The Target of Evaluation (TOE) is Juniper Networks, Inc. Junos OS 18.1R1 for Services Gateway appliances SRX4600, which primarily supports the definition of and enforcement of information flow policies among network nodes. The Services Gateway appliances provide for stateful inspection of every packet that traverses the network and provide central management tomanage the network security policy. All information flow from one network node to another passes through an instance of the TOE. Information flow is controlled on the basis of network node addresses, protocol, type of access requested, and services requested. In support of thein formation flow security functions, the TOE ensures that security-relevant activity is audited, that their own functions are protected from potential attacks, and provides the security tools tomanage all of the security functions.
The TOE provides multi-site virtual private network (VPN) gateway functionality. The TOE also implements Intrusion Prevention System functionality, capable of monitoring information flows to detect potential attacks based on pre-defined attack signature and anomaly characteristics in the traffic.
All the SRX4600 Services Gateway appliance models run the same Juniper Networks Junos operating system (Junos OS), Junos OS 18.1R1.
The security functions performed by the TOE are as follows:
- Security Audit
- Cryptographic Support
- User Data Protection
- Identification and Authentication
- Security Management
- Protection of the TSF
- TOE Access
- Trusted Path/Channel
- Stateful Firewall/Packet Filtering (FWEP & VPNEP)
- Intrusion Prevention System