Manualshelf

Common Criteria for HP Networking Switches

ManualsBrandsHP ManualsComputer AccessoriesHP 20-port 10/100/1000 PoE+ / 4-port Mini-GBIC zl Module
12345678910
5
Scope
HP Networking Switches are intelligent network switches that provide a set of platform and
software features that make them suited for enterprise edge, distribution/aggregation layer,
and small core deployments. The Target of Evaluation (TOE) for the Common Criteria (CC)
evaluation was the family of HP Networking Switch Models 3500yl, 5400zl, 6200yl, 6600, 8200zl
running Version K.15.09.0004 of the HP Networking software and the Model 3800 series running
version KA.15.09.0004 of the HP Networking software are included in the evaluation. These
switch models have a common ASIC architecture, unified software, and a unified set of easy-to-
use management tools. The TOE was evaluated against the EAL2 assurance requirements (Part 2
extended and Part 3 conformant) augmented with ALC_FLR (flaw remediation) as defined in the
Common Criteria version 3.1 R3. Under the Arrangements on the Mutual Recognition of
Common Criteria Certificates in the field of Information Technology Security, only CC
requirements at or below EAL2 are mutually recognized.
The CC permits comparability between the results of independent security evaluations. The CC does so
by providing a common set of requirements for the security functionality of IT products and for
assurance measures applied to these IT products during a security evaluation. These IT products may
be implemented in hardware, firmware or software. For further information on the evaluation, refer to
the Common Criteria “Validated Products List” (VPL) available on the NIAP Common Criteria website.
The evaluation process establishes a level of confidence that the security functionality of these IT
products and the assurance measures applied to these IT products meet these requirements. The
assurance measures applied to this evaluation analyzed the development, configuration management
(CM) process, QA procedures and testing, User Guidance, and basic vulnerability analysis of the
product. The subject criteria for the assessment of the inherent qualities of cryptographic algorithms
were not covered in this CC evaluation. Should independent assessment of mathematical properties
of cryptography be required, contact HP Networking for further information on our separate FIPS
evaluation effort. The evaluation results may help consumers to determine whether these IT
products fulfill their security needs. Consequently, the fact that an IT product has been evaluated
has meaning only in the context of the security properties that were evaluated and the evaluation
methods that were used.
Purpose
This document defines the operational assumptions and configuration conditions required for the TOE
to be installed in the CC Evaluated configuration.
The TOE was evaluated for the following security functionality:
Security Audit Functions
Cryptographic Functions
Information Flow Control Functions