UTM / NG-Firewall Software Suite (4.3.12.2 (S, M, XL)) ( ANSSI-CC-2023/62 )
CSV information ?
Status | active |
---|---|
Valid from | 28.12.2023 |
Valid until | 08.12.2028 |
Scheme | 🇫🇷 FR |
Manufacturer | Stormshield |
Category | ICs, Smart Cards and Smart Card-Related Devices and Systems |
Security level | EAL4+, ALC_FLR.3 |
Heuristics summary ?
Certificate ?
Extracted keywords
Security level
EAL4, EAL2Security Assurance Requirements (SAR)
ALC_FLR.3Certificates
ANSSI-CC-2023/62Evaluation facilities
OPPIDAFile metadata
Creation date | D:20240213165128+01'00' |
---|---|
Modification date | D:20240213165313+01'00' |
Pages | 2 |
Creator | Acrobat PDFMaker 23 pour Word |
Producer | Adobe PDF Library 23.1.175 |
Certification report ?
Extracted keywords
Symmetric Algorithms
DESSecurity level
EAL4, EAL2, EAL4+, ITSEC E3 ElémentaireSecurity Assurance Requirements (SAR)
ALC_FLR.3, ALC_FLRCertificates
ANSSI-CC-2023/62Evaluation facilities
CESTI, OPPIDAStandards
CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003File metadata
Creation date | D:20240213164647+01'00' |
---|---|
Modification date | D:20240213165310+01'00' |
Pages | 12 |
Creator | Acrobat PDFMaker 23 pour Word |
Producer | Adobe PDF Library 23.1.175 |
Security target ?
Extracted keywords
Symmetric Algorithms
AES, CAST, DES, Blowfish, HMACAsymmetric Algorithms
RSA 2048, ECDH, ECDSA, ECC, Diffie-Hellman, DH, DSAHash functions
SHA-2, SHA2, MD5Schemes
MAC, Key Exchange, Key AgreementProtocols
SSH, SSL, TLS, TLS 1.2, TLS 1.3, IKE, IKEv2, IPsec, VPNLibraries
OpenSSLElliptic Curves
secp256r1, secp384r1, secp521r1, SECP256r1Block cipher modes
CBC, CTR, GCMTLS cipher suites
TLS_DHE_RSA_WITH_AES_128_CBC_SHAJavaCard API constants
SECP256R1Vendor
Microsoft, CiscoSecurity level
EAL4+, EAL4, EAL4 augmentedClaims
O.PCAOA, O.RESIST_AUTH_ADMIN, O.PCFI_FILTERING, O.PCFI_APPLICATION_CONTEXT, O.PCFI_ENCRYPTION, O.IPS_ATTACK_DETECTION, O.LAA_PCFI, O.CRYPTO, O.IPS_RFC_COMPLIANCE, O.LAA_IPS, O.LAA_PCAOA, O.BACKUP_RESTORATION, O.PROTECT_LOGS, O.PROTECT_ADMIN_SESSIONS, T.IP_SPOOFING, T.IMPROPER_USE, T.ILLEGAL_ADMIN, T.ADMIN_USURP, T.ILLEGAL_ADMIN_SESSION, T.AUDIT, OE.PROTECT_APPLIANCES, OE.SUPER_ADMIN, OE.PASSWORD, OE.GOOD_PCFI, OE.CRYPTO_EXT, OE.PERSONNEL, OE.INTERPOSITION, OE.STRICT_USAGE, OE.AUTONOMOUS, OE.PROTECT_WORKSTATIONS, OE.PROTECT_VPN_PEER, OE.PROTECT_VPN_CLIENTS, OE.TIMESTAMPS, OE.REVOCATION_LIST, OE.ENROLLMENT, OE.PROTECT_WORKSTATIO, SASecurity Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_FLR.3, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_DVS.1, ALC_LCD.1, ALC_TAT.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.3, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1Security Functional Requirements (SFR)
FAU_GEN.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_STG.3, FAU_SAA.4, FAU_GEN.2, FAU_GEN.2.1, FAU_SAR.1, FAU_SAR.1.1, FAU_SAR.1.2, FAU_STG.3.1, FAU_SAA.4.1, FAU_SAA.4.2, FAU_SAA.4.3, FAU_ARP.1, FAU_SAA.1, FAU_ARP, FAU_ARP.1.1, FAU_GEN, FCS_TLSC_EXT.1, FCS_TLSC_EXT.1.1, FCS_TLSC_EXT.1.2, FCS_TLSC_EXT.1.5, FCS_COP.1, FCS_CKM.1, FCS_CKM.4, FCS_CKM, FDP_IFC.2.1, FDP_IFC.2, FDP_IFC.2.2, FDP_IFF.1, FDP_IFC.1, FDP_IFC.1.1, FDP_UCT.1, FDP_UIT.1, FDP_UCT.1.1, FDP_UIT.1.1, FDP_UIT.1.2, FDP_ACC.2, FDP_ACC.2.1, FDP_ACC.2.2, FDP_ACC.1, FDP_ITC.1, FDP_ITC.2, FDP_IFF.1.1, FDP_IFF.1.2, FDP_IFF.1.3, FDP_IFF.1.4, FDP_IFF.1.5, FIA_UAU.5, FIA_UID.1, FIA_UAU.5.1, FIA_UAU.5.2, FMT_MTD, FMT_SMR.1, FMT_MOF.1, FMT_MTD.1, FMT_SMF.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_MOF.1.1, FMT_MTD.1.1, FMT_MSA.3, FMT_SMF, FPT_TDC.1, FPT_TDC.1.1, FPT_TDC.1.2, FPT_ITT.1, FPT_ITT.1.1, FPT_STM.1, FTP_TRP.1, FTP_ITT.1, FTP_ITC.1, FTP_TRP.1.1, FTP_TRP.1.2, FTP_TRP.1.3Certificates
CC-01, CC-02, CC-03Certification process
out of scope, protocol, the connection is set up by the web browser on the administration workstation which is out of scope. Likewise the TLS protocol itself is outside the scope of this evaluation. Rationale: the trustedStandards
FIPS PUB 197, FIPS 180-1, FIPS 180-2, FIPS PUB 186-4, PKCS #1, RFC 1349, RFC 792, RFC 3376, RFC 768, RFC 793, RFC 2401, RFC 4303, RFC 3526, RFC 5903, RFC 6932, RFC 4754, RFC 7427, RFC 959, RFC 2577, RFC 2389, RFC 2428, RFC 2616, RFC 2518, RFC 3253, RFC 1034, RFC 1035, RFC 1058, RFC 2453, RFC 2474, RFC 3435, RFC 3261, RFC 3550, RFC 3605, RFC 5246, RFC 8446, RFC 3268, RFC 2631, RFC 5282, RFC 2104, RFC 5639, RFC 4960, RFC 7030, RFC 2986, RFC 5652, RFC 5273, RFC 2818, RFC 6125, RFC 2409, RFC 2246, RFC 3330, RFC 2385, RFC 2817, RFC 6455, RFC 5280, ISO/IEC 14888-3, X.509, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004File metadata
Title | Stormshield Network Security |
---|---|
Subject | UTM / NG-Firewall Software Suite |
Author | Stormshield |
Creation date | D:20230808085705+02'00' |
Modification date | D:20230808085705+02'00' |
Pages | 107 |
Creator | Microsoft® Word 2019 |
Producer | Microsoft® Word 2019 |
Heuristics ?
Extracted SARs
ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_DVS.1, ALC_FLR.3, ALC_LCD.1, ALC_TAT.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, ATE_COV.2, ATE_DPT.1, ATE_FUN.1, ATE_IND.2, AVA_VAN.3Similar certificates
Scheme data ?
Product | UTM / NG-Firewall Software Suite version 4.3.12.2 (S, M, XL) | |
---|---|---|
Url | https://cyber.gouv.fr/produits-certifies/utm-ng-firewall-software-suite-version-43122-s-m-xl | |
Description | Le produit évalué est « UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL » développé par STORMSHIELD et exécuté par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20. Ce produit permet d’interconnecter un ou plusieurs réseaux de confiance via un réseau non maitrisé sans dégrader le niveau de confia | |
Sponsor | STORMSHIELD | |
Developer | STORMSHIELD | |
Cert Id | ANSSI-CC-2023/62 | |
Level | EAL4+ | |
Expiration Date | 08.12.2028 | |
Enhanced | ||
Cert Id | ANSSI-CC-2023/62 | |
Certification Date | 08.12.2023 | |
Expiration Date | 08.12.2028 | |
Category | Produits réseau | |
Cc Version | Critères Communs version 3.1r5 | |
Developer | STORMSHIELD | |
Sponsor | STORMSHIELD | |
Evaluation Facility | OPPIDA | |
Level | EAL4+ | |
Protection Profile | ||
Mutual Recognition | CCRA SOG-IS | |
Augmented | ALC_FLR.3 | |
Report Link | https://cyber.gouv.fr/sites/default/files/document_type/ANSSI-CC-2023_62fr.pdf | |
Cert Link | https://cyber.gouv.fr/sites/default/files/document_type/certificat-CC-2023_62fr.pdf |
References ?
No references are available for this certificate.
Updates ?
-
16.12.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
{'product': 'UTM / NG-Firewall Software Suite version 4.3.12.2 (S, M, XL)', 'url': 'https://cyber.gouv.fr/produits-certifies/utm-ng-firewall-software-suite-version-43122-s-m-xl', 'description': 'Le produit évalué est « UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL » développé par STORMSHIELD et exécuté par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20. Ce produit permet d’interconnecter un ou plusieurs réseaux de confiance via un réseau non maitrisé sans dégrader le niveau de confia', 'sponsor': 'STORMSHIELD', 'developer': 'STORMSHIELD', 'cert_id': 'ANSSI-CC-2023/62', 'level': 'EAL4+', 'expiration_date': '2028-12-08', 'enhanced': {'cert_id': 'ANSSI-CC-2023/62', 'certification_date': '2023-12-08', 'expiration_date': '2028-12-08', 'category': 'Produits réseau', 'cc_version': 'Critères Communs version 3.1r5', 'developer': 'STORMSHIELD', 'sponsor': 'STORMSHIELD', 'evaluation_facility': 'OPPIDA', 'level': 'EAL4+', 'protection_profile': '', 'mutual_recognition': 'CCRA SOG-IS', 'augmented': 'ALC_FLR.3', 'report_link': 'https://cyber.gouv.fr/sites/default/files/document_type/ANSSI-CC-2023_62fr.pdf', 'cert_link': 'https://cyber.gouv.fr/sites/default/files/document_type/certificat-CC-2023_62fr.pdf'}}
.
- The scheme_data property was set to
-
09.12.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
None
.
- The scheme_data property was set to
-
21.11.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'prev_certificates': [], 'next_certificates': []}
.
- The following values were inserted:
-
09.11.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was updated, with the
{'description': 'Le produit évalué est « UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL » développé par STORMSHIELD et exécuté par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20. Ce produit permet d’interconnecter un ou plusieurs réseaux de confiance via un réseau non maitrisé sans dégrader le niveau de confia', 'expiration_date': '2028-12-08', 'enhanced': {'__update__': {'certification_date': '2023-12-08', 'expiration_date': '2028-12-08', 'mutual_recognition': 'CCRA SOG-IS'}}}
data.
- The scheme_data property was updated, with the
-
14.10.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
{'product': 'UTM / NG-Firewall Software Suite version 4.3.12.2 (S, M, XL)', 'url': 'https://cyber.gouv.fr/produits-certifies/utm-ng-firewall-software-suite-version-43122-s-m-xl', 'description': 'Le produit évalué est « UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL » développé par STORMSHIELD et exécuté par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20.\nCe produit permet d’interconnecter un ou plusieurs réseaux de confiance via un réseau non maitrisé sans dégrader le niveau de confia', 'sponsor': 'STORMSHIELD', 'developer': 'STORMSHIELD', 'cert_id': 'ANSSI-CC-2023/62', 'level': 'EAL4+', 'expiration_date': '8 Décembre 2028', 'enhanced': {'cert_id': 'ANSSI-CC-2023/62', 'certification_date': '08/12/2023', 'expiration_date': '08/12/2028', 'category': 'Produits réseau', 'cc_version': 'Critères Communs version 3.1r5', 'developer': 'STORMSHIELD', 'sponsor': 'STORMSHIELD', 'evaluation_facility': 'OPPIDA', 'level': 'EAL4+', 'protection_profile': '', 'mutual_recognition': 'CCRA\n SOG-IS', 'augmented': 'ALC_FLR.3', 'report_link': 'https://cyber.gouv.fr/sites/default/files/document_type/ANSSI-CC-2023_62fr.pdf', 'cert_link': 'https://cyber.gouv.fr/sites/default/files/document_type/certificat-CC-2023_62fr.pdf'}}
.
- The scheme_data property was set to
-
02.09.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
None
.
- The scheme_data property was set to
-
22.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The st property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'fa26554638022558de53c799e0bb03b7cafa6ff24fcd0de9d9fd352d2322de5d', 'txt_hash': 'dd6ddb4099b283081812eaf899ba6cd78ef66beca43778a780d267b716318cbe'}
data. - The cert property was updated, with the
{'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '73901ace86a65e05980310126626f564e5d1208e0ab7a1fc6d51141dd2b992b4', 'txt_hash': '6b7c3a22ce5c56ff9a90aeb0c8a8abc3c3073a19399f1484bb34514272d38a7c'}
data.
The PDF extraction data was updated.
- The st_metadata property was set to
{'pdf_file_size_bytes': 2008885, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 107, '/Title': 'Stormshield Network Security', '/Author': 'Stormshield', '/Subject': 'UTM / NG-Firewall Software Suite', '/Creator': 'Microsoft® Word 2019', '/CreationDate': "D:20230808085705+02'00'", '/ModDate': "D:20230808085705+02'00'", '/Producer': 'Microsoft® Word 2019', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}
. - The cert_metadata property was set to
{'pdf_file_size_bytes': 130702, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 2, '/CreationDate': "D:20240213165128+01'00'", '/Creator': 'Acrobat PDFMaker 23 pour Word', '/Keywords': '', '/ModDate': "D:20240213165313+01'00'", '/Producer': 'Adobe PDF Library 23.1.175', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}
. - The st_keywords property was set to
{'cc_cert_id': {'NL': {'CC-01': 3, 'CC-02': 6, 'CC-03': 4}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4+': 2, 'EAL4': 28, 'EAL4 augmented': 2}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 1, 'ADV_FSP.4': 1, 'ADV_IMP.1': 1, 'ADV_TDS.3': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_FLR.3': 6, 'ALC_CMC.4': 1, 'ALC_CMS.4': 1, 'ALC_DEL.1': 1, 'ALC_DVS.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.1': 1}, 'ATE': {'ATE_COV.2': 1, 'ATE_DPT.1': 1, 'ATE_FUN.1': 1, 'ATE_IND.2': 1}, 'AVA': {'AVA_VAN.3': 1}, 'ASE': {'ASE_CCL.1': 1, 'ASE_ECD.1': 1, 'ASE_INT.1': 1, 'ASE_OBJ.2': 1, 'ASE_REQ.2': 3, 'ASE_SPD.1': 1, 'ASE_TSS.1': 1}}, 'cc_sfr': {'FAU': {'FAU_GEN.1': 6, 'FAU_GEN.1.1': 2, 'FAU_GEN.1.2': 4, 'FAU_STG.3': 7, 'FAU_SAA.4': 9, 'FAU_GEN.2': 6, 'FAU_GEN.2.1': 2, 'FAU_SAR.1': 7, 'FAU_SAR.1.1': 2, 'FAU_SAR.1.2': 2, 'FAU_STG.3.1': 2, 'FAU_SAA.4.1': 4, 'FAU_SAA.4.2': 2, 'FAU_SAA.4.3': 3, 'FAU_ARP.1': 7, 'FAU_SAA.1': 1, 'FAU_ARP': 2, 'FAU_ARP.1.1': 1, 'FAU_GEN': 4}, 'FCS': {'FCS_TLSC_EXT.1': 25, 'FCS_TLSC_EXT.1.1': 3, 'FCS_TLSC_EXT.1.2': 3, 'FCS_TLSC_EXT.1.5': 3, 'FCS_COP.1': 61, 'FCS_CKM.1': 24, 'FCS_CKM.4': 19, 'FCS_CKM': 1}, 'FDP': {'FDP_IFC.2.1': 3, 'FDP_IFC.2': 6, 'FDP_IFC.2.2': 2, 'FDP_IFF.1': 29, 'FDP_IFC.1': 10, 'FDP_IFC.1.1': 2, 'FDP_UCT.1': 12, 'FDP_UIT.1': 12, 'FDP_UCT.1.1': 2, 'FDP_UIT.1.1': 2, 'FDP_UIT.1.2': 2, 'FDP_ACC.2': 6, 'FDP_ACC.2.1': 2, 'FDP_ACC.2.2': 2, 'FDP_ACC.1': 2, 'FDP_ITC.1': 8, 'FDP_ITC.2': 8, 'FDP_IFF.1.1': 2, 'FDP_IFF.1.2': 2, 'FDP_IFF.1.3': 2, 'FDP_IFF.1.4': 2, 'FDP_IFF.1.5': 2}, 'FIA': {'FIA_UAU.5': 77, 'FIA_UID.1': 2, 'FIA_UAU.5.1': 5, 'FIA_UAU.5.2': 5}, 'FMT': {'FMT_MTD': 23, 'FMT_SMR.1': 8, 'FMT_MOF.1': 10, 'FMT_MTD.1': 11, 'FMT_SMF.1': 12, 'FMT_SMF.1.1': 2, 'FMT_SMR.1.1': 3, 'FMT_SMR.1.2': 4, 'FMT_MOF.1.1': 3, 'FMT_MTD.1.1': 3, 'FMT_MSA.3': 2, 'FMT_SMF': 1}, 'FPT': {'FPT_TDC.1': 8, 'FPT_TDC.1.1': 2, 'FPT_TDC.1.2': 2, 'FPT_ITT.1': 10, 'FPT_ITT.1.1': 2, 'FPT_STM.1': 1}, 'FTP': {'FTP_TRP.1': 74, 'FTP_ITT.1': 1, 'FTP_ITC.1': 2, 'FTP_TRP.1.1': 5, 'FTP_TRP.1.2': 5, 'FTP_TRP.1.3': 5}}, 'cc_claims': {'O': {'O.PCAOA': 13, 'O.RESIST_AUTH_ADMIN': 6, 'O.PCFI_FILTERING': 7, 'O.PCFI_APPLICATION_CONTEXT': 4, 'O.PCFI_ENCRYPTION': 18, 'O.IPS_ATTACK_DETECTION': 8, 'O.LAA_PCFI': 6, 'O.CRYPTO': 6, 'O.IPS_RFC_COMPLIANCE': 7, 'O.LAA_IPS': 8, 'O.LAA_PCAOA': 12, 'O.BACKUP_RESTORATION': 6, 'O.PROTECT_LOGS': 6, 'O.PROTECT_ADMIN_SESSIONS': 6}, 'T': {'T.IP_SPOOFING': 5, 'T.IMPROPER_USE': 11, 'T.ILLEGAL_ADMIN': 18, 'T.ADMIN_USURP': 3, 'T.ILLEGAL_ADMIN_SESSION': 4, 'T.AUDIT': 2}, 'OE': {'OE.PROTECT_APPLIANCES': 3, 'OE.SUPER_ADMIN': 3, 'OE.PASSWORD': 3, 'OE.GOOD_PCFI': 3, 'OE.CRYPTO_EXT': 4, 'OE.PERSONNEL': 3, 'OE.INTERPOSITION': 4, 'OE.STRICT_USAGE': 3, 'OE.AUTONOMOUS': 3, 'OE.PROTECT_WORKSTATIONS': 2, 'OE.PROTECT_VPN_PEER': 3, 'OE.PROTECT_VPN_CLIENTS': 3, 'OE.TIMESTAMPS': 4, 'OE.REVOCATION_LIST': 3, 'OE.ENROLLMENT': 3, 'OE.PROTECT_WORKSTATIO': 1}, 'SA': {'SA': 2}}, 'vendor': {'Microsoft': {'Microsoft': 2}, 'Cisco': {'Cisco': 1}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 18}, 'CAST': {'CAST': 1}}, 'DES': {'DES': {'DES': 2}}, 'miscellaneous': {'Blowfish': {'Blowfish': 1}}, 'constructions': {'MAC': {'HMAC': 4}}}, 'asymmetric_crypto': {'RSA': {'RSA 2048': 2}, 'ECC': {'ECDH': {'ECDH': 5}, 'ECDSA': {'ECDSA': 11}, 'ECC': {'ECC': 1}}, 'FF': {'DH': {'Diffie-Hellman': 11, 'DH': 6}, 'DSA': {'DSA': 4}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA-2': 2, 'SHA2': 9}}, 'MD': {'MD5': {'MD5': 1}}}, 'crypto_scheme': {'MAC': {'MAC': 1}, 'KEX': {'Key Exchange': 4}, 'KA': {'Key Agreement': 1}}, 'crypto_protocol': {'SSH': {'SSH': 2}, 'TLS': {'SSL': {'SSL': 2}, 'TLS': {'TLS': 65, 'TLS 1.2': 4, 'TLS 1.3': 5}}, 'IKE': {'IKE': 46, 'IKEv2': 11}, 'IPsec': {'IPsec': 1}, 'VPN': {'VPN': 98}}, 'randomness': {}, 'cipher_mode': {'CBC': {'CBC': 1}, 'CTR': {'CTR': 4}, 'GCM': {'GCM': 4}}, 'ecc_curve': {'NIST': {'secp256r1': 7, 'secp384r1': 7, 'secp521r1': 5, 'SECP256r1': 1}}, 'crypto_engine': {}, 'tls_cipher_suite': {'TLS': {'TLS_DHE_RSA_WITH_AES_128_CBC_SHA': 1}}, 'crypto_library': {'OpenSSL': {'OpenSSL': 1}}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS PUB 197': 1, 'FIPS 180-1': 1, 'FIPS 180-2': 1, 'FIPS PUB 186-4': 1}, 'PKCS': {'PKCS #1': 1}, 'RFC': {'RFC 1349': 1, 'RFC 792': 1, 'RFC 3376': 1, 'RFC 768': 1, 'RFC 793': 1, 'RFC 2401': 2, 'RFC 4303': 1, 'RFC 3526': 1, 'RFC 5903': 1, 'RFC 6932': 1, 'RFC 4754': 1, 'RFC 7427': 1, 'RFC 959': 1, 'RFC 2577': 1, 'RFC 2389': 1, 'RFC 2428': 1, 'RFC 2616': 1, 'RFC 2518': 1, 'RFC 3253': 1, 'RFC 1034': 1, 'RFC 1035': 1, 'RFC 1058': 1, 'RFC 2453': 1, 'RFC 2474': 1, 'RFC 3435': 1, 'RFC 3261': 1, 'RFC 3550': 1, 'RFC 3605': 1, 'RFC 5246': 6, 'RFC 8446': 5, 'RFC 3268': 1, 'RFC 2631': 1, 'RFC 5282': 1, 'RFC 2104': 1, 'RFC 5639': 1, 'RFC 4960': 1, 'RFC 7030': 17, 'RFC 2986': 4, 'RFC 5652': 1, 'RFC 5273': 1, 'RFC 2818': 5, 'RFC 6125': 3, 'RFC 2409': 2, 'RFC 2246': 1, 'RFC 3330': 1, 'RFC 2385': 1, 'RFC 2817': 1, 'RFC 6455': 1, 'RFC 5280': 1}, 'ISO': {'ISO/IEC 14888-3': 1}, 'X509': {'X.509': 27}, 'CC': {'CCMB-2017-04-001': 1, 'CCMB-2017-04-002': 1, 'CCMB-2017-04-003': 1, 'CCMB-2017-04-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {'curves': {'SECP256R1': 1}}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'protocol, the connection is set up by the web browser on the administration workstation which is out of scope. Likewise the TLS protocol itself is outside the scope of this evaluation. Rationale: the trusted': 1}}}
. - The cert_keywords property was set to
{'cc_cert_id': {'FR': {'ANSSI-CC-2023/62': 2}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL4': 1, 'EAL2': 1}}, 'cc_sar': {'ALC': {'ALC_FLR.3': 2}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {'OPPIDA': {'OPPIDA': 2}}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}
. - The st_filename property was set to
ANSSI-cible-2023_62en.pdf
. - The cert_filename property was set to
certificat-CC-2023_62fr.pdf
.
The computed heuristics were updated.
- The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}]}
values added.
- The st property was updated, with the
-
17.08.2024 The certificate data changed.
Certificate changed
The report_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2023_62fr.pdf
.
The st_link was updated.
- The new value is
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-cible-2023_62en.pdf
.
The state of the certificate object was updated.
- The cert property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}
data.
The PDF extraction data was updated.
- The cert_metadata property was set to
None
. - The cert_keywords property was set to
None
. - The cert_filename property was set to
None
.
- The new value is
-
12.08.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The st property was updated, with the
{'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None}
data.
The PDF extraction data was updated.
- The st_metadata property was set to
None
. - The st_keywords property was set to
None
. - The st_filename property was set to
None
.
The computed heuristics were updated.
- The extracted_sars property was updated, with the
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}]}
values discarded. - The scheme_data property was set to
{'product': 'UTM / NG-Firewall Software Suite version 4.3.12.2 (S, M, XL)', 'url': 'https://cyber.gouv.fr/produits-certifies/utm-ng-firewall-software-suite-version-43122-s-m-xl', 'description': 'Le produit évalué est « UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL » développé par STORMSHIELD et exécuté par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20.\nCe produit permet d’interconnecter un ou plusieurs réseaux de confiance via un réseau non maitrisé sans dégrader le niveau de confia', 'sponsor': 'STORMSHIELD', 'developer': 'STORMSHIELD', 'cert_id': 'ANSSI-CC-2023/62', 'level': 'EAL4+', 'expiration_date': '8 Décembre 2028', 'enhanced': {'cert_id': 'ANSSI-CC-2023/62', 'certification_date': '08/12/2023', 'expiration_date': '08/12/2028', 'category': 'Produits réseau', 'cc_version': 'Critères Communs version 3.1r5', 'developer': 'STORMSHIELD', 'sponsor': 'STORMSHIELD', 'evaluation_facility': 'OPPIDA', 'level': 'EAL4+', 'protection_profile': '', 'mutual_recognition': 'CCRA\n SOG-IS', 'augmented': 'ALC_FLR.3', 'report_link': 'https://cyber.gouv.fr/sites/default/files/document_type/ANSSI-CC-2023_62fr.pdf', 'cert_link': 'https://cyber.gouv.fr/sites/default/files/document_type/certificat-CC-2023_62fr.pdf'}}
.
- The st property was updated, with the
-
31.07.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The scheme_data property was set to
None
.
- The scheme_data property was set to
-
23.07.2024 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name UTM / NG-Firewall Software Suite (4.3.12.2 (S, M, XL)) ( ANSSI-CC-2023/62 ) was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/certificat-CC-2023_62fr.pdf",
"dgst": "91aa10edaf1efbcf",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "ANSSI-CC-2023/62",
"cert_lab": null,
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_REQ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_FUN",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_COV",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_CCL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_IND",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_INT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_TSS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_OBJ",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_SPD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ASE_ECD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMC",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 1
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"4.3.12.2"
]
},
"indirect_transitive_cves": null,
"next_certificates": [],
"prev_certificates": [],
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"scheme_data": {
"cert_id": "ANSSI-CC-2023/62",
"description": "Le produit \u00e9valu\u00e9 est \u00ab UTM / NG-Firewall Software Suite, 4.3.12.2 (S, M, XL \u00bb d\u00e9velopp\u00e9 par STORMSHIELD et ex\u00e9cut\u00e9 par les appliances STORMSHIELD suivantes : SN210, SN310, SN510, SN710, SN910, SN1100, SN2000, SN2100, SN3000, SN3100, SN6000, SN6100, SNi40, et SNi20. Ce produit permet d\u2019interconnecter un ou plusieurs r\u00e9seaux de confiance via un r\u00e9seau non maitris\u00e9 sans d\u00e9grader le niveau de confia",
"developer": "STORMSHIELD",
"enhanced": {
"augmented": "ALC_FLR.3",
"category": "Produits r\u00e9seau",
"cc_version": "Crit\u00e8res Communs version 3.1r5",
"cert_id": "ANSSI-CC-2023/62",
"cert_link": "https://cyber.gouv.fr/sites/default/files/document_type/certificat-CC-2023_62fr.pdf",
"certification_date": "2023-12-08",
"developer": "STORMSHIELD",
"evaluation_facility": "OPPIDA",
"expiration_date": "2028-12-08",
"level": "EAL4+",
"mutual_recognition": "CCRA SOG-IS",
"protection_profile": "",
"report_link": "https://cyber.gouv.fr/sites/default/files/document_type/ANSSI-CC-2023_62fr.pdf",
"sponsor": "STORMSHIELD"
},
"expiration_date": "2028-12-08",
"level": "EAL4+",
"product": "UTM / NG-Firewall Software Suite version 4.3.12.2 (S, M, XL)",
"sponsor": "STORMSHIELD",
"url": "https://cyber.gouv.fr/produits-certifies/utm-ng-firewall-software-suite-version-43122-s-m-xl"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "Stormshield",
"manufacturer_web": "https://www.stormshield.eu/",
"name": "UTM / NG-Firewall Software Suite (4.3.12.2 (S, M, XL)) ( ANSSI-CC-2023/62 )",
"not_valid_after": "2028-12-08",
"not_valid_before": "2023-12-28",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": "certificat-CC-2023_62fr.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"FR": {
"ANSSI-CC-2023/62": 2
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {
"ALC": {
"ALC_FLR.3": 2
}
},
"cc_security_level": {
"EAL": {
"EAL2": 1,
"EAL4": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"OPPIDA": {
"OPPIDA": 2
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": {
"/CreationDate": "D:20240213165128+01\u002700\u0027",
"/Creator": "Acrobat PDFMaker 23 pour Word",
"/Keywords": "",
"/ModDate": "D:20240213165313+01\u002700\u0027",
"/Producer": "Adobe PDF Library 23.1.175",
"pdf_file_size_bytes": 130702,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 2
},
"report_filename": "ANSSI-CC-2023_62fr.pdf",
"report_frontpage": {
"FR": {}
},
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"FR": {
"ANSSI-CC-2023/62": 2
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {
"ALC": {
"ALC_FLR": 1,
"ALC_FLR.3": 3
}
},
"cc_security_level": {
"EAL": {
"EAL2": 3,
"EAL4": 2,
"EAL4+": 1
},
"ITSEC": {
"ITSEC E3 El\u00e9mentaire": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"CESTI": {
"CESTI": 1
},
"OPPIDA": {
"OPPIDA": 1
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2017-04-001": 1,
"CCMB-2017-04-002": 1,
"CCMB-2017-04-003": 1
}
},
"symmetric_crypto": {
"DES": {
"DES": {
"DES": 1
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/CreationDate": "D:20240213164647+01\u002700\u0027",
"/Creator": "Acrobat PDFMaker 23 pour Word",
"/Keywords": "",
"/ModDate": "D:20240213165310+01\u002700\u0027",
"/Producer": "Adobe PDF Library 23.1.175",
"pdf_file_size_bytes": 328180,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"mailto:[email protected]",
"http://www.sogis.eu/",
"http://www.ssi.gouv.fr/",
"http://www.commoncriteriaportal.org/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 12
},
"st_filename": "ANSSI-cible-2023_62en.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDH": {
"ECDH": 5
},
"ECDSA": {
"ECDSA": 11
}
},
"FF": {
"DH": {
"DH": 6,
"Diffie-Hellman": 11
},
"DSA": {
"DSA": 4
}
},
"RSA": {
"RSA 2048": 2
}
},
"cc_cert_id": {
"NL": {
"CC-01": 3,
"CC-02": 6,
"CC-03": 4
}
},
"cc_claims": {
"O": {
"O.BACKUP_RESTORATION": 6,
"O.CRYPTO": 6,
"O.IPS_ATTACK_DETECTION": 8,
"O.IPS_RFC_COMPLIANCE": 7,
"O.LAA_IPS": 8,
"O.LAA_PCAOA": 12,
"O.LAA_PCFI": 6,
"O.PCAOA": 13,
"O.PCFI_APPLICATION_CONTEXT": 4,
"O.PCFI_ENCRYPTION": 18,
"O.PCFI_FILTERING": 7,
"O.PROTECT_ADMIN_SESSIONS": 6,
"O.PROTECT_LOGS": 6,
"O.RESIST_AUTH_ADMIN": 6
},
"OE": {
"OE.AUTONOMOUS": 3,
"OE.CRYPTO_EXT": 4,
"OE.ENROLLMENT": 3,
"OE.GOOD_PCFI": 3,
"OE.INTERPOSITION": 4,
"OE.PASSWORD": 3,
"OE.PERSONNEL": 3,
"OE.PROTECT_APPLIANCES": 3,
"OE.PROTECT_VPN_CLIENTS": 3,
"OE.PROTECT_VPN_PEER": 3,
"OE.PROTECT_WORKSTATIO": 1,
"OE.PROTECT_WORKSTATIONS": 2,
"OE.REVOCATION_LIST": 3,
"OE.STRICT_USAGE": 3,
"OE.SUPER_ADMIN": 3,
"OE.TIMESTAMPS": 4
},
"SA": {
"SA": 2
},
"T": {
"T.ADMIN_USURP": 3,
"T.AUDIT": 2,
"T.ILLEGAL_ADMIN": 18,
"T.ILLEGAL_ADMIN_SESSION": 4,
"T.IMPROPER_USE": 11,
"T.IP_SPOOFING": 5
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC.1": 1,
"ADV_FSP.4": 1,
"ADV_IMP.1": 1,
"ADV_TDS.3": 1
},
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMC.4": 1,
"ALC_CMS.4": 1,
"ALC_DEL.1": 1,
"ALC_DVS.1": 1,
"ALC_FLR.3": 6,
"ALC_LCD.1": 1,
"ALC_TAT.1": 1
},
"ASE": {
"ASE_CCL.1": 1,
"ASE_ECD.1": 1,
"ASE_INT.1": 1,
"ASE_OBJ.2": 1,
"ASE_REQ.2": 3,
"ASE_SPD.1": 1,
"ASE_TSS.1": 1
},
"ATE": {
"ATE_COV.2": 1,
"ATE_DPT.1": 1,
"ATE_FUN.1": 1,
"ATE_IND.2": 1
},
"AVA": {
"AVA_VAN.3": 1
}
},
"cc_security_level": {
"EAL": {
"EAL4": 28,
"EAL4 augmented": 2,
"EAL4+": 2
}
},
"cc_sfr": {
"FAU": {
"FAU_ARP": 2,
"FAU_ARP.1": 7,
"FAU_ARP.1.1": 1,
"FAU_GEN": 4,
"FAU_GEN.1": 6,
"FAU_GEN.1.1": 2,
"FAU_GEN.1.2": 4,
"FAU_GEN.2": 6,
"FAU_GEN.2.1": 2,
"FAU_SAA.1": 1,
"FAU_SAA.4": 9,
"FAU_SAA.4.1": 4,
"FAU_SAA.4.2": 2,
"FAU_SAA.4.3": 3,
"FAU_SAR.1": 7,
"FAU_SAR.1.1": 2,
"FAU_SAR.1.2": 2,
"FAU_STG.3": 7,
"FAU_STG.3.1": 2
},
"FCS": {
"FCS_CKM": 1,
"FCS_CKM.1": 24,
"FCS_CKM.4": 19,
"FCS_COP.1": 61,
"FCS_TLSC_EXT.1": 25,
"FCS_TLSC_EXT.1.1": 3,
"FCS_TLSC_EXT.1.2": 3,
"FCS_TLSC_EXT.1.5": 3
},
"FDP": {
"FDP_ACC.1": 2,
"FDP_ACC.2": 6,
"FDP_ACC.2.1": 2,
"FDP_ACC.2.2": 2,
"FDP_IFC.1": 10,
"FDP_IFC.1.1": 2,
"FDP_IFC.2": 6,
"FDP_IFC.2.1": 3,
"FDP_IFC.2.2": 2,
"FDP_IFF.1": 29,
"FDP_IFF.1.1": 2,
"FDP_IFF.1.2": 2,
"FDP_IFF.1.3": 2,
"FDP_IFF.1.4": 2,
"FDP_IFF.1.5": 2,
"FDP_ITC.1": 8,
"FDP_ITC.2": 8,
"FDP_UCT.1": 12,
"FDP_UCT.1.1": 2,
"FDP_UIT.1": 12,
"FDP_UIT.1.1": 2,
"FDP_UIT.1.2": 2
},
"FIA": {
"FIA_UAU.5": 77,
"FIA_UAU.5.1": 5,
"FIA_UAU.5.2": 5,
"FIA_UID.1": 2
},
"FMT": {
"FMT_MOF.1": 10,
"FMT_MOF.1.1": 3,
"FMT_MSA.3": 2,
"FMT_MTD": 23,
"FMT_MTD.1": 11,
"FMT_MTD.1.1": 3,
"FMT_SMF": 1,
"FMT_SMF.1": 12,
"FMT_SMF.1.1": 2,
"FMT_SMR.1": 8,
"FMT_SMR.1.1": 3,
"FMT_SMR.1.2": 4
},
"FPT": {
"FPT_ITT.1": 10,
"FPT_ITT.1.1": 2,
"FPT_STM.1": 1,
"FPT_TDC.1": 8,
"FPT_TDC.1.1": 2,
"FPT_TDC.1.2": 2
},
"FTP": {
"FTP_ITC.1": 2,
"FTP_ITT.1": 1,
"FTP_TRP.1": 74,
"FTP_TRP.1.1": 5,
"FTP_TRP.1.2": 5,
"FTP_TRP.1.3": 5
}
},
"certification_process": {
"OutOfScope": {
"out of scope": 1,
"protocol, the connection is set up by the web browser on the administration workstation which is out of scope. Likewise the TLS protocol itself is outside the scope of this evaluation. Rationale: the trusted": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"CTR": {
"CTR": 4
},
"GCM": {
"GCM": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 1
}
},
"crypto_protocol": {
"IKE": {
"IKE": 46,
"IKEv2": 11
},
"IPsec": {
"IPsec": 1
},
"SSH": {
"SSH": 2
},
"TLS": {
"SSL": {
"SSL": 2
},
"TLS": {
"TLS": 65,
"TLS 1.2": 4,
"TLS 1.3": 5
}
},
"VPN": {
"VPN": 98
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 1
},
"KEX": {
"Key Exchange": 4
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"SECP256r1": 1,
"secp256r1": 7,
"secp384r1": 7,
"secp521r1": 5
}
},
"eval_facility": {},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA2": {
"SHA-2": 2,
"SHA2": 9
}
}
},
"ic_data_group": {},
"javacard_api_const": {
"curves": {
"SECP256R1": 1
}
},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2017-04-001": 1,
"CCMB-2017-04-002": 1,
"CCMB-2017-04-003": 1,
"CCMB-2017-04-004": 1
},
"FIPS": {
"FIPS 180-1": 1,
"FIPS 180-2": 1,
"FIPS PUB 186-4": 1,
"FIPS PUB 197": 1
},
"ISO": {
"ISO/IEC 14888-3": 1
},
"PKCS": {
"PKCS #1": 1
},
"RFC": {
"RFC 1034": 1,
"RFC 1035": 1,
"RFC 1058": 1,
"RFC 1349": 1,
"RFC 2104": 1,
"RFC 2246": 1,
"RFC 2385": 1,
"RFC 2389": 1,
"RFC 2401": 2,
"RFC 2409": 2,
"RFC 2428": 1,
"RFC 2453": 1,
"RFC 2474": 1,
"RFC 2518": 1,
"RFC 2577": 1,
"RFC 2616": 1,
"RFC 2631": 1,
"RFC 2817": 1,
"RFC 2818": 5,
"RFC 2986": 4,
"RFC 3253": 1,
"RFC 3261": 1,
"RFC 3268": 1,
"RFC 3330": 1,
"RFC 3376": 1,
"RFC 3435": 1,
"RFC 3526": 1,
"RFC 3550": 1,
"RFC 3605": 1,
"RFC 4303": 1,
"RFC 4754": 1,
"RFC 4960": 1,
"RFC 5246": 6,
"RFC 5273": 1,
"RFC 5280": 1,
"RFC 5282": 1,
"RFC 5639": 1,
"RFC 5652": 1,
"RFC 5903": 1,
"RFC 6125": 3,
"RFC 6455": 1,
"RFC 6932": 1,
"RFC 7030": 17,
"RFC 7427": 1,
"RFC 768": 1,
"RFC 792": 1,
"RFC 793": 1,
"RFC 8446": 5,
"RFC 959": 1
},
"X509": {
"X.509": 27
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 18
},
"CAST": {
"CAST": 1
}
},
"DES": {
"DES": {
"DES": 2
}
},
"constructions": {
"MAC": {
"HMAC": 4
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {
"TLS": {
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA": 1
}
},
"vendor": {
"Cisco": {
"Cisco": 1
},
"Microsoft": {
"Microsoft": 2
}
},
"vulnerability": {}
},
"st_metadata": {
"/Author": "Stormshield",
"/CreationDate": "D:20230808085705+02\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2019",
"/ModDate": "D:20230808085705+02\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2019",
"/Subject": "UTM / NG-Firewall Software Suite",
"/Title": "Stormshield Network Security",
"pdf_file_size_bytes": 2008885,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 107
}
},
"protection_profiles": {
"_type": "Set",
"elements": []
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2023_62fr.pdf",
"scheme": "FR",
"security_level": {
"_type": "Set",
"elements": [
"ALC_FLR.3",
"EAL4+"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-cible-2023_62en.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "73901ace86a65e05980310126626f564e5d1208e0ab7a1fc6d51141dd2b992b4",
"txt_hash": "6b7c3a22ce5c56ff9a90aeb0c8a8abc3c3073a19399f1484bb34514272d38a7c"
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "3cc4ebccb92d30dc45d2a88f9b8cb39e48c6ed156030e8994ddd5d6dd8cebc47",
"txt_hash": "c2577c96633024b322ed06ebb20251341c85032f92317e5f7593f9f8bc2d36a1"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "fa26554638022558de53c799e0bb03b7cafa6ff24fcd0de9d9fd352d2322de5d",
"txt_hash": "dd6ddb4099b283081812eaf899ba6cd78ef66beca43778a780d267b716318cbe"
}
},
"status": "active"
}