OREANDA-NEWS. January 12, 2016. As part of the continuing commitment by Juniper Networks to the Common Criteria/National Information Assurance Partnership (NIAP) certification program, we are pleased to report that EX, MX, PTX , and QFX devices recently completed Common Criteria Certification against the NIAP Network Device Protection Profile.

This is a first time certification for the EX4600 and a recertification for the MX240, MX480, MX960, MX2010, MX2020, PTX3000, PTX5000, EX9204, EX9208, EX914, EX4300, and the QFX5100.

MX240-2010, EX9200, PTX3000 and PTX5000 platforms were certified with Junos 14.2 software.  The Common Criteria Certificate can be found here.  The Security Target is available here and the Certification Report is available here.

EX4600 and QFX5100 platforms were certified with Junos 14.1X53 software.  The Common Criteria Certificate can be found here.  The Security Target is available here and the Certification Report is available here.

EX4300 platforms were also certified with Junos 14.1X53 software.  The Common Criteria Certificate can be found here.  The Security Target is available here and the Certification Report is available here.

These certifications join other Juniper Networks certifications that can be found on the NIAP Product Compliant List at this link.

Listing on the NIAP PCL is required by US Federal government policy for many different cases.  First, as the NIAP PCL webpage states- “U.S. Customers (designated approving authorities, authorizing officials, integrators, etc.) may treat these mutually-recognized evaluation results as complying with the Committee on National Security Systems Policy (CNSSP) 11 National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology (IT) Products - dated June 2013 (https://www.cnss.gov/policies.html)

CNSSP 11 applies to any US Government system carrying classified data at any level and to systems carrying certain command and control traffic regardless of the classification.

NIAP PCL listing is required by the DISA Security Technical Implementation Guide (STIG)s for many product categories.  NIAP PCL listing is required for DoD Cloud providers who are handling Impact Level 5 and 6 information, and in other Federal Government acquisitions that require the NIST 800-53, rev 4- SA-4 (7) control.