ON THIS PAGE
Understanding the Common Criteria Evaluated Configuration
This document describes the steps required to duplicate the configuration of the device running Junos OS when the device is evaluated. This is referred to as the evaluated configuration. The following list describes the standards to which the device has been evaluated:
NDcPPv2.2e—https://www.commoncriteriaportal.org/files/ppfiles/CPP_ND_V2.2E.pdf.
PP modules for NDcPP are as follows:
- MOD_FW_CPP v1.4e –https://www.niap-ccevs.org/MMO/PP/MOD_CPP_FW_v1.4e.pdf
- MOD_IPS_V1.0 –https://www.niap-ccevs.org/MMO/PP/MOD_IPS_v1.0.pdf
- VPNGW_MOD v1.1 – https://www.niap-ccevs.org/MMO/PP/mod_vpngw_v1.1.pdf
FIPS—https://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf
These documents are available at https://www.niap-ccevs.org/Profile/PP.cfm.
KVM is part of the standard NFX350 Junos Space Virtual Appliance distribution and can be used to create multiple VMs and to install security and networking appliances. However, in the TOE evaluated configuration, only a single VM is running and might not allow installation of security or networking appliances.
On NFX350 device, Junos OS Release 20.3R3 is certified for Common Criteria with FIPS mode enabled on the device.
For regulatory compliance information about Common Criteria, and FIPS for Juniper Networks products, see the Juniper Networks Compliance Advisor.
Understanding Common Criteria
Common Criteria for information technology is an international agreement signed by several countries that permits the evaluation of security products against a common set of standards. In the Common Criteria Recognition Arrangement (CCRA) at http://www.commoncriteriaportal.org/ccra/, the participants agree to mutually recognize evaluations of products performed in other countries. All evaluations are performed using a common methodology for information technology security evaluation.
For more information on Common Criteria, see http://www.commoncriteriaportal.org/.
Target of Evaluation (TOE) is a device or a system subjected to evaluation based on the Collaborative Protection Profile (cPP).
Supported Platforms
The NFX350 is available in seven models. For the features described in this document, the following models are supported:
NFX350-S1
NFX350-S2
NFX350-S3