Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Understanding the Common Criteria Evaluated Configuration

This document describes the steps required to duplicate the configuration of the device running Junos OS when the device is evaluated. This is referred to as the evaluated configuration. The following list describes the standards to which the device has been evaluated:

These documents are available at

KVM is part of the standard NFX350 Junos Space Virtual Appliance distribution and can be used to create multiple VMs and to install security and networking appliances. However, in the TOE evaluated configuration, only a single VM is running and might not allow installation of security or networking appliances.


On NFX350 device, Junos OS Release 20.3R3 is certified for Common Criteria with FIPS mode enabled on the device.

For regulatory compliance information about Common Criteria, and FIPS for Juniper Networks products, see the Juniper Networks Compliance Advisor.

Understanding Common Criteria

Common Criteria for information technology is an international agreement signed by several countries that permits the evaluation of security products against a common set of standards. In the Common Criteria Recognition Arrangement (CCRA) at, the participants agree to mutually recognize evaluations of products performed in other countries. All evaluations are performed using a common methodology for information technology security evaluation.

For more information on Common Criteria, see

Target of Evaluation (TOE) is a device or a system subjected to evaluation based on the Collaborative Protection Profile (cPP).

Supported Platforms

The NFX350 is available in seven models. For the features described in this document, the following models are supported:

  • NFX350-S1

  • NFX350-S2

  • NFX350-S3