
This report documents the National Information Assurance Partnership (NIAP) assessment of the
evaluation of the Junos OS 19.1R2 for EX2300, EX2300-C and EX3400 Series Target of
Evaluation (TOE). It presents the evaluation results, their justifications, and the conformance
results. This VR is not an endorsement of the TOE by any agency of the U.S. Government and
no warranty of the TOE is either expressed or implied. This VR applies only to the specific
version and configuration of the product as evaluated and documented in the ST.
The evaluation was completed by Acumen Security in April 2020. The information in this report
is largely derived from the Evaluation Technical Report (ETR) and associated test report, all
written by Acumen Security. The evaluation determined that the product is both Common
Criteria Part 2 Extended and Part 3 Conformant and meets the assurance requirements defined in
the U.S. Government Protection Profile for Security Requirements for the collaborative
Protection Profile for Network Devices (NDcPP) version 2.1.
The Target of Evaluation (TOE) identified in this Validation Report has been evaluated at a
NIAP approved Common Criteria Testing Laboratory using the Common Methodology for IT
Security Evaluation (Version 3.1, Rev. 5) for conformance to the Common Criteria for IT
Security Evaluation (Version 3.1, Rev. 5), as interpreted by the Assurance Activities contained in
the collaborative Protection Profile for Network Devices (NDcPP) v2.1. This Validation Report
applies only to the specific version of the TOE as evaluated. The evaluation has been conducted
in accordance with the provisions of the NIAP Common Criteria Evaluation and Validation
Scheme and the conclusions of the testing laboratory in the evaluation technical report are
consistent with the evidence provided.
5
2 Identification
The CCEVS is a joint National Security Agency (NSA) and National Institute of
Standards effort to establish commercial facilities to perform trusted product evaluations.
Under this program, security evaluations are conducted by commercial testing
laboratories called Common Criteria Testing Laboratories (CCTLs). CCTLs evaluate
products against Protection Profile containing Assurance Activities, which are
interpretation of CEM work units specific to the technology described by the PP.
The NIAP Validation Body assigns Validators to monitor the CCTLs to ensure quality
and consistency across evaluations. Developers of information technology products
desiring a security evaluation contract with a CCTL and pay a fee for their product's
evaluation. Upon successful completion of the evaluation, the product is added to NIAP's
Product Compliance List.
Table 1 provides information needed to completely identify the product, including:
 The Target of Evaluation (TOE): the fully qualified identifier of the product as
evaluated.
 The Security Target (ST), describing the security features, claims, and assurances
of the product.
 The conformance result of the evaluation.
 The Protection Profile(s) to which the product is conformant.
 The organizations and individuals participating in the evaluation.
Table 1: Evaluation Identifiers
Item Identifier
Evaluation Scheme United States NIAP Common Criteria Evaluation and Validation Scheme
TOE Junos OS 19.1R2 for EX2300, EX2300-C and EX3400
Protection Profile NDcPP v2.1, September 24, 2018
Security Target Security Target Junos OS 19.1R2 for EX2300, EX2300-C and EX3400, V1.5, April 17,
2020
Evaluation Technical
Report
Evaluation Technical Report for Junos OS 19.1R2 for EX2300, EX2300-C and
EX3400, V1.1, March 31, 2020
CC Version Version 3.1, Revision 5
Conformance Result CC Part 2 Extended and CC Part 3 Conformant
Sponsor Juniper Networks, Inc
Developer Juniper Networks, Inc.
Common Criteria
Testing Lab (CCTL)
Acumen Security
2400 Research Blvd Suite 395
Rockville, MD 20850
CCEVS Validators Paul Bicknell, Jenn Dotson, Sheldon Durrant, Linda Morrison
6
3 Architectural Information
The Target of Evaluation (TOE) is Juniper Networks, Inc. Junos OS 19.1R2 executing on
EX2300, EX2300-C and EX3400 Ethernet Switch.
Juniper Networks EX Series Ethernet Switches provide scalable connectivity for the enterprise
market, including branch offices, campus locations, and data centers. The switches run the
Juniper Networks Junos operating system (Junos OS), which provides Layer 2 and Layer 3
switching, routing, and security services.
The EX switches are secure network devices that protect themselves largely by offering only a
minimal logical interface to the network and attached nodes. Each of the EX switches includes
an ASIC-based Packet Forwarding Engine (PFE) with an integrated CPU to consistently deliver
wire-rate forwarding.
The EX2300, EX2300-C and EX3400 each occupy single rack unit, delivering a compact
solution.
7
4 Security Policy
The TOE provides the security functionality required by NDcPP v2.1, September 24, 2018.
4.1 Security Audit
Junos auditable events are stored in the syslog files on the appliance and can be sent to an
external log server (via Netconf over SSH). The TOE generates audit records for security
relevant events. Audit records include the date and time, event category, event type, username,
and the outcome of the event (success or failure). Local syslog storage limits are configurable
and are monitored. In the event of storage limits being reached the oldest logs will be
overwritten.
4.2 Cryptographic Support
The TOE provides an SSH server to support protected communications for administrators to
establish secure sessions and to connect to external syslog servers. The TOE requires that
applications exchanging information with it are successfully authenticated prior to any exchange
(i.e. applications connecting over SSH). The TOE includes cryptographic modules that provide
the underlying cryptographic services, including key management and protection of stored keys,
algorithms, random bit generation and crypto-administration. The cryptographic modules
provide confidentiality and integrity services for authentication and for protecting
communications with connecting applications.
4.3 Identification and Authentication
The TOE supports Role Based Access Control. All users must be authenticated to the TOE prior
to carrying out any management actions. The TOE supports password-based authentication and
public key-based authentication. Based on the assigned role, a user is granted a set of privileges
to access the system. Administrative users must provide unique identification and authentication
data before any administrative access to the system is granted. Authentication data entered and
stored on the TOE is protected. The TOE can be configured to terminate interactive user sessions
and to present an access banner with warning messages prior to authentication.
4.4 Security Management
The TOE provides a Security Administrator role that is responsible for:
• the configuration and maintenance of cryptographic elements related to the establishment
of secure connections to and from the evaluated product
• the regular review of all audit data;
• initiation of trusted update function;
• all administrative tasks (e.g., creating the security policy).
The devices are managed through a Command Line Interface (CLI). The CLI is accessible
through local (serial) console connection or remote administrative (SSH) session.
8
4.5 Protection of the TSF
The TOE protects all passwords, pre-shared keys, symmetric keys and private keys from
unauthorized disclosure. Passwords are stored using sha256 or sha512. The TOE executes self-
tests during initial start-up to ensure correct operation and enforcement of its security functions.
An administrator can install software updates to the TOE. The TOE internally maintains the date
and time.
4.6 TOE Access
Prior to establishing an administration session with the TOE, a banner is displayed to the user.
The banner messaging is customizable. The TOE will terminate an interactive session after a
period of inactivity. A user can terminate their local CLI session and remote CLI session by
entering exit at the prompt.
4.7 Trusted Path/Trusted Channel
The TOE supports SSH v2 for secure communication to Syslog server. The TOE supports SSH
v2 (remote CLI) for secure remote administration.
9
5 Assumptions, Threats & Clarification of Scope
5.1 Assumptions
The specific conditions listed in the following subsections are assumed to exist in the TOE’s
environment. These assumptions include both practical realities in the development of the TOE
security requirements and the essential environmental conditions on the use of the TOE.
This section describes the assumptions made in identification of the threats and security
requirements for network devices. The network device is not expected to provide assurance in
any of these areas, and as a result, requirements are not included to mitigate the threats
associated.
Assumption Assumption Definition
A.PHYSICAL_PROTECTION The network device is assumed to be physically protected in its
operational environment and not subject to physical attacks
that compromise the security and/or interfere with the device’s
physical interconnections and correct operation. This
protection is assumed to be sufficient to protect the device and
the data it contains. As a result, the cPP will not include any
requirements on physical tamper protection or other physical
attack mitigations. The cPP will not expect the product to
defend against physical access to the device that allows
unauthorized entities to extract data, bypass other controls, or
otherwise manipulate the device.
A.LIMITED_FUNCTIONALITY The device is assumed to provide networking functionality as its
core function and not provide functionality/services that could
be deemed as general purpose computing. For example the
device should not provide computing platform for general
purpose applications (unrelated to networking functionality).
A.NO_THRU_TRAFFIC_PROTECTION A standard/generic network device does not provide any
assurance regarding the protection of traffic that traverses it.
The intent is for the network device to protect data that
originates on or is destined to the device itself, to include
administrative data and audit data. Traffic that is traversing the
network device, destined for another network entity, is not
covered by the ND cPP. It is assumed that this protection will be
covered by cPPs and PP-Modules for particular types of
network devices (e.g., firewall).
A.TRUSTED_ADMINISTRATOR The Security Administrator(s) for the network device are
assumed to be trusted and to act in the best interest of security
for the organization. This includes being appropriately trained,
following policy, and adhering to guidance documentation.
Administrators are trusted to ensure passwords/credentials
10
Assumption Assumption Definition
have sufficient strength and entropy and to lack malicious
intent when administering the device. The network device is
not expected to be capable of defending against a malicious
Administrator that actively works to bypass or compromise the
security of the device.
For TOEs supporting X.509v3 certificate-based authentication,
the Security Administrator(s) are expected to fully validate (e.g.
offline verification) any CA certificate (root CA certificate or
intermediate CA certificate) loaded into the TOE’s trust store
(aka 'root store', ' trusted CA Key Store', or similar) as a trust
anchor prior to use (e.g. offline verification).
A.REGULAR_UPDATES The network device firmware and software is assumed to be
updated by an Administrator on a regular basis in response to
the release of product updates due to known vulnerabilities.
A.ADMIN_CREDENTIALS_SECURE The administrator’s credentials (private key) used to access the
network device are protected by the platform on which they
reside.
A.RESIDUAL_INFORMATION The Administrator must ensure that there is no unauthorized
access possible for sensitive residual information (e.g.
cryptographic keys, keying material, PINs, passwords etc.) on
networking equipment when the equipment is discarded or
removed from its operational environment.
5.2 Threats
The following table lists the threats addressed by the TOE and the IT Environment. The
assumed level of expertise of the attacker for all the threats identified below is Enhanced-Basic.
11
Threat Threat Definition
T.UNAUTHORIZED_ADMINISTRATOR_ACCESS Threat agents may attempt to gain Administrator
access to the network device by nefarious means
such as masquerading as an Administrator to the
device, masquerading as the device to an
Administrator, replaying an administrative session (in
its entirety, or selected portions), or performing
man-in-the-middle attacks, which would provide
access to the administrative session, or sessions
between network devices. Successfully gaining
Administrator access allows malicious actions that
compromise the security functionality of the device
and the network on which it resides.
T.WEAK_CRYPTOGRAPHY Threat agents may exploit weak cryptographic
algorithms or perform a cryptographic exhaust
against the key space. Poorly chosen encryption
algorithms, modes, and key sizes will allow attackers
to compromise the algorithms, or brute force
exhaust the key space and give them unauthorized
access allowing them to read, manipulate and/or
control the traffic with minimal effort.
T.UNTRUSTED_COMMUNICATION_CHANNELS Threat agents may attempt to target network devices
that do not use standardized secure tunneling
protocols to protect the critical network traffic.
Attackers may take advantage of poorly designed
protocols or poor key management to successfully
perform man-in-the-middle attacks, replay attacks,
etc. Successful attacks will result in loss of
confidentiality and integrity of the critical network
traffic, and potentially could lead to a compromise of
the network device itself.
12
Threat Threat Definition
T.WEAK_AUTHENTICATION_ENDPOINTS Threat agents may take advantage of secure
protocols that use weak methods to authenticate the
endpoints – e.g., shared password that is guessable
or transported as plaintext. The consequences are
the same as a poorly designed protocol, the attacker
could masquerade as the Administrator or another
device, and the attacker could insert themselves into
the network stream and perform a man-in-the-
middle attack. The result is the critical network traffic
is exposed and there could be a loss of confidentiality
and integrity, and potentially the network device
itself could be compromised.
T.UPDATE_COMPROMISE Threat agents may attempt to provide a
compromised update of the software or firmware
which undermines the security functionality of the
device. Non-validated updates or updates validated
using non-secure or weak cryptography leave the
update firmware vulnerable to surreptitious
alteration.
T.UNDETECTED_ACTIVITY Threat agents may attempt to access, change, and/or
modify the security functionality of the network
device without Administrator awareness. This could
result in the attacker finding an avenue (e.g.,
misconfiguration, flaw in the product) to compromise
the device and the Administrator would have no
knowledge that the device has been compromised.
T.SECURITY_FUNCTIONALITY_COMPROMISE Threat agents may compromise credentials and
device data enabling continued access to the
network device and its critical data. The compromise
of credentials include replacing existing credentials
with an attacker’s credentials, modifying existing
credentials, or obtaining the administrator or device
credentials for use by the attacker.
13
Threat Threat Definition
T.PASSWORD_CRACKING Threat agents may be able to take advantage of weak
administrative passwords to gain privileged access to
the device. Having privileged access to the device
provides the attacker unfettered access to the
network traffic, and may allow them to take
advantage of any trust relationships with other
network devices.
T.SECURITY_FUNCTIONALITY_FAILURE An external, unauthorized entity could make use of
failed or compromised security functionality and
might therefore subsequently use or abuse security
functions without prior authentication to access,
change or modify device data, critical network traffic
or security functionality of the device.
5.3 Clarification of Scope
All evaluations (and all products) have limitations, as well as potential misconceptions that need
clarifying. This text covers some of the more important limitations and clarifications of this
evaluation. Note that:
 As with any evaluation, this evaluation only shows that the evaluated configuration meets
the security claims made, with a certain level of assurance. The level of assurance for this
evaluation is defined within the NDcPP v2.1.
 Consistent with the expectations of the Protection Profile, this evaluation did not
specifically search for, nor seriously attempt to counter, vulnerabilities that were not
“obvious” or vulnerabilities to objectives not claimed in the ST. The CEM defines an
“obvious” vulnerability as one that is easily exploited with a minimum of understanding
of the TOE, technical sophistication and resources.
 The evaluation of security functionality of the product was limited to the functionality
specified in the claimed PPs. Any additional security related functional capabilities
included in the product were not covered by this evaluation.
14
6 Documentation
The following documents were provided by the vendor with the TOE for evaluation:
 Security Target Junos OS 19.1R2 for EX2300, EX2300-C and EX3400, Version 1.5,
April 17, 2020
 Junos OS Common Criteria Evaluated Configuration Guide for EX2300 and EX3400
Switches, Release 19.1R2, April 13, 2020
15
7 TOE Evaluated Configuration
7.1 Evaluated Configuration
The TOE is the Junos OS 19.1R2 firmware running on the EX2300, EX2300-C, and EX3400
appliances.
The TOE interfaces are comprised of the following:
i. Network interfaces which pass traffic
ii. Management interface through which handle administrative actions.
7.2 Excluded Functionality
 Use of telnet, since it violates the Trusted Path requirement set
 Use of FTP, since it violates the Trusted Path requirement set
 Use of SNMP, since it violates the Trusted Path requirement set
 Use of SSL, including management via J-Web, JUNOScript and JUNOScope, since it
violates the Trusted Path requirement set
16
8 IT Product Testing
This section describes the testing efforts of the developer and the evaluation team. It is derived
from information contained in Evaluation Test Report for Junos OS 19.1R2 EX2300, EX2300-C,
EX3400, which is not publicly available. The Assurance Activities Report provides an overview
of testing and the prescribed assurance activities.
8.1 Developer Testing
No evidence of developer testing is required in the Assurance Activities for this product.
8.2 Evaluation Team Independent Testing
The evaluation team verified the product according the vendor-provided guidance documentation
and ran the tests specified in the NDcPP v2.1. The Independent Testing activity is documented
in the Assurance Activities Report, which is publicly available, and is not duplicated here.
17
9 Results of the Evaluation
The results of the assurance requirements are generally described in this section and are
presented in detail in the proprietary documents: Detailed Test Report (DTR), V1.2, April 17,
2020 and the Evaluation Technical Report (ETR), V1.1, March 31, 2020. The reader of this
document can assume that activities and work units received a passing verdict.
A verdict for an assurance component is determined by the resulting verdicts assigned to the
corresponding evaluator action elements. The evaluation was conducted based upon CC version
3.1 rev 5 and CEM version 3.1 rev 5. The evaluation determined the Junos OS 19.1R2 EX2300,
EX2300-C, EX3400to be Part 2 extended, and meets the SARs contained in the PP. Additionally,
the evaluator performed the Assurance Activities specified in the NDcPP V2.1.
9.1 Evaluation of Security Target
The evaluation team applied each ASE CEM work unit. The ST evaluation ensured the ST
contains a description of the environment in terms of policies and assumptions, a statement of
security requirements claimed to be met by the Junos OS 19.1R2 EX2300, EX2300-C, EX3400,
that are consistent with the Common Criteria, and product security function descriptions that
support the requirements. Additionally, the evaluator performed an assessment of the Assurance
Activities specified in the NDcPP v2.1.
9.2 Evaluation of Development Documentation
The evaluation team applied each ADV CEM work unit. The evaluation team assessed the
design documentation and found it adequate to aid in understanding how the TSF provides the
security functions. The design documentation consists of a functional specification contained in
the Security Target's TOE Summary Specification. Additionally, the evaluator performed the
Assurance Activities specified in the NDcPP v2.1 related to the examination of the information
contained in the TOE Summary Specification.
9.3 Evaluation of Guidance Documents
The evaluation team applied each AGD CEM work unit. The evaluation team ensured the
adequacy of the user guidance in describing how to use the operational TOE. Additionally, the
evaluation team ensured the adequacy of the administrator guidance in describing how to
securely administer the TOE. The guides were assessed during the design and testing phases of
the evaluation to ensure they were complete. Additionally, the evaluator performed the
Assurance Activities specified in the NDcPP v2.1 related to the examination of the information
contained in the operational guidance documents.
9.4 Evaluation of Life Cycle Support Activities
The evaluation team applied each ALC CEM work unit. The evaluation team found
that the TOE was uniquely identified and appropriately labeled.
18
9.5 Evaluation of Test Documentation and the Test Activity
The evaluation team applied each ATE CEM work unit. The evaluation team ran the set of tests
specified by the Assurance Activities in the NDcPP v2.1 and recorded the results in a Test
Report, V1.2, April 17, 2020, summarized in the Evaluation Technical Report and Assurance
Activities Report, V1.1, March 31, 2020.
9.6 Vulnerability Assessment Activity
The evaluation team applied each AVA CEM work unit. The evaluation team performed a public
search for vulnerabilities, performed vulnerability testing and did not discover any issues with
the TOE.
9.7 Summary of Evaluation Results
The evaluation team's assessment of the evaluation evidence demonstrates that the claims in
the ST are met. Additionally, the evaluation team's test activities also demonstrated the
accuracy of the claims in the ST.
The validation team's assessment of the evidence provided by the evaluation team is that it
demonstrates that the evaluation team performed the Assurance Activities in the NDcPP v2.1,
and correctly verified that the product meets the claims in the ST.
19
10 Validator Comments & Recommendations
The validation team notes that the evaluated configuration is dependent upon the TOE being
Configured per the evaluated configuration instructions in the Common Criteria Evaluated
Configuration Guide for EX2300 and EX3400 Switches, Release 19.1R2, April 13, 2020
document.
Please note that the functionality evaluated is scoped exclusively to the security functional
requirements specified in the Security Target. Other functionality included in the product was not
assessed as part of this evaluation. All other functionality provided by the product needs to be
assessed separately and no further conclusions can be drawn about their effectiveness.
20
11 Annexes
Not applicable.
21
12 Security Target
Junos OS 19.1R2 for EX2300, EX2300-C and EX3400 Security Target, V1.5, April 17, 2020.
22
13 Glossary
The following definitions are used throughout this document:
 Common Criteria Testing Laboratory (CCTL). An IT security evaluation facility
accredited by the National Voluntary Laboratory Accreditation Program (NVLAP) and
approved by the CCEVS Validation Body to conduct Common Criteria-based
evaluations.
 Conformance. The ability to demonstrate in an unambiguous way that a given
implementation is correct with respect to the formal model.
 Evaluation. The assessment of an IT product against the Common Criteria using the
Common Criteria Evaluation Methodology to determine whether or not the claims made
are justified; or the assessment of a protection profile against the Common Criteria using
the Common Evaluation Methodology to determine if the Profile is complete, consistent,
technically sound and hence suitable for use as a statement of requirements for one or
more TOEs that may be evaluated.
 Evaluation Evidence. Any tangible resource (information) required from the sponsor or
developer by the evaluator to perform one or more evaluation activities.
 Feature. Part of a product that is either included with the product or can be ordered
separately.
 Target of Evaluation (TOE). A group of IT products configured as an IT system, or an
IT product, and associated documentation that is the subject of a security evaluation
under the CC.
 Validation. The process carried out by the CCEVS Validation Body leading to the issue
of a Common Criteria certificate.
 Validation Body. A governmental organization responsible for carrying out validation
and for overseeing the day-to-day operation of the NIAP Common Criteria Evaluation
and Validation Scheme.
23
14 Bibliography
The Validation Team used the following documents to produce this Validation Report:
1. Common Criteria for Information Technology Security Evaluation - Part 1: Introduction
and general model, Version 3.1 Revision 5.
2. Common Criteria for Information Technology Security Evaluation - Part 2: Security
functional requirements, Version 3.1 Revision 5.
3. Common Criteria for Information Technology Security Evaluation - Part 3: Security
assurance requirements, Version 3.1 Revision 5.
4. Common Evaluation Methodology for Information Technology Security Evaluation,
Version 3.1 Revision 5.
5. Collaborative Protection Profile for Network Devices, Version 2.1, 24 September 2018
(NDcPP21).
6. Junos OS 19.1R2 for EX2300, EX2300-C and EX3400 Security Target, V1.5, April 17,
2020
7. Assurance Activity Report (NDcPP21) for Junos OS 19.1R2 for EX2300, EX2300-C and
EX3400, V2.1, April 17, 2020.
8. Detailed Test Report (NDcPP21) for Junos OS 19.1R2 for EX2300, EX2300-C and
EX3400, V1.2, April 17, 2020.
9. Evaluation Technical Report (NDcPP21) for Junos OS 19.1R2 for EX2300, EX2300-C and
EX3400, V1.1, March 31, 2020
10. Junos OS Common Criteria Evaluated Configuration Guide for EX2300 and EX3400
Switches, Release 19.1R2, April 13, 2020